Filename
|
Hash
|
Operations
|
Source
|
C:\Boot\BCD.LOG
|
-
|
Access
|
|
C:\Boot\BOOTSTAT.DAT
|
-
|
Access, Read
|
|
C:\Boot\cs-CZ\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\da-DK\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\de-DE\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\el-GR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\en-US\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\es-ES\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\fi-FI\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\Fonts\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\fr-FR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\hu-HU\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\it-IT\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\ja-JP\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Boot\ko-KR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\nb-NO\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\nl-NL\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\pl-PL\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\pt-BR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\pt-PT\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\ru-RU\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\sv-SE\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\tr-TR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\zh-CN\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\zh-HK\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Boot\zh-TW\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\BOOTSECT.BAK
|
-
|
Access, Read
|
|
C:\Config.Msi\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Documents and Settings\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\MSOCache\All Users\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\kq7pKfOLqG2bZuuj_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\kZa1BUBh3JSLsOTa_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\ADKXforGZ3gskyGj_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\gvsRGPev8Z4rSQz7_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\9ZGzk9iNopLJ9jYv_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\bxzUZxfDvgjdGW5h_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
6920613923a1f23d0ddc7e1445285c36
SHA1:
b58dae393d6ae52e4a060e2330ef00e66177b3fd
SHA256:
6d8fa20721f9a522f2eeb5ed09825ebe2069659d01d1efb1067f2af6029e6cb4
SSDeep:
96:BLVMu1V+LnPcCjVFAeJ8PM61DUqwyQlexZlj5xTB6zHze8neb44HT867:PMWI0gVBJ8PTFpxvoHy8CI67
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\wI7obYSqFjiIdTL6_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\nJpHIWJexNSAXHyl_ENCRYPTED_BY.WHITEROSE
|
MD5:
1a954b26ca45ad12df22b26c830b209b
SHA1:
f94ed732d9563866a0c6a95f17dfe43ce0e7324a
SHA256:
7812e29d667d4e99fa2dc5e01b59f4645d04e49116af64484ed0db4c52bd8607
SSDeep:
48:dzKflC8+NBhxY9tB1vLsX7oiXHPMqFXGpFQUUhaZx:dGA8Oa9f1v1iXRFXGzQUUax
ImpHash:
None
|
Access
|
Dropped File
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\YtkYQyBmr3wBoLfA_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\IUWcVml3HRR6vFe0_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\cd57dl4OBqEse0Pq_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\5HhOSF87SRmKtCdQ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proofing.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\vmlaNWf1stSsGRWD_ENCRYPTED_BY.WHITEROSE
|
MD5:
bf40fad385d14cc36d9d8774f48dfdad
SHA1:
d081d9a83a889ce9f4192500df53e119c599da24
SHA256:
92f731dac0cc491d6804d6576d2e94ce093b8ebaa78e7921b8ced6850c931906
SSDeep:
96:urhwSvXv8URULEPvJMyYqjT7N+zZdCLkSAnaBWA9ghR+apkBtFQk20k2k9KXGDCw:urhlPv8pWORklStSVAA9++alR95DCVoL
ImpHash:
None
|
Access
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Office32MUI.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\VIB8oDYVKkWBcq28_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\vrwmvfQ4FzBDEuIk_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\fT9CA5AHUnV8LoIU_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\InfoPathMUI.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\WKQw2umw4kH8jGBG_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
29a5135b50b710e6c558d9f0044bd7cd
SHA1:
fbadb3a5475424079f506f87c916c12e93131911
SHA256:
c795d9b5638547b1ec74ed4878a5ec26e4df1f41958b6e86064cb04c9cf3a3bf
SSDeep:
192:Qqig7FP8573nkekreZEhXyyVsYcIz0JL/V+AkWVIm:F7V85b0hhXdVsrIz01NiWVIm
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\VisioMUI.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\y8ATTYnWYwShaKAP_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\NL0QxsekVOgY3tnX_ENCRYPTED_BY.WHITEROSE
|
MD5:
4cac5b3840c8a45ea28a4464ec789e32
SHA1:
de92a181c57a600e9ffe4c3d731092c85217da13
SHA256:
d89fd6142858508667da1ea5b3552b755a71eae9b45fe1524b7e8d82a66bd5c6
SSDeep:
48:OAEhu8w0fVNbBZmHLVE1WjgCs3/Zzle1XtIgLYU9f:sw0fDNZIfsvZzKXHLYUp
ImpHash:
None
|
Access
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\OneNoteMUI.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
1bcad97616df39d966352a37c107c396
SHA1:
5f4b96bc5dea122dd948dd5d2f526765659c4636
SHA256:
d757cd90b9f3612e64746796743c793e097daa3a6d5dbac59900498fa6047ff3
SSDeep:
48:kNESrvIb08gIjJmmercaXP/+1CQOxEKtVxll07q0xhbZuZ:keSTIZv1neBf/+0QOTtVN0+xZ
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\Njeqo83RwS9ywOMO_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\ProjectMUI.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\QS9L4vZHDJG36pSA_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\a4EffXBuNMFxDnzn_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\GrooveMUI.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\07A3lpMWHSDcuLLu_ENCRYPTED_BY.WHITEROSE
|
MD5:
8554b79c7ee4ead2694b89e988668286
SHA1:
a42b877c104d61f5105ca634fa49a2c03a5d5eb2
SHA256:
b1651d486641c899c89f4200192007d580864d0a15911294614de8db080f0f93
SSDeep:
12288:YzB05+R+ZrKqC7HJ/eUAwnQMLqPLLOz5wb07SWnKVNMJcOVaRe:IA+R6+qu1bQ08nONwb0+WJqiac
ImpHash:
None
|
Access
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\1033\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\branding.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\FVSKpA6OhpjuQaxv_ENCRYPTED_BY.WHITEROSE
|
MD5:
bb4f2f0d4edd6dbad304301de7bcf0d6
SHA1:
ea751a76ec3cc980d72b65beb91afcd0de918888
SHA256:
e579b536a2ea606f8a15f00be2f804e60407492b345f41ca8baf4131ca0784fc
SSDeep:
24:FzjceHSyhhu/vEkyjIn7+o48UwzEnMKfxNLmAsU7yQ0i4Vqtp:hjFS+cExMKVOEnJfizvVqn
ImpHash:
None
|
Access
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\MXuc16prj2IiZLXm_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUI.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUISet.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\wn7s6U07zP3M6FWV_ENCRYPTED_BY.WHITEROSE
|
MD5:
e7f5d0786c505fc994b4c71910c7b080
SHA1:
bbd24e81d1491af351dae91c1ef0f81ddf7581ee
SHA256:
65ed033d3a6c339f8346ebb83ff5914430f0aea6de618ff7a4fd3772d2ed5630
SSDeep:
192:D1G+sEZnRCGvCe6nwD1MpHNqLMaCdumt8SjDSRk7Ui+kFkZM+gfn7e2rE8T:D1dZRCeCpVHNpaC4JTUWuMM/fn7rr3T
ImpHash:
None
|
Access
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\6g8F2hNJAgnDmKCY_ENCRYPTED_BY.WHITEROSE
|
MD5:
8554b79c7ee4ead2694b89e988668286
SHA1:
a42b877c104d61f5105ca634fa49a2c03a5d5eb2
SHA256:
b1651d486641c899c89f4200192007d580864d0a15911294614de8db080f0f93
SSDeep:
12288:YzB05+R+ZrKqC7HJ/eUAwnQMLqPLLOz5wb07SWnKVNMJcOVaRe:IA+R6+qu1bQ08nONwb0+WJqiac
ImpHash:
None
|
Access
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\AccessMUI.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\branding.xml
|
MD5:
8554b79c7ee4ead2694b89e988668286
SHA1:
a42b877c104d61f5105ca634fa49a2c03a5d5eb2
SHA256:
b1651d486641c899c89f4200192007d580864d0a15911294614de8db080f0f93
SSDeep:
12288:YzB05+R+ZrKqC7HJ/eUAwnQMLqPLLOz5wb07SWnKVNMJcOVaRe:IA+R6+qu1bQ08nONwb0+WJqiac
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\F23W0UFRuv3FOPkc_ENCRYPTED_BY.WHITEROSE
|
MD5:
c4f28207712e7344064a0418ad10081f
SHA1:
6daacabeb21fbb8a63b0dfc085b6b2073abbbd88
SHA256:
66092d29766b8c1ff3f80727e87cf08556198bbd5cea9c42ba8b3ddda6181f7f
SSDeep:
48:UHN40eY7wDNPrTJylluPsrI21Y+W/nhBvgvsk3bJvE:W40eGurTMlAyI2QnrvQN3b1E
ImpHash:
None
|
Access
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\AccessMUISet.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\dfOmvjWUHNOMDXQH_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read
|
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Office32WW.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\ProPlusrWW.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
36f06434f352aec34854560acac0a66a
SHA1:
461a104ddb1bdfb542451d145673f06d74cf55cc
SHA256:
3a77b7bcb492d3f8344f39922a3c829e9ac1b14878dd1c4942a44d2e05b2ea7a
SSDeep:
768:ImVW+sw8gl2S0KZ26mhFwfbBr73j6kgh1Tqo7Wj1HDfOeDN+o:nWi8dozFPkB7WjoeYo
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\w3leFSwFmZCwxC8t_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\zAezjguvuQa27ecf_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\cr0KXW828Ze8zdo8_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\mAK04ub2Qv4ZKKhA_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Office32WW.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\PrjProrWW.xml
|
MD5:
3b930818b4bb9a4526b25cc6021eea89
SHA1:
5aa338ebe1d583f3a31b5f96c8657808f4bae755
SHA256:
c5548e29ced0d5da9b03af57516e228482e89d4f4355d46e6fde7244552dd4eb
SSDeep:
192:ouHq2F0HlUWzpq0AJYXkX3aWQaawHagzub0Qz:oiq2FuUW90YY3aWQf/Cujz
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Setup.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Hjld8AAkBCT5N3ne_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Office32WW.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
2004b2c5b035b025feed451d5edecd38
SHA1:
fbf1cf3a12eb2e043202ca002be3faa07ba90d7f
SHA256:
976936f5f3b4c55c36fb3e97e9c0f558f90de2d1989c795d0548187f1ce96c95
SSDeep:
384:/Gkg7hNiNZb20KMdH2nHMhLPBlArtoA3rhzPozSK2suczrnNO:/Gk24NZb2pLCLPBC9zgzS8jzrnNO
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\URWff2HlQ1SGCQGK_ENCRYPTED_BY.WHITEROSE
|
MD5:
133f18d7aa609e04c0b7fb05090c0c3e
SHA1:
b5589801a1124a6e7ce4534fe73d4bd9be6f8fc1
SHA256:
3760be45c650d7aa3b2de0d5414291f5ad4509b03dd71e78968a43ec2b908268
SSDeep:
96:tatjrKhzOz+HNsf1gdXjTMD+dSpGJ4uM12:tCrr1gpfU4Sslt
ImpHash:
None
|
Access
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\VisiorWW.xml
|
-
|
Access, Read, Write
|
|
C:\MSOCache\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Perfect.sys
|
MD5:
ea6d12c0226873ad0648f15f5f71ca1e
SHA1:
69acc0a91cd7d7c2f04d65c66678335cb2de5c39
SHA256:
0fbe7ab43c2cd6977d5b4fff0706cb412bc6bc76d78ec0d2185f4833496077e7
SSDeep:
3:c2FyNYjSMLK:JDLK
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\PerfLogs\Admin\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\PerfLogs\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Esl\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\W56mun3MK11VCpX6_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\1CZH0NZCSRyoa24R_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\fbmr5YeXC4eV585h_ENCRYPTED_BY.WHITEROSE
|
MD5:
cec0ea8a73723f3ae220aacd74bb06d9
SHA1:
1cfd9d271c3da26e0616b124ed10b17ea874ba6b
SHA256:
0d208d4be5489bda6d22f63e25d93710a276a110d90ddfe5cdfef7a20e09da20
SSDeep:
24:kHDOvj0ufCd/9uiP1WNsKmt9T1hfEktOmjF5epsHvPNSv7zLkngnVLqHa:COv4ufC3u61WNsltC1mZ5ey9SzzYgZq6
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CAT\4bS2NbWsZI8TJD0D_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CAT\7LLlrATi7zGmgeep_ENCRYPTED_BY.WHITEROSE
|
MD5:
6392356a68591798d676ef6dd86ef3d0
SHA1:
b825337836e493d6ef0d025837a570822cbc1722
SHA256:
388c99f280c6fa64bff1dc79b2de09de01a4afd319a4d9e33d72f673a959872e
SSDeep:
1536:87xdPjS+BDRFCHayUbTV64mn3y76HpU2wep8:6PjJRFC6HUx3y76HC2vm
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CAT\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CAT\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CAT\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHS\9N1L6riUnAqSnuPZ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHS\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHS\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHS\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHS\qWhQE3v6fDESPcWc_ENCRYPTED_BY.WHITEROSE
|
MD5:
83c423f63864fd39d973c4adf231beaf
SHA1:
ddd4ab4884f14738fde5300344570964fb4aee07
SHA256:
80b6ece6ff55088ed1bc878b24ceff9217a3e8241c21b08fa67127e00cd953ed
SSDeep:
3072:7N8Jm6A6biDxmV7LpeakWx1OoOumRgXQaSiwzXqh8iHAEShE4zHJi9Tl:J8JVbbilCuWx1+HFNj7hDla
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHT\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHT\DefaultID.pdf
|
MD5:
7a07743adc3a97bf83b77ada06ef8af3
SHA1:
88a2d633f71da5230dce60f5e1d6c8f8eb9a4720
SHA256:
f415d7940cb3b24f76fc0e37d922d2ea1db8db5cc255259cdc4f209dcb880be8
SSDeep:
384:r0Ez7Zyt16ZUMsIl+/clzLxGRSqIySYgGI0jllmj4l+GxeUdraRFa:r3HZc6WIiuGRsyS/SR+Gxeym7a
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHT\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHT\lYpTXKxdEUWDCiqo_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CZE\3ncofO8ynVydFUI3_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CZE\AdobeID.pdf
|
MD5:
aab71f73715f1f2f30abf942488b365f
SHA1:
332bc037ac6ab109d66b0c69e2d95b4fdcd5a164
SHA256:
e1daf9f98bf8b51714c61ceb10571866ba1969d93191edd8d8a50062b1b93df6
SSDeep:
1536:S4G6HzeTIHGwHLXlUDNwqH8rotYsSTOGygt76FcMEa7xPmF:S4G6HzeEHGwTlANwqJtYEfgt6vr7E
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CZE\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CZE\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DAN\AdobeID.pdf
|
MD5:
da77b080d622dd76853589b86978cb77
SHA1:
af476672feb46e03db9f7a04c73e720faef10357
SHA256:
3a670d3134327a5adc01ac9d09758af9f5907f565ac86e83c4c38b1249f3dfda
SSDeep:
1536:iMsZ1/bcTX/MI8Wc2lgQsJ9ZkUeHmnGzWPa5DdfAA:kZ1jczUIhcGgQszsCGiPaHAA
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DAN\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DAN\Fd8zTuJ515Dj0UUT_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DAN\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DEU\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DEU\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DEU\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DEU\MmUebhEKdMKhf97r_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DEU\VTFwxZArXl312EH3_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ENU\8xqJoJgwnQJMO7Me_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ENU\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ENU\DefaultID.pdf
|
MD5:
64c26301efc78da770639e7bd0430b5b
SHA1:
fb3574ec6cb51b577045d0459aa78c12aa693419
SHA256:
53caca8c8eb0ed8dd78f1607fe5d8fc5e9e7b85490b230e797108a2b92ff48f8
SSDeep:
1536:ARlbP2U15986rQ/wvIMac60V2tUWNbgmDL4ugh1CXJYAU9KK7FW1Ep5d9:05P106rpvIMrAyKLpD3UY08C9
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ENU\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ESP\6AlvubrZhVHrFtZm_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ESP\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ESP\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ESP\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ESP\jeVs0Gimec70xdMu_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\EUQ\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\FRA\AdobeID.pdf
|
MD5:
a2b310e7a2f2c29af856123f969e9486
SHA1:
604b7dbb33c460ead04b4fa75b6e4cfde7685d6a
SHA256:
cc64f32928a3fc480c26716627dcf416c064286d1a1261f990354d217daaa227
SSDeep:
1536:IS4oncPUPVlNmkyr08Hi0G/t8aW5nWbwncy/5:H4mcGVKqb/05WbwJ
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\FRA\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\FRA\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\FRA\piYBygRh43xxIL51_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HRV\AdobeID.pdf
|
MD5:
611ebb0f0953bbb3892e29862645cebc
SHA1:
0dc38d9c4d48b26c1c6d7c453b8d4892a54bd17b
SHA256:
c2cfdb4865392dd3b4303821e8388be5ca05ef34ff0ea52ea0605bb23e394afb
SSDeep:
384:JsPckl6KhN8gKMs0MrJbYkfBWlHLtUoJHtOmh1yGbi+y9:CeENrNIakfYZKSOmhLbM
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HRV\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HRV\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HRV\XDUdD1Iosp2Ovxlc_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HUN\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HUN\cisahuyNpHpvmg0l_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HUN\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HUN\fRmvWUvDwyYZVTe9_ENCRYPTED_BY.WHITEROSE
|
MD5:
25e22524117c0b04bb10ee2bcd81b4a1
SHA1:
7754c22b88d535f1856382e515b5fa1e2b3f611b
SHA256:
00d48702379d57e2eb7a3ca7e42aa3d9e5b688b5f3070ec001177022ad789261
SSDeep:
1536:AVlodxxHt3yP2jIbUL314O9ivICD9Y78JV7bXk+Gwf0C2XP/vFMZ5G:AwnX3yP2jIbSX96L5C8PPBGI2XP/vFMS
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HUN\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ITA\1iYK2IfhMmis3MeG_ENCRYPTED_BY.WHITEROSE
|
MD5:
1e6d1fe79c6109c7a8a2ccda46b5c27e
SHA1:
6003f88216dd256eb61dd0595917c21db3e8bb95
SHA256:
fd8dfcb859ef6c21fb33ba4193e2b779ca25d05bfea0fc0463e574a08ca603c5
SSDeep:
1536:Bth09pja4FY6YG5aMBf+eTswnMahEnoDFdog5CuPdqG1qG:mra4mEUyWsinUog5CG5
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ITA\AdobeID.pdf
|
MD5:
874559236aebc8c3ae474127eabe1d1b
SHA1:
624596e31a3854fff75a76420ad2ed91db92a364
SHA256:
427ea28c9682bfcc18f72a8c15082bbd1d32b15e2233351b670fc93d62e33b27
SSDeep:
1536:Gzolx6/W7IV8/rhLhWCtJ2eaiDw0OSIAFrGLMfvq:Gw6QlhWne1ySIor6Mfvq
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ITA\DefaultID.pdf
|
MD5:
1e6d1fe79c6109c7a8a2ccda46b5c27e
SHA1:
6003f88216dd256eb61dd0595917c21db3e8bb95
SHA256:
fd8dfcb859ef6c21fb33ba4193e2b779ca25d05bfea0fc0463e574a08ca603c5
SSDeep:
1536:Bth09pja4FY6YG5aMBf+eTswnMahEnoDFdog5CuPdqG1qG:mra4mEUyWsinUog5CG5
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ITA\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ITA\jqfPAittDpwttukU_ENCRYPTED_BY.WHITEROSE
|
MD5:
874559236aebc8c3ae474127eabe1d1b
SHA1:
624596e31a3854fff75a76420ad2ed91db92a364
SHA256:
427ea28c9682bfcc18f72a8c15082bbd1d32b15e2233351b670fc93d62e33b27
SSDeep:
1536:Gzolx6/W7IV8/rhLhWCtJ2eaiDw0OSIAFrGLMfvq:Gw6QlhWne1ySIor6Mfvq
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\JPN\AdobeID.pdf
|
MD5:
a84fcc29b884ac63bf8aaa945870edab
SHA1:
14c596d6847eb4a5aa317589ff2810c5a7b02da6
SHA256:
da307d05574f6bc8438c8330fec9ae7bae126e649e6281380143f0868a063fca
SSDeep:
384:oeLECUYLquGsFPflmqEKKCC4H8xEYfQE5wojhVFRvqDbLpQyLbHw9PjfMoSJw:iCUYLtfPNmqVFcxN/wojhjRSDb1QyDwR
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\JPN\DefaultID.pdf
|
MD5:
1a2b71a0c69fc807c4874f577df99215
SHA1:
93ebe878aeadfeea62e10937bb73f8e2b0ffecf1
SHA256:
fd432ef8dd01a132e937072d8609c0517ee1cb18b54b4e048081f9d76db001e9
SSDeep:
384:/MvgQp5BEOO6dkvOELE7SnWIwXDgazGT6ktYGi6q+h+MytIZZOXyMyAq/J6L0fr:kgQnBEO3yvxgunW1DgToniyafVMyhQ4T
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\JPN\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\KOR\AdobeID.pdf
|
MD5:
9443c84848941d13ef74b15a7862f87f
SHA1:
128a36c787c5e9fd4db57bd9a66027b01226decc
SHA256:
64f8c7094f0fd3693fcc218fc8ee491f9932fae13a8528d01b26c9c60e487253
SSDeep:
384:H0nkMvn9plNXWYAvWzKDxEj3Cd8n1Q2sG9XpYbosAGojnJOSTiMwaOYUascjGAFP:UvPN+yWI3HvbsbosgjnlGMwaOYoS
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\KOR\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\KOR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\KOR\KJzZ7x1W3bCW9Gdf_ENCRYPTED_BY.WHITEROSE
|
MD5:
9443c84848941d13ef74b15a7862f87f
SHA1:
128a36c787c5e9fd4db57bd9a66027b01226decc
SHA256:
64f8c7094f0fd3693fcc218fc8ee491f9932fae13a8528d01b26c9c60e487253
SSDeep:
384:H0nkMvn9plNXWYAvWzKDxEj3Cd8n1Q2sG9XpYbosAGojnJOSTiMwaOYUascjGAFP:UvPN+yWI3HvbsbosgjnlGMwaOYoS
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\KOR\OisjKWXN03aqGij3_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NLD\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NLD\DefaultID.pdf
|
MD5:
7093d41497b5ce029c72736418a1862d
SHA1:
90fa9ce28a936fb6d6c8bbd1172f02f59bd0aff8
SHA256:
8c724cb6a7777f4f08fbf33c1d608b3ba655b8967bd9ae281b61f662d91d5510
SSDeep:
1536:K1SNHITEBi54Lu4jCUg8rGjCBV+9kaC3BaunTrqyFf5Dyfe:XphgYPuUgyGGC923BzrqO1Ee
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NLD\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NLD\kzFqXts99w19ynIa_ENCRYPTED_BY.WHITEROSE
|
MD5:
db11daaf002401bd5c7b6e6bb7142691
SHA1:
389b6e678541240453345a1103ed04f1325882b9
SHA256:
dbba01a9c217c9c60b721f381170e68d4ee44f673772f27fa5db6ce2118ef019
SSDeep:
1536:yxkCZzkTVF7echdjh0CvC+e1SHyaJvIVIxGrO3ZsWklYuUc94UrCoI5c:hyiVF7echdjhuWIVIxGrEZHklYuj7rHh
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NLD\yJ5yPLHroRvUNbiA_ENCRYPTED_BY.WHITEROSE
|
MD5:
7093d41497b5ce029c72736418a1862d
SHA1:
90fa9ce28a936fb6d6c8bbd1172f02f59bd0aff8
SHA256:
8c724cb6a7777f4f08fbf33c1d608b3ba655b8967bd9ae281b61f662d91d5510
SSDeep:
1536:K1SNHITEBi54Lu4jCUg8rGjCBV+9kaC3BaunTrqyFf5Dyfe:XphgYPuUgyGGC923BzrqO1Ee
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NOR\AdobeID.pdf
|
MD5:
06bf491e3cfbf0ed0e7381b446571f5c
SHA1:
cbed70752192242a23edb4608c7d1df35f739542
SHA256:
0080e6402b90ad056ddd6aab92128213814b02fffafff6add467f02359b26845
SSDeep:
1536:Tm4HivhJi8GUBdBSTNdYZrEEs4vyveG8YnLOv/Ta+:TIvLi8GmBST3Or/yHCv++
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NOR\DefaultID.pdf
|
MD5:
e4911ba66feab0dd4affd73bb21543ed
SHA1:
0504239c955f157d66c294381d6a7aedd98b5b0c
SHA256:
7084f99d69b2638513e7861f904816ef0158d69c3c8e50c9cac58d07254041c5
SSDeep:
1536:+v069EqkoOLvg9vAUVcUECK6D2cABnnTPdiRoAU4o:8KqkoiEvAYllJ2/l5TApo
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NOR\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\POL\AdobeID.pdf
|
MD5:
4c05057f24e03c7e7af441e19612d834
SHA1:
d5b98f4a14837f279cb0b3d489363308e2d1e1f4
SHA256:
01af626020e5099d306871b8971f9feeb308a473486fcf48891e5f4974dd6f82
SSDeep:
3072:1x33JNCj/c+Omr+oVNVW33jOmQpAZ2pfzT8yRz/H/koHJt7eQd1SfDoErZ:1RJNM/ZOY77myDDR7xHHSQd1WDTZ
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\POL\DefaultID.pdf
|
MD5:
23259bd575e97860ab0bfbdc9ede770b
SHA1:
06d7a512dc3157f46849b82dbf314b9c6cc7de66
SHA256:
5bbbc9db2a0062cb88ac9ec4ea71689d7f99d01e554fd1524d7a59635f1aea49
SSDeep:
3072:qMCv24jxYND+NoOATMOUzBN+QvfBK3iYju2T8EVlFQ:qMbnV+5P9Nv5sK2T8EbFQ
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\POL\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\PTB\AdobeID.pdf
|
MD5:
16896558a7cb3482bfe876bb6a5d0e5f
SHA1:
9c1bd3f575111144c853cb93d385b07f34bcea94
SHA256:
a3935748be9c4a65e3f4c62cab17ec4d11a42bdc82f134e6cc9471673bcceaab
SSDeep:
1536:UYM1cO66bKwG/ZvwxYmiaorZj0U+lWjKahSh+Hx0a47+Rlm4OJiuH:UBpbKjZvMiaodj3+ojKiqkx0a47+Rlmd
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\PTB\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\PTB\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\PTB\qNChZAXRykPgCfGq_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUM\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUM\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUM\GradD6OfvDdXuZtz_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUM\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUM\J26yhtL7CuMr4Bzl_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUS\AdobeID.pdf
|
MD5:
c74f4e8744d805833932f27cf81f37fc
SHA1:
b9326d5ed63e957255dc8ad28d080e365649a59b
SHA256:
03de49a852f0beafd78a7c5373ab6fb79d518942950295223eb8382c75a82537
SSDeep:
1536:xeiqqRP1SczfSraKBjpZn6We05I1QthErlylq3PkLjXn0CMsz/5ljQ+pPEi4z0xf:zq6tShdn6WvNeBlmjkUDjjPG03dNgw
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUS\DefaultID.pdf
|
MD5:
7191f47f7818f91a052285309bb3558c
SHA1:
8a16848a986d830e34c399f97172698eaf06dd55
SHA256:
fc1355b80e91b8b7f1b960dc23403d7ac87e0624ea92466f430d84dc6419a8e2
SSDeep:
3072:o5U7Gm0d72KUrsFI4Xd3iz6x2w88cuPhK8Pv:VGmkksFI6Fi3w88cuc8Pv
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUS\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUS\MzYTWSIWKlkVAdF9_ENCRYPTED_BY.WHITEROSE
|
MD5:
c74f4e8744d805833932f27cf81f37fc
SHA1:
b9326d5ed63e957255dc8ad28d080e365649a59b
SHA256:
03de49a852f0beafd78a7c5373ab6fb79d518942950295223eb8382c75a82537
SSDeep:
1536:xeiqqRP1SczfSraKBjpZn6We05I1QthErlylq3PkLjXn0CMsz/5ljQ+pPEi4z0xf:zq6tShdn6WvNeBlmjkUDjjPG03dNgw
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUS\trGNmivLSi8V0vyV_ENCRYPTED_BY.WHITEROSE
|
MD5:
7191f47f7818f91a052285309bb3558c
SHA1:
8a16848a986d830e34c399f97172698eaf06dd55
SHA256:
fc1355b80e91b8b7f1b960dc23403d7ac87e0624ea92466f430d84dc6419a8e2
SSDeep:
3072:o5U7Gm0d72KUrsFI4Xd3iz6x2w88cuPhK8Pv:VGmkksFI6Fi3w88cuc8Pv
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SKY\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SKY\ajoINIhz2fSUHNrH_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SKY\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SKY\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SKY\pYXEqc9YXxgBzweQ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SLV\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SLV\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SLV\gram7wcfeYZTO2Df_ENCRYPTED_BY.WHITEROSE
|
MD5:
6828d44d6f383bb90d619034a3ac6a9d
SHA1:
198c3a10536cf44ea14754593917ff6920890ce3
SHA256:
f3cf8199e2fdc853f9507d755eb45bc590eadcde5db54f52b3905e3968344e0f
SSDeep:
768:36usZYrN1GWeEjenu2iwzS33a8NUWL9alQK8HGBQ4:qqeEQu2NzwZ9apWGBQ4
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SLV\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SLV\YiThwWZ5mVLSmix4_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SUO\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SUO\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SUO\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SUO\itpMInBRwZJnVgdQ_ENCRYPTED_BY.WHITEROSE
|
MD5:
47b20428a45bc90e21fd1413e1098224
SHA1:
b1e15e4e9a1a7a3e3b78737f517dd761a5cabbec
SHA256:
e26f367f6eb695a97aabfaf54a5f67462b04fa8bd5d6da27bd5cce0e21e441d3
SSDeep:
1536:RIX3DsC9E0pofRjMSTpLrQGyi1XpVx5j7IcscfJbJ6HW:RIHDsCe0pURjDpL0tQ1ecRbJ6HW
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SUO\l4j8nMyHDQiRsSjC_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SVE\7tVlsAilTEClzMja_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SVE\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SVE\cwxP36CZVf20ImI3_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SVE\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SVE\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\TUR\AdobeID.pdf
|
MD5:
346a4696c4dc5f43b89dcef8aedf9005
SHA1:
17249a7e7007feb544166ef52d4b84f497f7294c
SHA256:
621681c12348af14754b3c799a489b6505e93a896de646849a4fe42fb7e7b0b5
SSDeep:
6144:+Mu7cqyK/IrnEWrWyh0aKReQqxe1PcZkTuk7G57f+bS7TIiOrrO9UKGfHphah:+MQLQrnEvyh7GHqxe1YM7y+yMiOrrOmk
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\TUR\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\TUR\h9FyjlZqk9j9mdon_ENCRYPTED_BY.WHITEROSE
|
MD5:
01a9ecfa47c139c6e5341d79e5d610f8
SHA1:
29ca142a902cb7241e755d670a3d32b2f1392cce
SHA256:
fb530e280a17af7e25c774e57574b350f3cf8fdc2d952dd01b64c871dfb2a26e
SSDeep:
6144:lsJ6LhDZ9yuckUmQgVbQ679c5+bAZz1IA//A2K/iLhL:w6L1yuckxRVU6edpZ3AEVL
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\TUR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\UKR\AdobeID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\UKR\DefaultID.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\UKR\faBkpNaTedhNdCAv_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\UKR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\UKR\NrNsBkGddI8v7HZF_ENCRYPTED_BY.WHITEROSE
|
MD5:
45bd06758cf965d702a349d93127236f
SHA1:
dea0e5e795a6f07a4930c89f5eb8b18b5050f943
SHA256:
7d95cb513c4b87c11ffa3311db030599c284e5e052bde79e66b42320c6dc57d8
SSDeep:
6144:bx9NTWs+IKvRpq3svjNOoTwlltGbwnBnOQNhn0yu2glbR0n5Ojf:brNTb+FvR03yjoYwftRn5Xn0/2glbL
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Javascripts\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\CAT\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\CAT\KuJdHMRF9N6aX7aM_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\CAT\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\CHS\Ds8L9hx38aGmPvMW_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\CHS\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\CHS\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\CHT\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\CHT\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\CHT\uVktMBBknBoE5Zal_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\CZE\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\CZE\license.html
|
MD5:
fc984140b41ccedc59ec5daba2b837e3
SHA1:
84f2bf9585b867a5bdc690feef96012f56b27412
SHA256:
4a12e9508530eb437c89e20e1d7f6fb022427ae5813ed0237c9ce1ef6452e9a0
SSDeep:
1536:e7IXW4uZUQ+/oLK3BbH5U+rGSbj0wQw9hDaNYy9/C15:e7l/ZcokZTV01wrRy8
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\DAN\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\DAN\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\DAN\WGz3qbkgakDxeRFQ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\DEU\1fsm6Ah8hbb3NtLC_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\DEU\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\DEU\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\ENU\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\ENU\kqZRh2UUreawlqsp_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\ENU\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\ESP\2hHMIrHIzbWwTIlc_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\ESP\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\ESP\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\EUQ\es8UAJW3Pwri0wWC_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\EUQ\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\EUQ\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\FRA\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\FRA\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\FRA\zDDoNayPZzqNHuDp_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\HRV\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\HRV\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\HRV\q7R8rtC8g106WZ3P_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\HUN\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\HUN\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\HUN\OQhWijbKxVG54yPo_ENCRYPTED_BY.WHITEROSE
|
MD5:
d2f69ffd0a06721fddbb864f593f585a
SHA1:
326cecee8d6b44e36454a6b8192591f38aa73b95
SHA256:
0ce39da23b7ecdaf9a21881323f184d87c8937279faf4798eeb76a4a8914a693
SSDeep:
1536:HjiL6CJM/lzXZL3fWgmZcqd1ebc6RCfnX+lX52Pc9Gt:HjiLHKzXZL3IZczb9Cv+tOcot
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\ITA\497FxMpIhlEvmfN6_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\ITA\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\ITA\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\JPN\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\JPN\license.html
|
MD5:
89028bd97ec470ba1d3ebbedbed84cf3
SHA1:
4630e0967bc188ea8de067942ce6d707f8fc1a37
SHA256:
d2578e2a8a16efba4304dc2d0b3360f59336538c0f6c1c49809e799d64285e05
SSDeep:
3072:KE5n44pgFN2In9ouvrdYnrxIsxGN8Mo1ZT5zg9:1ld80IfiGswis
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\JPN\UBjnb7t1zMnMBJbv_ENCRYPTED_BY.WHITEROSE
|
MD5:
89028bd97ec470ba1d3ebbedbed84cf3
SHA1:
4630e0967bc188ea8de067942ce6d707f8fc1a37
SHA256:
d2578e2a8a16efba4304dc2d0b3360f59336538c0f6c1c49809e799d64285e05
SSDeep:
3072:KE5n44pgFN2In9ouvrdYnrxIsxGN8Mo1ZT5zg9:1ld80IfiGswis
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\KOR\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\KOR\license.html
|
MD5:
087d8558b6c60f64e26bb080870c9d85
SHA1:
4105a2659f2c9c05963960d5e495574cc2f526cd
SHA256:
96ee637eab2167dbe7c4025a0c685f9840402e3c04fdbca62579bba3369af7cb
SSDeep:
3072:U5HZS1UPN2BilJi4LzKhSU4kCMQvSy3nvLupXjIVr:U7bN5LLzKwjLhqkeX+
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\NLD\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\NLD\ikKc4W4DQHVMHjY5_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\NLD\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\NOR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\NOR\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\NOR\lUDxHk2tXytffV5Q_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\POL\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\POL\license.html
|
MD5:
8277d51e6992271cce79e2610713fac5
SHA1:
a34dadc10f0fb9e0d0aa1570981c82505470efc9
SHA256:
7ad15cfda57065e71952e42c4f8219aa7529a09b0fdf0da1de56fb31eee51e5d
SSDeep:
1536:KmUsc1TIMYvgiPO2GPhTL66WWZv1lNwcrRxkfQpLOtlVmI07JSNbA:KnsoYgPhTe6WWVvNwafuqSnNyJOM
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\PTB\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\PTB\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\PTB\v4eWNS6tH5h9qrXk_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\RUM\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\RUM\license.html
|
MD5:
02da322e5eeea24e6c85186af078a684
SHA1:
77d6a7456637b1f352fab8c16af1d5ca67a8f30b
SHA256:
bfb91910be7b3e360a555c35eef8b1df12f1cf2426b76765cc408f0227710d64
SSDeep:
768:JycN1ZhS/9fq/JSrCbqT/MNUMP3sS7Lhm/wN3zkTg3WlwphNgfzY4UQoYWGfM42h:XNBl0raqTkNDLE/wN34c6UQosfGzd
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\RUM\LIOSrmVSElFOiaKt_ENCRYPTED_BY.WHITEROSE
|
MD5:
02da322e5eeea24e6c85186af078a684
SHA1:
77d6a7456637b1f352fab8c16af1d5ca67a8f30b
SHA256:
bfb91910be7b3e360a555c35eef8b1df12f1cf2426b76765cc408f0227710d64
SSDeep:
768:JycN1ZhS/9fq/JSrCbqT/MNUMP3sS7Lhm/wN3zkTg3WlwphNgfzY4UQoYWGfM42h:XNBl0raqTkNDLE/wN34c6UQosfGzd
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\RUS\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\RUS\license.html
|
MD5:
c5ee6362caadacbd01c568c44d5306c8
SHA1:
2c0d74f5bfcaf754f479e222f980f3292abbde3b
SHA256:
067536b40f998c761b174726764cbd278cf7467d2c421bf5394c94d2991ff397
SSDeep:
6144:lLRd+Vm7fBabGlWGY4HLTZIcVkJbY5tVlAHzXxy5V/Q13oUzxP:PUVm7IbGla2tXistkE52trzp
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\RUS\rzvNSNIGMjrOQsEf_ENCRYPTED_BY.WHITEROSE
|
MD5:
c5ee6362caadacbd01c568c44d5306c8
SHA1:
2c0d74f5bfcaf754f479e222f980f3292abbde3b
SHA256:
067536b40f998c761b174726764cbd278cf7467d2c421bf5394c94d2991ff397
SSDeep:
6144:lLRd+Vm7fBabGlWGY4HLTZIcVkJbY5tVlAHzXxy5V/Q13oUzxP:PUVm7IbGla2tXistkE52trzp
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\SKY\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\SKY\kxTjiio4KH41ITeo_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\SKY\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\SLV\3pBeJIaSTEP1ga0b_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\SLV\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\SLV\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\SUO\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\SUO\license.html
|
MD5:
9091fc6d36188b2041a4b8db140eaa85
SHA1:
822c46f08ca14968a5020228cbc7aacb33bc460f
SHA256:
0250bd317cc927a663d8efb32426c8154a7ff059b19b29f5129004b4d50addc0
SSDeep:
768:faDWwxFikzFpUCdBMV/1WrkVppruxkIwrHIK41Ti+R0eGeQHTzEVT3+wKzZF2WBz:fjwxFNdkIgpVgGWHEHTzy3+3P2CEg
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\SVE\1sx2PamjNKNF9yki_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\SVE\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\SVE\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\TUR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\TUR\license.html
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\TUR\TqVxeG3GL9oS1YVs_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\UKR\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Legal\UKR\license.html
|
MD5:
975c2b863940faae30f543bdfaf2f4ad
SHA1:
e9f77fbfbf96e42bf6e614d4220c7282a26cbf6b
SHA256:
c5f0e3a5b3cf2b1b6770543ba75666f2acbb8baedeae1f0d10e71fc5905a2296
SSDeep:
6144:PsumoRvVTxOy4pA6rVrSBE9cgOvbFnklf:U5oR7Oy4pASVOzZklf
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\203c410uTU8VGL7r_ENCRYPTED_BY.WHITEROSE
|
MD5:
e3c4f591f33846bed69b6592bd59749f
SHA1:
afeef7ada531abd9e1f03b5c22b90dc0b66d378d
SHA256:
42b71c189eadac4851f9e6030abe89d9b217f7c424037de03f0fc548c7ecb73a
SSDeep:
12288:4nBqZlmwwnDYNz/gvVEElad+xD+KpcJ/5UvqG:/ZgwwDug9EAa8p/pcJR6qG
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\4xvHJZE2b8HtDCVa_ENCRYPTED_BY.WHITEROSE
|
MD5:
07955e5b4b06fe2e849f67a822890b02
SHA1:
d918cb31450c9cd97f77e6d0cea7184e3db48994
SHA256:
249856900bb8691f5ee4579d8eccc04e63153aa65d670885f1ca36a381a42c15
SSDeep:
192:GaK7QEQTjRCUeOYlk2I45iTUsgSujmGVZtzvbGVbot7yiWGnoQr3tYUTORLMn+cE:sc7te4JDq1xVZtLaVbCTnoo8OE
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\7EuCf4pnU28yFypN_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\7KEOZm1q89PIDbbu_ENCRYPTED_BY.WHITEROSE
|
MD5:
7e39bdf64058d378261d786d678f6c4a
SHA1:
68336918a5fc53d0b98827186d745c79709c7b68
SHA256:
3ee3e4755b223e9369b5bae5899e9668a86b1aa9083001fbe763b28d618e0275
SSDeep:
768:s3HVMYpXVUsyuOBtV4CI0ygxhN6rCab2jFEV:OVMYpFJRot2GNN6sjiV
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\accessibility.SUO
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Acroform.SUO
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\AdobeCollabSync.SUO
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\ahCB9xduCqVNRhZV_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Annots.SUO
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\BRdlang32.SUO
|
MD5:
e6b5d632b5d7c0e3a3cce1d5030003ac
SHA1:
06ba5b78edc1b7e4c7a7700641893e8efbf2ab47
SHA256:
e922b51ce9304044b1f9b3690812c7199d1c5306514a597aca9b15d8284a2dc1
SSDeep:
384:8yZr0wn+UrVeEn/N8hoSPI0F9T715zvFqbxa:8yZoalReEXF03T7Xzvsbxa
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\CAWLDMKY2b2fwtSg_ENCRYPTED_BY.WHITEROSE
|
MD5:
aeaf7a41a2f964b4edbffbe8ea69301f
SHA1:
777804b2b40b4146a53806c9414f6eb2b5d320f6
SHA256:
91a39bd911c33b7a3765e74b544506000dc920ecb1a212b8a840f7d84ec5552e
SSDeep:
96:GFyDSmN1F0cy2PvmSjntBEP055apMmrKRqbJsCFyiD+73jz+9cttVxlEGY:GcDSmNOkrBFGWR3Ii3jS9OvxCJ
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Checkers.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\DigSig.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\DVA.SUO
|
MD5:
f151e8748dd2e03da64f94698531cf9a
SHA1:
49ba5c35286f55007ea42c9d58a48edb93236572
SHA256:
81876eb1e33d10f97c79c61f133476ce2f8258a19baf44d0efb6cc26f1b5ba57
SSDeep:
384:kPKZEM6i9tWvEZdt+pCKZ7vlJz+g0W8HyORE0udP+lHCYK:kcXtWvEPt+pbT+UORjw+G
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\dXG8vfLnWncrnxRo_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\eagUBKk7DBogq52n_ENCRYPTED_BY.WHITEROSE
|
MD5:
93856a87130f240b2d5478a0d17530d3
SHA1:
f25fded098c560e7210916eb2fdf98fe6fd37bdc
SHA256:
446bca58b727b99551cdc07ba625edcb5152af5b2d30c5b914df99561fc18f7f
SSDeep:
384:FDpQAsfeP11AgS1DHZg4By+omr6f18SovGjdsRju8Joh/ISyPT5KyR+jIGyoqm6L:TjPv9SFq/+9mfmSWGjiR4/ISuMQakL
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\eBook.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\EScript.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\flFKy0Mpqfmb3Pgq_ENCRYPTED_BY.WHITEROSE
|
MD5:
992193f3777d4c092d44c36efbc16fc9
SHA1:
0e1af90d23eb6bf900cb279e8709faafee750883
SHA256:
6d64304a72a8a5e1e35f6ec681e231c54711011a2fd707411ecfe99f2285a862
SSDeep:
3072:tysCpNPy8yBlwK7ybOmpWc2aQXscFbM+1VuR33VAreU:ty9Jy4VQccFf+Jy6U
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\GYuIQywHJR0p0OoE_ENCRYPTED_BY.WHITEROSE
|
MD5:
abf908bc5d36358accc7cc3a6ac100f3
SHA1:
07246bd403147ad4c69f8336cadc4a73f8f09d90
SHA256:
ef9599cd10b45dbb7b18de5c5dc007b7c91c084f5a294866d30951db17dee2a5
SSDeep:
96:GK4saCmz2ifXopv9MsdBVI3+KupMVbk1kP2cbwzz4p5ZUFC9CPFmYY+h93A3H:GK4nzWO+BVIFu2VmObwI5ZGFDXe
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\IA32.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\makeaccessible.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Multimedia.SUO
|
MD5:
2f2deb550b04ce37fb31ae199d8ed81a
SHA1:
782add2a231f47f10cafcb7d7d477de5df3bf1a5
SHA256:
818f95adbe2607b1ae80f03dac4908b6c8a323289cbc6c9c294af08d2286b880
SSDeep:
1536:FfWK3KC8P5Fu90vYkdiM5n8NKOyWSbR6Jcc+V7lVX2NTQY/8PCH:Fl8Xu9UXdNVbUJb6X4TQc8PCH
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\nK4qxFJtFIbeIsvJ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\NwcxGsbb4ZSxdQiA_ENCRYPTED_BY.WHITEROSE
|
MD5:
3ca952a9bdc0cc0f24e58369df9c6444
SHA1:
6048738f68704e03b4a490bbd542ec5282d315b1
SHA256:
d79a0259579aa95f7d6a738fbd28fb366043c804f7216f672ee493d01d44f761
SSDeep:
384:Wp0qoAl591UHM6xnT16G8WU46kSmgpmRIWU5r:W1Zl53YM6x84/Smwwy
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\pArkm1rsnSUdaZXB_ENCRYPTED_BY.WHITEROSE
|
MD5:
85e4852d500043edfc1cfd8350ad8d0d
SHA1:
27c12007f5460914a622d4ade7343b7b6a5c2363
SHA256:
c4050dd6a72d80f5815e870f4d8a3e6c69ed08a75d51eddcf02389589246797b
SSDeep:
1536:RtrOahRAa2hm3AkmYO2S7jCqkQDdonADVHfVSWpz2H:RxOVa2EmYOf3CjQBonQVHfsWpSH
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\pddom.SUO
|
MD5:
102edca2b8868299d5fb0cd932049fde
SHA1:
77e9ac767ab0fe9f4c208d82fcce298a854b572a
SHA256:
7e9ebed5a23f7ec1fb8a2b7e1a034e5259667c67ee2103cc75531b3bc8271344
SSDeep:
192:G/VwABXypDnmcRjLeljaKFgnKX5vkeFVHIeScYWvVd3eFrOP0kXKVqmIUKZygW:owwX2nmcpSlmKenKX5vnIeSHOL3eQP0v
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\PPKLITE.SUO
|
MD5:
b54dfa656b93d7005cb95aa3ba8f5833
SHA1:
457c5cdbf13fa8096ff2cbba29396a59c88306b1
SHA256:
98b18fba4eac836b124b024cc2f8a8d28cf5f5679cfcd3a06918833b9dafde1b
SSDeep:
12288:Tx6BNL8Od3PmlnCNSBF9Umh+aylenLE+K4ue8Opv2AoXGR:Tc3L8OVuoyFrh+aylezzun2R
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\qjWLb5GjMzKJg5Bv_ENCRYPTED_BY.WHITEROSE
|
MD5:
d30a681823d8c9d98830a5ed24593a90
SHA1:
c95d8ad564ed07cb11dbecf8052e7715dde102a1
SHA256:
120e01fbc003296573f0a43652e957ba5a1de33b54445ea990ea775720504d0e
SSDeep:
12288:D3dp69LC0Tzr/9G04ApVlIzQeiLfjX3CFIGnyI:a9PZnlIzviLfjnCFPn
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\RdLang32.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\ReadOutLoud.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\reflow.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\SaveAsRTF.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Search.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\SendMail.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Spelling.SUO
|
MD5:
a261a059b2d4ac43dfdfed89e5abb0de
SHA1:
f02b9766d5dc60fcb0a224403a94e29efa902dc7
SHA256:
6ddfa2cf4f7b2014d51f7fc47e2e09f74bdd11d0723bf7744378fb1404fa4d43
SSDeep:
192:GKET88paVAzF0kyeY2zzOi8RGVEKrgfwlhC7VGSfx6DjE84bJ1EpVyyIzs8t3vjj:g88UY6x2zhlrgfwXC3sDjExt+k4Lo
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\U1JpoiIitxpLS7jA_ENCRYPTED_BY.WHITEROSE
|
MD5:
2fd253f231ce755d18324ce4c7a7ad2d
SHA1:
ed2852337de60c659ba77bc90ac2c30d1e91c60e
SHA256:
1d827107676d329920b0224bffeea84e353c71e6f613ddc8cc8cab5b1a9ce066
SSDeep:
96:GhlkqXAHa6ohr+PueQGccyekwC4rnoR/MdplCIf/+3LTWm+3gSQZmzL1:GL+xQn3wCY+/0f/+76mYgSQZmt
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\ucz5EgOUMJccQQDY_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\updater.SUO
|
MD5:
5e1d0bb99a1afc5e13b2d7a78eadf63e
SHA1:
6c7f0b8c40fdeb2b08bf4861803158a50534fc18
SHA256:
0a7a0f3a49a8e2f2f829301c67f4e9ced915b4f1ccd827b4b5e5c8b58c264fcb
SSDeep:
192:GN8vSut6GCc3l8QmorV4ovTPCOsLsC7fbGYHFisSw1tDDnmC/ovNl:MutAc1BJrmEP5sLJbGYlih2Dnu
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Weblink.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\y9dCIHna7rbWWuyb_ENCRYPTED_BY.WHITEROSE
|
MD5:
af2116dcc63a90d8c3806e7c305eb31c
SHA1:
bbd79853ee54afef226d9c813199ed4a6b06c236
SHA256:
be0b7851bf004fdf61d62fa984976a31a7ddd0aba662b54578d81ba9863a40a6
SSDeep:
96:GfXGyZK9TA6fX74Bd6A9S/KG4aHKHckFrNLcLiwVk8Z:GOY6fr4aAolRHKHb/4LdVk6
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\mdZVDszAEEDJcHs0_ENCRYPTED_BY.WHITEROSE
|
MD5:
6f20c0f75f92a5ce58ac919b7b2bf3d1
SHA1:
43c1e503801b0b9a1b71d0f76d3b99c7f89b6901
SHA256:
008a1a461e1404997e25ad0d4c7690f00044e75a85a866e090196b68af7a4f4f
SSDeep:
12:b41y+FqRITsB+q027lzz61wRLhq+Du8lNdDnlCr1sb7R9hTcAfKJrh:E1yJRITi+Glz2eRLA+DflCheVTTLKX
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\PDFSigQFormalRep.pdf
|
MD5:
52b5fe6f8b132dda3417b1651efa3b68
SHA1:
1c53d39af0ab75e0d45359bb84c25f6a70d2525a
SHA256:
37e85f404d589c67d6c0577e5b17aad5c9285156fff204148608f180f5e80506
SSDeep:
12288:At6P+c+cItibTSa/S4k9BKxkYhwyi5JnvOaQFU5:7P+L25kYhwyi5d5
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins3d\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins3d\prc\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\bpw50PHDWTNgeJMU_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\dsLtMG7edUyLkZmt_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\Dynamic.pdf
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\Faces.pdf
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\LNH7RoXlDh339LEG_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\Pointers.pdf
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\qCaBEYkyud5xANXT_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\SignHere.pdf
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\Standard.pdf
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\StandardBusiness.pdf
|
MD5:
316b2973cd6ae4f893338ea9a8ecd2f2
SHA1:
a24ae62f50475df399151c15ed79641499382d61
SHA256:
38dbf915dc9cf4224b0a18728b3fffbd40e0d5a3c448f8ceee7ba70fe7206b3a
SSDeep:
12288:H2hko62+RJFzkDtYQC2wqnBavKX2OpWerxWVqmOXbfBKiERWBKqGt:096HRJFzkDa/ynB2LyUJOr5KaPE
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT\TheYzets5QzfM2FH_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHS\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHS\Hanko.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHS\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHS\IkZXWjAyJwcIyMlB_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHS\LTShAIxoQnLc8oqn_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHS\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHS\sLAc20kdYkwcEGka_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHS\StandardBusiness.pdf
|
MD5:
7f551130f0794db5c6144faa6dd6c404
SHA1:
b6d1fa692c45b945c2a760b0d29a7507cc6214e5
SHA256:
7c5fce119e2f29a0d10f33d8932251521d769b1ee1ce8cc7227cf50c4f20743f
SSDeep:
3072:E2wPh2LnUHS+pVRdYmH4y+RPMkcyJVn/0Pjssm1DsbZ:iPh2LnaS+bRdFj6/0Pjs4Z
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHT\cKg3XCRoPcIffUIA_ENCRYPTED_BY.WHITEROSE
|
MD5:
0284475c3aa664218a704e3ee07e64ad
SHA1:
89748c0827efaa1593c69ffd3b7c9dea96063815
SHA256:
7d49a5658608b826b07846dcb7b46256834ed48d129593cc7034ba99d2cff8e1
SSDeep:
1536:8FU6fCaNtUAoUdUBQbEPbwwdeBvKN+MexBFNWB3pNR0npf:kUjafDYBQkbLN+MaBPWB3epf
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHT\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHT\Fs6VL6l5PITynOjq_ENCRYPTED_BY.WHITEROSE
|
MD5:
dc7894fc159dd8c76e20353e08aecd04
SHA1:
4bb491c1c4b90b98c18bff6feb21bf8633f5fe21
SHA256:
b5dc6bfe852ef7f0b0ccf0c606d7e718efd6cb9e4591d72f45fcb3ac429758e0
SSDeep:
768:e7LJiBs/JPbVh+R5lo39wfPdKzVThn4Ysgh20mbKD1tH8/JQT4kBtVc:e7LJAsrhEsy3dKzVThn4Ysgas14krVc
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHT\Hanko.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHT\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHT\qOvY8AvFTquSw5wi_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHT\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHT\StandardBusiness.pdf
|
MD5:
97f200a8ebae423304b5956fb50c0b38
SHA1:
0bbd93a1c40e87b0a9eaf0b44becbc530b664c3e
SHA256:
80a76fdfa64bc2e7e83ed9dda645c41de1e5621a9f64203aa4dd8bfb98da01d0
SSDeep:
3072:6Wuk+TSK3LuK/0gNI0IByCUJIb3HHpMlCAM6S/KjssZAGcNIGAztM:ykXKcgNKYCUJu3n2l1MqjssZno
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\Dynamic.pdf
|
MD5:
2f8edd496312f357ec0b946d248e957a
SHA1:
4c6c5efcab86e2fd5ebce98eb55e26d933cc9d35
SHA256:
3da1677bc936aae17c8c6de9939d05028b5ba786540d68bc724582b94e2a8966
SSDeep:
768:gndvO3gMuNi7rN73iRm3G7RmU08zqyYONlCji9:gno3Wi/R3aWEmU08zqji9
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\Faces.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\iS5HgpM64VPdl9U0_ENCRYPTED_BY.WHITEROSE
|
MD5:
410adec21e5061c602f734ee13e41e6c
SHA1:
0c7d952af37f3450ca96820f4ba8c0a19e9c1924
SHA256:
198cf4bb64becc5933c9a1faba2b686d2fcaacdf1caf00a02216ef3f3202bb37
SSDeep:
768:1zvdKkkbkVCLgRm2/EIMsKtAvpfu8unBEe5YieaKU4:1zvokkcm2/xMVtIpG8+z5YhaKb
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\lqX2VOJVaMnIUJ1V_ENCRYPTED_BY.WHITEROSE
|
MD5:
9350d43ec9a95e89afd6559f09607625
SHA1:
6a47ce09db8a7d4656dbc027c3da5d3b0ff46e19
SHA256:
34df3707fb32d07ecd03407d7051988dbb3555bff10a1944986a8b43a64e7f26
SSDeep:
768:AhXMpJ0tPiUO7xVJhFjnOimcZwPK3rbxVja63cfsRWHj01Xt0rSzE:IO0wUO7x/hF6ZLPIjj1sgajQt+SQ
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\p1RlzdGLhDWcsl7H_ENCRYPTED_BY.WHITEROSE
|
MD5:
4d53ab97ff4c71de4525bdcd6751bb37
SHA1:
520bb1d5b48c0b106de59c6de531532fde0fb417
SHA256:
d8d4db39a6a543c8bf95dec9d561d6490deb60451b570ecf3e58c01b35f8199c
SSDeep:
6144:5bXQ1+v8yUbjaniUOFAUp40vDpjZvE1436mHXM6jVNUWAXdxZpVsb9VUK93a+:5bXQ1WUbjaniBG0vd1vZ3BHXMzWAtxZO
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\Pointers.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\Standard.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\Wg4sLKb8g8LUjrtR_ENCRYPTED_BY.WHITEROSE
|
MD5:
3f0a7915067372a42a7de178b337fd79
SHA1:
0f427f1ccf030fd79d24f6c2016ecc500e2ffe84
SHA256:
6a1700cb9e76b9cacf9e1bbf4a9141089fd965c5980ba095b727c3f55cdc9224
SSDeep:
3072:KZOVA1eB5066yLCGs3VRsCOkQMDExFW4eQKQXsrF6xhZt4F5438b//1FUnMhBdRm:VWeB5JjSRsChQxFReIXL/vTAeqBziJ
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE\ZPWNp00XnYjoS4zD_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DAN\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DAN\e3AkWiNSWjzFd8LC_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DAN\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DAN\l5cOvM8vYVXsmHat_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DAN\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DAN\StandardBusiness.pdf
|
MD5:
572b33438d7660b887c494172ef4fe52
SHA1:
fd4649803e8cbf0e5c4ee1ba403df710e69dc74f
SHA256:
dad2ed5cc709f99dc45d85b740c781b84592f946a62426a82f3d9de15eda624c
SSDeep:
1536:MXCkX9inUg3FtDK4tx+4Taaqo1gIWpv+1W7BoX+Lj4tGH6iduZurIa0tJ0t5MR:MJXOUylKIHTajo1PWdakj+Kl0X0t5MR
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DEU\74UDrfEGON0wXVxT_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DEU\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DEU\GNPUzSwOI3NyoZf8_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DEU\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DEU\qdq0EHgtYQ93vSeG_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DEU\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DEU\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ENU\DnQgxZuNdaDOKGQ7_ENCRYPTED_BY.WHITEROSE
|
MD5:
e1de4a382ebd0b17fd034f58b8b87883
SHA1:
7dd6791fe5a1194d5898ecabfe0b8c2da7376e08
SHA256:
7eac2043547499cf994e31942a7397968538edbfd2b229442fab98f415f43db3
SSDeep:
1536:ALT19gBqM+eNjeW4LeRgApz/I36dRZ9/ZGLpx1JLB7e:ALpiMMPjeW2Aps+RZ50Lxq
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ENU\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ENU\P3AtoJbSFEkAx9Vi_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ENU\YymLJq8zndCiiExT_ENCRYPTED_BY.WHITEROSE
|
MD5:
67711cb8d9d7334fa881a96ff0df5b71
SHA1:
1be760586d01c5a892afc3da2c81aa4ba52d83e9
SHA256:
ad9d0ad2dd8700b4180b7c53e7abb1977e854857b7903244ff1c0af76e4b27f9
SSDeep:
768:0m4Eanh2dJ2r65WM9SHlsM0kbeWz6IDrEsWVWjUjlX6/Rarc7CHGIKH8F:j4zMdJIydSHlIoT6IDTWVW4jlGAGIKHE
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ESP\Dt1sfi6QqglYIjCN_ENCRYPTED_BY.WHITEROSE
|
MD5:
f08a8870a2071daf495bdc1e7fe35bf9
SHA1:
309f5acf4fa8c7373a484fc7525ada56120b20aa
SHA256:
e597ca989bb1b86944a3ed96de235c4c7eaf7b58f0b9c649d06f321cba0fe8c3
SSDeep:
768:AEk2OfOxOgpXg76AFJ1FpuSxumQgnQ2harGxRk:A5AxNy5t7uSxumQxkarz
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ESP\Dynamic.pdf
|
MD5:
2c1fb2ae6f0e5d2ff53ab3e44ab748d7
SHA1:
76ac19f222d4fa87281744720cab5f6eeeb3484d
SHA256:
88a0ca898db6cc1af2f16a34304719de2316af64f890ac0fca582cd4bbba68c7
SSDeep:
1536:G6QnWQaS0x/V9c3NKTwlrblE+7bzNHIz0ta:GgxdCdu+rSAIzv
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ESP\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ESP\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ESP\StandardBusiness.pdf
|
MD5:
316b2973cd6ae4f893338ea9a8ecd2f2
SHA1:
a24ae62f50475df399151c15ed79641499382d61
SHA256:
38dbf915dc9cf4224b0a18728b3fffbd40e0d5a3c448f8ceee7ba70fe7206b3a
SSDeep:
12288:H2hko62+RJFzkDtYQC2wqnBavKX2OpWerxWVqmOXbfBKiERWBKqGt:096HRJFzkDa/ynB2LyUJOr5KaPE
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\2dqh80FtHaTXPUpm_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\C9feRgspdpWIahNk_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\Faces.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\LE3wbXo9X1cqVNoV_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\Pointers.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\Standard.pdf
|
MD5:
e81556846947c6c5c64d8242c5186360
SHA1:
0ceb10c80c4f0c8a77689e006d1548dc34bf3ba0
SHA256:
88142dacb4f4cf6d39a4ba53da427bad0a69bed3b0ff0880d65e097ef42f5de8
SSDeep:
3072:tFaQIy26h+jzIsjdCruc/yL2hju/7uFb4s1a1A/o5+lnziXmDelJU:zPIIh4zIsBC62yL2pFUs1aa/owzymcJU
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\UbOOxEkQFzu0Gj1v_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ\UhY1gYVTSFdjEXMc_ENCRYPTED_BY.WHITEROSE
|
MD5:
316b2973cd6ae4f893338ea9a8ecd2f2
SHA1:
a24ae62f50475df399151c15ed79641499382d61
SHA256:
38dbf915dc9cf4224b0a18728b3fffbd40e0d5a3c448f8ceee7ba70fe7206b3a
SSDeep:
12288:H2hko62+RJFzkDtYQC2wqnBavKX2OpWerxWVqmOXbfBKiERWBKqGt:096HRJFzkDa/ynB2LyUJOr5KaPE
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\FRA\Dynamic.pdf
|
MD5:
9904c3d0bc04416eb87d90c0d661a17f
SHA1:
2b55c3007ee8134ffe1d77afa850326c2fa16d33
SHA256:
d67d25c39ea32b6a0a6e44517250514617059860df0f0b6e870003407ddd4851
SSDeep:
6144:TgX13R2KVI+UoS42v9+yIu5crNkpjdQmL:LS4zVVtiZkpjfL
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\FRA\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\FRA\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\FRA\StandardBusiness.pdf
|
MD5:
24a26083daabfe102a5d97b9eb2ff91f
SHA1:
f653a1084a28652746cae45ece51a262a329d821
SHA256:
74f0c4fa285d9997aff927ac07169588512b3b801efc63d9fbedd23f6f1653e2
SSDeep:
6144:9fzeHpdRvxcajQ777glFmHn/mgzz7U7TMttQxxm:9gdRvxcv/7uFmHn/xIYj7
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\FRA\UP5B9CIpsI6U0ga5_ENCRYPTED_BY.WHITEROSE
|
MD5:
9904c3d0bc04416eb87d90c0d661a17f
SHA1:
2b55c3007ee8134ffe1d77afa850326c2fa16d33
SHA256:
d67d25c39ea32b6a0a6e44517250514617059860df0f0b6e870003407ddd4851
SSDeep:
6144:TgX13R2KVI+UoS42v9+yIu5crNkpjdQmL:LS4zVVtiZkpjfL
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\FRA\XnXVM2FfAzDnHTgQ_ENCRYPTED_BY.WHITEROSE
|
MD5:
246c5bb52cda5325b2917a190bfd6244
SHA1:
77bd975ef5f9598923ff8e933345e50fa55fb251
SHA256:
5030ddbed0e8086fc9fbbc0b715ef103f1553abb282a5cfbcd64fe011fbdddf9
SSDeep:
768:rWxjzG8ziP3aCFtI4YbIAFxs6Q9r7UbZH17r6fn7wiLG2kTM:rWEf3hcbIAlQ9rA36P7hSK
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HRV\45PaXtnspkBWhqRe_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HRV\bABshaja9VTE4XsP_ENCRYPTED_BY.WHITEROSE
|
MD5:
491e33db9ad70f33d2d00b0352d02bb9
SHA1:
51d9358b4cb775cd3f882dc2186205a4342ec46d
SHA256:
4a06d1434b3211b8dca3a747b8e2a05af00b44045619e5201899d3d3fe05741e
SSDeep:
768:zB87arT3Qc0jAhJBG7GfRrHZwxFANZW3iu8TBGnfQUjFtI7MTnD6rE1FtPF+niKI:lWaAcCAhJBjfRiDUZWSAfQyF/DGaPFO+
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HRV\Dynamic.pdf
|
MD5:
52ac0eabc83f4f6c038f45dc22931766
SHA1:
514e14d3cf4ac6108ff66cd643174dab7871dc0b
SHA256:
b89278aa90297370ef20fa93572393f090d203589aad6c7c83834f9aeb6a02f4
SSDeep:
3072:I+P9Q8Z3DRjlYn+C9aK2kqjCkxxV9zzan2wR4zNPbyb:I2Z3DRknsjjC2V9zU2D5Dyb
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HRV\Faces.pdf
|
MD5:
a3e717bbf50cde98dfadd27abcab621e
SHA1:
7af35a08ce5408c7920b588fb434a163d890716e
SHA256:
54502ab5b6dec993db914904da242ac7c9dee3d3186e909714a38845bcad4673
SSDeep:
768:/1YMIWiYbbTdM1B7njXcocIA7AM5eQdBODe7FJ4dfdfca42fH:CMIhYbgZjsoxQ/5lyDoFJ4dlfZVH
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HRV\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HRV\Pointers.pdf
|
MD5:
491e33db9ad70f33d2d00b0352d02bb9
SHA1:
51d9358b4cb775cd3f882dc2186205a4342ec46d
SHA256:
4a06d1434b3211b8dca3a747b8e2a05af00b44045619e5201899d3d3fe05741e
SSDeep:
768:zB87arT3Qc0jAhJBG7GfRrHZwxFANZW3iu8TBGnfQUjFtI7MTnD6rE1FtPF+niKI:lWaAcCAhJBjfRiDUZWSAfQyF/DGaPFO+
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HRV\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HRV\Standard.pdf
|
MD5:
8d4a72656d0a538b05e14efb928f0d1b
SHA1:
82bde7d741d2593e7e440ae6350ffb78e45354a2
SHA256:
6785985eef214927c9174e1639c0c852f279ae18aed12d8c82b682e50805790b
SSDeep:
3072:2qaEOkbmi4pDnobVL8cGJBWeNRaPXpPK0WGOC:2AJ4pL8VL8cGJBWePSJD
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HRV\StandardBusiness.pdf
|
MD5:
2d6f272d94359832c543ff1c6bb0a4db
SHA1:
0a5c67adcb6cf811c63f260bc414dbc97db0aff4
SHA256:
6d93faf2b8469b593f8f440ef1c0d84abac9a97634948c1a814128a3505518f1
SSDeep:
3072:DSqNWGw22t5s/fYTIOFkwAsOTJ0dN9qUJlsnX36Zak:DtnYt2YTNFkwAsC0djqUjsHnk
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\7O5T4vvpVoBLMjvq_ENCRYPTED_BY.WHITEROSE
|
MD5:
db003242a227e4946002e5cb9689b880
SHA1:
2852167cb4deb38b2290f95f924ff7bd0518f855
SHA256:
aafa204eb2918050174c6a188266997ed2b938e91ae34d288c7df414c9bdf95a
SSDeep:
1536:Dnq6dvnwah6qX2N2NAiFS5PFeaE4Pjh7kwSW2pHtf0FBlhXiuB1z2nJ+R1Dkb8sD:rq6d/wah6qXs2NLo5MaE4Lu9W2z0Ff9g
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\bGLE2tUdk2BP2Aew_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\BXQoTR27qMXNywxi_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\Faces.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\Pointers.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\SEELacg7F67ZxvV2_ENCRYPTED_BY.WHITEROSE
|
MD5:
8d4a72656d0a538b05e14efb928f0d1b
SHA1:
82bde7d741d2593e7e440ae6350ffb78e45354a2
SHA256:
6785985eef214927c9174e1639c0c852f279ae18aed12d8c82b682e50805790b
SSDeep:
3072:2qaEOkbmi4pDnobVL8cGJBWeNRaPXpPK0WGOC:2AJ4pL8VL8cGJBWePSJD
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\Standard.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\W9nU7iDTAPWi8ud7_ENCRYPTED_BY.WHITEROSE
|
MD5:
491e33db9ad70f33d2d00b0352d02bb9
SHA1:
51d9358b4cb775cd3f882dc2186205a4342ec46d
SHA256:
4a06d1434b3211b8dca3a747b8e2a05af00b44045619e5201899d3d3fe05741e
SSDeep:
768:zB87arT3Qc0jAhJBG7GfRrHZwxFANZW3iu8TBGnfQUjFtI7MTnD6rE1FtPF+niKI:lWaAcCAhJBjfRiDUZWSAfQyF/DGaPFO+
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN\xt9fYMEiv28tZydd_ENCRYPTED_BY.WHITEROSE
|
MD5:
6a2b11b009e00614065cb6ed401366d1
SHA1:
64bbaae58fefac18974c33c535bddf6c485545ca
SHA256:
3dd3bc4b33a5137a66b0cb877e0d07a04422ac347da6ec880e70ce18514369d7
SSDeep:
768:4nPOhw4qoIA/mpl65fRqx/Qb+dOYnvSe6GWSkX1tj8LRfwAIN2tsFr:NwHY/mpl6qdgDX1tjSRI/WYr
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ITA\9RiiGmU2dplfTz71_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ITA\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ITA\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ITA\MGLNtVid5lmKkBpc_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ITA\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ITA\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ITA\Zjw2kFZiuQ5x95up_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\JPN\AdlY6NMf268itrSo_ENCRYPTED_BY.WHITEROSE
|
MD5:
99b03b0a42919a4d6af94bdcf6871aff
SHA1:
bfd934936616b4641c842cddc959bb95cda14d50
SHA256:
ba339e1aeb7615e35cade18091ceab95acf700818e9f567fb0d330707b74d74c
SSDeep:
768:sFN5iYtAk/60Rgg4mgRWhpjrtBhMwV353ySwX6V9nL7/SXTezOatpCNQpmNvRv:sEYty0ujCpvtBhDVBBDSXTLLv5
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\JPN\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\JPN\Hanko.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\JPN\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\JPN\QNKI1Z4AMfMOmxTQ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\JPN\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\JPN\StandardBusiness.pdf
|
MD5:
3cadb28dc7e47dc9e320c7c4638dc8c2
SHA1:
ca8f38ce2c256df893783dfb534eb3695fedebf5
SHA256:
5ce6b8a4fba2fdfa1f97daf3810313ac493caf23172be857735f96e967bba4a2
SSDeep:
3072:Xy++zJ/MHQwmoY2xlsPr76ExCONSu2oX3J2:XyzSw5L2xlsPJNxzQ
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\JPN\wFsDqoPpUdyOVPMC_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\KOR\84DF0Z68CCNAPRFo_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\KOR\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\KOR\Hanko.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\KOR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\KOR\Ion32s7xxNYLGVEw_ENCRYPTED_BY.WHITEROSE
|
MD5:
d98e39ce16c1a1222a14a2a60f259bb8
SHA1:
d3bd809296c0af8af5c9bf53d2c00cbede22fb2f
SHA256:
1e99f81e0381c7c84c9085d0e3f5d28da331e7347cf1c9b0b06357fd15c58a26
SSDeep:
3072:D5DJoou1gAG7TOIPtYkQfVDf2kWXMDzmAj8tAkVnSrG161a0XxI:9DY1g/XQfVDOk9DJYtBVnSrGrZ
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\KOR\Rn5JuueIFjoTX8Sg_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\KOR\SignHere.pdf
|
MD5:
49b1709c0817a8e86a70b95326f9626f
SHA1:
efbb98c18fb303fc5e02c37188a4ef829ba4b607
SHA256:
20256a6b86e716d87a8eb891f7e29a750de22fcbd0c5c6bcc54445db364eec5f
SSDeep:
1536:oN+sQZchAMG++T3XmmNUVgaL7P5e4z1vw:okZTi+L9NUKaL7Pck1vw
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\KOR\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NLD\BmLzqYMUvbzXxkfG_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NLD\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NLD\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NLD\jicZKAUt532w3i4v_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NLD\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NLD\sPZg7hQbNCieNOE7_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NLD\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NOR\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NOR\EtKuX3wgd712AfJi_ENCRYPTED_BY.WHITEROSE
|
MD5:
f81280fabe8f13f22ff2da752bd0e2e3
SHA1:
1770517f83094b5f87ec4a65ef811f406a012ee5
SHA256:
3e70ed45cc8d24a82f218ae920d9039934b219e3cc9004066b68c1c78ca79937
SSDeep:
1536:Et/6t//5R5Il7txPqP3EW3MwA/xyXq2F73lZPFBnd:EAt//5Uvh23d3fAgFRZPN
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NOR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NOR\llronrj6m4L20yD7_ENCRYPTED_BY.WHITEROSE
|
MD5:
9ed8ec29393fa98d8e10358a04a7fcae
SHA1:
97db53e27df72bdfc284666ebfdaba776a3f9a19
SHA256:
02f393414ebb564d6d864d08852ee3e586073ca847b5f9b8bf380f591c4c9827
SSDeep:
768:UsDrY/VdbPMeMzQRhxAfxorQc/5dokqDFYOFpOfGEoeJU+LgeDMXt:UsDrwXbKUGWDqDPFpwXJU+LzU
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NOR\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NOR\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NOR\yvRwfJyoCngNnmdv_ENCRYPTED_BY.WHITEROSE
|
MD5:
299a6e63d8eaaf63ff0af4cac9008f04
SHA1:
2830f5ea785ce1b15bc80be9d1f08f527c02abe6
SHA256:
8bbf3d7878ee63ebb4f558e8029af78d2f729135b1e2136fc6d313f102c29db7
SSDeep:
1536:IyTB3t8Yn12Nh+f5Bzy31bSf4ssP2cKLFjiAYgsnd8/18rFI:vd9hnkOzy31mf4W/RUgsq/18S
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\A7axKfKwvrSSYVcW_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\DF6RoEHmCiqlwxiI_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\Dynamic.pdf
|
MD5:
88bc519e3d2cd9006695381fad5a35dd
SHA1:
149c42b480dc725901962d53e3a9b5d86b1862cc
SHA256:
005978206f86d55c76c7f0ece115c87b815d588775d31ba2c4d7d17719cfd0dd
SSDeep:
768:wYR/JDvQ9X00GmwwFzJpnamsBME1EIcegESnMcyAzI4mm:wY7UPzeJME1EVEidyUJ
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\EzUGGk8jqbIbyUw1_ENCRYPTED_BY.WHITEROSE
|
MD5:
a3e717bbf50cde98dfadd27abcab621e
SHA1:
7af35a08ce5408c7920b588fb434a163d890716e
SHA256:
54502ab5b6dec993db914904da242ac7c9dee3d3186e909714a38845bcad4673
SSDeep:
768:/1YMIWiYbbTdM1B7njXcocIA7AM5eQdBODe7FJ4dfdfca42fH:CMIhYbgZjsoxQ/5lyDoFJ4dlfZVH
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\Faces.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\kwNMP5ubLfcl6Pbu_ENCRYPTED_BY.WHITEROSE
|
MD5:
d38ae00d54a4095c0b13a1bc1066fe38
SHA1:
714566ef13ea39e675fec49cb88cb371cd6a2f2d
SHA256:
0b2004ed36979826bcd3037caa59880f0408cf853ea005c5107c43d86348f070
SSDeep:
1536:b1nI1misM5k+h4KwmCUry87oTAYHrZ1ZRAaWMqob7HAhlg5UYM:Z/isCk+hvd7GAe1ZRRIofAhlQUv
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\Pointers.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\Standard.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL\TdtCjPXInt8SpDj0_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\PTB\Dynamic.pdf
|
MD5:
5bc3062f92ff5830a85a46eddd37f775
SHA1:
d7e6102ba7606d196c822eb4a2c139dd9d741d31
SHA256:
fdcd699ada645a95d516e71839e924e3b85477cacf8e2bee04048e5d66d0c9ec
SSDeep:
1536:LDT7yYFcMORQz32MIbrAhR3/ZxyUnoqe7Kf8bvk:3T7vcGLkbcPPZTnde7Nvk
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\PTB\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\PTB\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\PTB\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\PTB\TSJpVNkhaDGCSBuH_ENCRYPTED_BY.WHITEROSE
|
MD5:
29cb6083d002658deb38aa8f0746064c
SHA1:
99752a98e8af1b32e821fb6f8ccfd5edf06bc0d9
SHA256:
082605726f3384febda6f23497d3a68fc30cfb948ce998f4384e344b88d806f5
SSDeep:
768:ZVuKWANDHK49JXyxoq0Ydezd/10i8FRymvWXyBTkki:eiDHKGJXyCqRA1SimvZBTRi
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\PTB\WqCJzci9hue8qcAt_ENCRYPTED_BY.WHITEROSE
|
MD5:
9e0e66c7f52d70b10231c64ae3d23f27
SHA1:
71925e615414308a854970cdb1ef3ab0ec44ce9c
SHA256:
b045f59f90c55744526078f9c08e77e76be4429a2c37cc7aefbf5691f46230b6
SSDeep:
3072:nfQUOQ5S3Ymx2W5LFo6hPLsnS/1LZWbKzjnYsv:gQAX5Jo6hgnS4KzjY2
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\PTB\xHbUImJv2zI9jDNU_ENCRYPTED_BY.WHITEROSE
|
MD5:
5bc3062f92ff5830a85a46eddd37f775
SHA1:
d7e6102ba7606d196c822eb4a2c139dd9d741d31
SHA256:
fdcd699ada645a95d516e71839e924e3b85477cacf8e2bee04048e5d66d0c9ec
SSDeep:
1536:LDT7yYFcMORQz32MIbrAhR3/ZxyUnoqe7Kf8bvk:3T7vcGLkbcPPZTnde7Nvk
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM\Faces.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM\M12DXPXtL2GyDkLA_ENCRYPTED_BY.WHITEROSE
|
MD5:
8d4a72656d0a538b05e14efb928f0d1b
SHA1:
82bde7d741d2593e7e440ae6350ffb78e45354a2
SHA256:
6785985eef214927c9174e1639c0c852f279ae18aed12d8c82b682e50805790b
SSDeep:
3072:2qaEOkbmi4pDnobVL8cGJBWeNRaPXpPK0WGOC:2AJ4pL8VL8cGJBWePSJD
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM\Po1gZIYvfSRihCaC_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM\Pointers.pdf
|
MD5:
491e33db9ad70f33d2d00b0352d02bb9
SHA1:
51d9358b4cb775cd3f882dc2186205a4342ec46d
SHA256:
4a06d1434b3211b8dca3a747b8e2a05af00b44045619e5201899d3d3fe05741e
SSDeep:
768:zB87arT3Qc0jAhJBG7GfRrHZwxFANZW3iu8TBGnfQUjFtI7MTnD6rE1FtPF+niKI:lWaAcCAhJBjfRiDUZWSAfQyF/DGaPFO+
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM\S45MmqvozQ9XOS47_ENCRYPTED_BY.WHITEROSE
|
MD5:
900749b1d85b52cb28260f3dcf6a75d7
SHA1:
55474e2c8797b373bd006fa7880d2f9866a03d59
SHA256:
dc880052c2ca4a1d9378f7def85aab52adeda2874024e4a4d9d5cb7d2b697a7b
SSDeep:
3072:39qWu5GvMMy5YDonUG1PlJC7oIJccH5M3YL0EgKsCb09DjbBChynjhVVVFC55h4:g5GvdqYDov1bQoIG4AYoAsZFbBTnjFVF
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM\SignHere.pdf
|
MD5:
8f28c53157562d7f572dceac72f5425a
SHA1:
52648e35e9919cbfca605035c478033d2d9796dd
SHA256:
4c3c424156ad511b0f47e735304a7047cbc691e5acb775327811c4556c518be5
SSDeep:
1536:H4D3LUs7j3VdkMqlC4aR3AkdqejhdmM7SpxIu:Rs7j3VKMqlC4aRrbjh4WSpx7
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM\Standard.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM\SYTAD8VlnJpNQego_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\Faces.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\hj0weODgFAtWmOlS_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\ilnWSF4RXBdqt5Wr_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\OGvPaEJERa2ObxwJ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\Pointers.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\SignHere.pdf
|
MD5:
36ffef22efefe66e8867a78b84508aeb
SHA1:
1452b0f52149b260e2477ebc22d0f371129bbfd2
SHA256:
79a07071cb017517c67f0bea0c11b6bb9068879cbcc085b01a3c8b6263d830b1
SSDeep:
768:A2I2ikLZGP34YLydWKIi7HG6TaiVwhEA9//5LvQBfKxpAKDSDNOC:rHg4YLydvIWeiiVIBfKFSR
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\Standard.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\VI9iK05hTNpBk9Vz_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS\YaQrFdq6OyeVV7eE_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\2QUX4WYY8vwzrl89_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\4T0mGNnzpwg6xBII_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\Faces.pdf
|
MD5:
a3e717bbf50cde98dfadd27abcab621e
SHA1:
7af35a08ce5408c7920b588fb434a163d890716e
SHA256:
54502ab5b6dec993db914904da242ac7c9dee3d3186e909714a38845bcad4673
SSDeep:
768:/1YMIWiYbbTdM1B7njXcocIA7AM5eQdBODe7FJ4dfdfca42fH:CMIhYbgZjsoxQ/5lyDoFJ4dlfZVH
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\g4yuy6BTFQMQNpi9_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\IICStlLMfshzZD2V_ENCRYPTED_BY.WHITEROSE
|
MD5:
a3e717bbf50cde98dfadd27abcab621e
SHA1:
7af35a08ce5408c7920b588fb434a163d890716e
SHA256:
54502ab5b6dec993db914904da242ac7c9dee3d3186e909714a38845bcad4673
SSDeep:
768:/1YMIWiYbbTdM1B7njXcocIA7AM5eQdBODe7FJ4dfdfca42fH:CMIhYbgZjsoxQ/5lyDoFJ4dlfZVH
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\NjLCLC8dEkAyEvHg_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\Pointers.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\Standard.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY\StandardBusiness.pdf
|
MD5:
a91125e58ece9faec1b7c51ccb7379f8
SHA1:
71bc12616bb1a4ec3168934e8c2411aa17ce97c5
SHA256:
285437fd69e65010435920a3f6e7bfbe35555bc16cf2dac6a0788e9ac23e6b13
SSDeep:
1536:xh06zzuG3mQH5VgkAxqOT9Qq/zDLleDeXRby5ia/5Ch0BHLmJWJCzDBFsGMgM5yc:xh06zztmQH5Kk9OZbl6Jia/ECrpJCs73
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\ALaADa2cpXCWPHnL_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\Faces.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\HTXfWZWTEFJUWVzj_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\P5ZjSDeaaoAm0ols_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\Pointers.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\QqJxhFRBme2CGqaU_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\Standard.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\uTsPFcDn2kBSAqFF_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV\wWHei53ZillmHGfe_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SUO\Dynamic.pdf
|
MD5:
36e354b880d827589b81d915a846bea5
SHA1:
2d47210990d27e9920d39b7d144037e908eb6c0b
SHA256:
26a15d579f858ca56ccb8a4bb73cc90f1ccf315ccd1a0538cce5e7c48577fa27
SSDeep:
1536:zS/GAcZU9cgYuzXIFEtY9z2BYIwIsNOmIHqTvus:zSqK9fOEt8zxOmsPs
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SUO\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SUO\K78malgiyFR0WuQE_ENCRYPTED_BY.WHITEROSE
|
MD5:
36e354b880d827589b81d915a846bea5
SHA1:
2d47210990d27e9920d39b7d144037e908eb6c0b
SHA256:
26a15d579f858ca56ccb8a4bb73cc90f1ccf315ccd1a0538cce5e7c48577fa27
SSDeep:
1536:zS/GAcZU9cgYuzXIFEtY9z2BYIwIsNOmIHqTvus:zSqK9fOEt8zxOmsPs
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SUO\M0lMOcFURGCD4Kqd_ENCRYPTED_BY.WHITEROSE
|
MD5:
688b0670a3120467e6b6c16f087a79f4
SHA1:
98b6cc2998fc54319dd884e87530e467032c94c7
SHA256:
7498d835d5b17d1d59a7572f39a9c5352030b1bf037b91e054c4d1b8b53f7eea
SSDeep:
1536:CYwTzeLL4EJfXP7SN1giEGjnmpZzlCG4FBPSG4SRYh2TdfyeRRI3CC4Z4GaPKP:6Tz6RP7SN+iEGjmpZr4j4A+2ZfVRI3Cx
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SUO\qYPgBM49HDD9uMKq_ENCRYPTED_BY.WHITEROSE
|
MD5:
1883da107317622058732ebc1cb22ba2
SHA1:
2d47348c91530fcc427ce7b8a79f7a6d6727317d
SHA256:
eed1df1aa6c06c3b612e3dca35962fa2fe681878b2f79f1dbc033dc1b6defbd9
SSDeep:
768:tlEfQKhvAvDSqSlH2x4Zr22Don+4n0b8UyMI+:toQDvNSV2x4Zr22s+m1UtT
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SUO\SignHere.pdf
|
MD5:
1883da107317622058732ebc1cb22ba2
SHA1:
2d47348c91530fcc427ce7b8a79f7a6d6727317d
SHA256:
eed1df1aa6c06c3b612e3dca35962fa2fe681878b2f79f1dbc033dc1b6defbd9
SSDeep:
768:tlEfQKhvAvDSqSlH2x4Zr22Don+4n0b8UyMI+:toQDvNSV2x4Zr22s+m1UtT
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SUO\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SVE\aoqvGANMXrXBBGJ1_ENCRYPTED_BY.WHITEROSE
|
MD5:
1a0a94239f763cdf347307b504c968be
SHA1:
a6f2b7c1eb1a8b04933a6eee6ccdec0701ec909a
SHA256:
6aaeb36e7f5f63f22cb1965cce9c83ef97901b397e4d6930a2d5c3412dc2beb3
SSDeep:
1536:8F1hB+Jz1xFv6miZaZ9OGSZs7HLMV2tajZuW950HBcA/0os:81Byvv6faObK7HwsUjZbCR/0os
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SVE\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SVE\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SVE\Sg9q82AA6oJB0YCM_ENCRYPTED_BY.WHITEROSE
|
MD5:
6c49f301838e38819320c3ca5eeb11e7
SHA1:
6a1b37915c91cffbe1745fa46d49e3a36178d98d
SHA256:
bfa0c40d94cb0912f2e06177807fd85061d5b1186f41148706ebe6868dcef4e5
SSDeep:
768:KDUmwLxJ+Kk1GsSHjP2jPWLrghhJnAMR2ky/k/OkATwOX39DDZdWXe2AwG4h3TdW:IUJ4KkZU2j+IhhFDR/ySOf8O/dWX64hc
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SVE\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SVE\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SVE\z0QlxqmpdluBHfwz_ENCRYPTED_BY.WHITEROSE
|
MD5:
f669538170e4ea7519691025b1eb728d
SHA1:
b8587a748ed0affa4f89d4821125e775c4a57d42
SHA256:
88e24611db379dd38193b38a7f4cc051eda9ffc0928962aef4310c623c8147fd
SSDeep:
1536:nEBsA+xCJVKmaapVanpx0uH7rXgkqQpoAuvNMwz+CblKTZvr6O4NeOnGPo319Ldw:nQsLEYmaazcx0kgXQuvNTblKdj1sgN
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\Faces.pdf
|
MD5:
a3e717bbf50cde98dfadd27abcab621e
SHA1:
7af35a08ce5408c7920b588fb434a163d890716e
SHA256:
54502ab5b6dec993db914904da242ac7c9dee3d3186e909714a38845bcad4673
SSDeep:
768:/1YMIWiYbbTdM1B7njXcocIA7AM5eQdBODe7FJ4dfdfca42fH:CMIhYbgZjsoxQ/5lyDoFJ4dlfZVH
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\FmObzxS0EajJM8uP_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\LkG0gPQ2fT4YZ21D_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\Pointers.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\qB54bKqHuMcSWJVZ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\SmiCQjaEhurL8Bpt_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\Standard.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR\Yu7g096kvcyKdPA3_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR\4EiBh3eiv9Jim2Ff_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR\cNU1nAiifEwaxwyJ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR\Dynamic.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR\Faces.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR\IVHwdWPZL2TdkJAB_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR\Pointers.pdf
|
MD5:
491e33db9ad70f33d2d00b0352d02bb9
SHA1:
51d9358b4cb775cd3f882dc2186205a4342ec46d
SHA256:
4a06d1434b3211b8dca3a747b8e2a05af00b44045619e5201899d3d3fe05741e
SSDeep:
768:zB87arT3Qc0jAhJBG7GfRrHZwxFANZW3iu8TBGnfQUjFtI7MTnD6rE1FtPF+niKI:lWaAcCAhJBjfRiDUZWSAfQyF/DGaPFO+
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR\SignHere.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR\Standard.pdf
|
MD5:
8d4a72656d0a538b05e14efb928f0d1b
SHA1:
82bde7d741d2593e7e440ae6350ffb78e45354a2
SHA256:
6785985eef214927c9174e1639c0c852f279ae18aed12d8c82b682e50805790b
SSDeep:
3072:2qaEOkbmi4pDnobVL8cGJBWeNRaPXpPK0WGOC:2AJ4pL8VL8cGJBWePSJD
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR\StandardBusiness.pdf
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR\YAfsSqFnIjgUbsnK_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\Words.pdf
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\Yf9WgwskGyiuZVau_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\2ejZf0cg2gyyIIfd_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\Flash.SUO
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\lpRtrAP5ajx5gGX2_ENCRYPTED_BY.WHITEROSE
|
MD5:
6cbe210b835aee7a797876bffc35d1e1
SHA1:
0654fecb1c2ecb8c4bd2a1a43b78a9daad10157c
SHA256:
a8378b3a6917f887eda5df12a3dd7e3137f754e7a02cf17e967e1aa3985aeb1b
SSDeep:
192:GL7rBbhBCnm+W0gwddef5b6v/nV6Fa2/tDiZ5Ye:87rdCm+WN5b6XU3ZiZ+e
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\Mcimpp.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\QuickTime.SUO
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.SUO
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\XMBQj5Qt8vIe9KW0_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_CZE\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_HRV\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_HUN\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_POL\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_RUM\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_RUS\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_SKY\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_SLV\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_TUR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_UKR\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\pmd.cer
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\RTC.der
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\XjGqbID1IyzPC5k1_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\SPPlugins\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\1QzweS0avTC4DOx1_ENCRYPTED_BY.WHITEROSE
|
MD5:
efc12431a6ed9294305b0ed1173496ed
SHA1:
be97cf3acc4f9f0eb57226cca0dfa459d79347bf
SHA256:
2dda163e7eaa1e0b7c17a6b3ff3d05194fb3374e53750fc9b0c56930fd9a86b3
SSDeep:
24:7D5JbARL0voWiL5Wwe911EKxkboTWkcElfcXOHxOD/cGcE:/5KLlWiLMpOM2EhcXO1E
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\3GYp6dRad4k37kZT_ENCRYPTED_BY.WHITEROSE
|
MD5:
a3d1aa6ea96f9dda8f8978e49900343f
SHA1:
f350925ef62d2333988f51c719c08b6263c74bcf
SHA256:
d94015588b43a88f7ae40dd01addc3950c240fc69c7572dbe6cae0e3787f2d36
SSDeep:
24:JSaNbzR7QUJQ7bu0PW3MaH8JiAOsrP+1Tv4o8JFWWhs9BUOcHogeBNrpgL:QaNtQQQ7buKZYAOe+1TvsNKyOL3c
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\3VOatY1r8qTNgV2l_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\44IDtftBqTLhEnOk_ENCRYPTED_BY.WHITEROSE
|
MD5:
70f4fd5eedf329e57d122086adb5cec8
SHA1:
e27e9a5341d5d3e9bc17d28ecf93ac9e2b64edf6
SHA256:
18542ede2d0a193c06dca8beac9fc6abf23b3a49a712feaaf312ca04383ecf54
SSDeep:
24:Ls5uJKnU2z1iGQgkpuLkCUKR4Pz3cl+Kwiuns2S6yRJNQoZMjWSA403WGDXeVpMV:Lssf2BxQEkBKocl+KwJvyhCpAbWYXe2R
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\4XyrLWTydN38GJ2D_ENCRYPTED_BY.WHITEROSE
|
MD5:
b9f84e619b04593ad2880582334b9a86
SHA1:
945fab9de6f950ba820ae43f0c9cc55d41e96a90
SHA256:
452f25783ace2a387255deee42d15d6bd67a777eb72e8e56d486795cf74991bb
SSDeep:
24:BY5dwEihiJVybK7COKodkVT8pl0A3chx+A3cZBqC838kY1hHDu71e/aqeKrR74sf:ecE0ZyKipGAshxncZq1QhjK1ucshiaf/
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\9mQFeGyn4OjAHSyh_ENCRYPTED_BY.WHITEROSE
|
MD5:
432356a0ab056b4f2cc46d5f0faf4c70
SHA1:
ece9658f59701f5ea2d0ed5e994d45d7926f2e20
SHA256:
4f54cd6cf90667325d807c468b7625d3515cba5b98ebfe4d4aaec52d17b8ac19
SSDeep:
12:+yvCyHsVUmbDbk9MdD7Ss0Uvka2mV071pUr8MDxwCusZ3xrX8ws/an:+yvx8UCbf17SQZ28071p2FwCusrvs/a
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\add_reviewer.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\AgKOyHQywOm66Hiy_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\AnEfzZkHQgeyr07x_ENCRYPTED_BY.WHITEROSE
|
MD5:
f45e7a1228b18815c7908ea301a8bf6e
SHA1:
33c3e6f3118c024acc1652134af34d3c1082bb0b
SHA256:
f99eb7126f1ee97db572b5f54a0b0c722705c7c71c6cc747a660cf12db363ba2
SSDeep:
24:v2d2/KglozurWAj8BJK5m5bL5mFVW/+aZ8NgsHHaJjq:k2VloKrVi/YVW2aZsgsH6Jjq
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\bl.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\br.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\create_form.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\distribute_form.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\DnJJ5LBVeIM08DNa_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\email_all.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\email_initiator.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\end_review.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\ended_review_or_form.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\f7dilgeLmLnzwJCL_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\form_responses.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\forms_distributed.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\forms_received.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\forms_super.gif
|
MD5:
41c18856136df2d70ab74d7f7bd591a1
SHA1:
0b3d5cc1493983cde3c58234ed971883355842fd
SHA256:
2dd7bd1a84b4ba3e7c09c2f7db9732a59d47c874d38f5de3645c0b92f01cdf67
SSDeep:
24:uGon27SeiLwMuVnHC6AY59snTznI3XlAr:uGonrh8Muti6X9WaXc
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\HKhGgxnFXnUiJYjy_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\iC8ooqJWa6qNxtOM_ENCRYPTED_BY.WHITEROSE
|
MD5:
c888f4d5c927700a2f051f9149e0005a
SHA1:
c2895ab07bb394a7e6176484d25b0b71d5c5c409
SHA256:
4cd6a7723753d8877df5372dfa89ee444a3dae122c585be641773a00c779ec64
SSDeep:
12:qjy8LX0WI/irzCcJ5y4XjGwtW0BEb2F4AcTbiB:q9IH/IzCQFXSEWki2F+CB
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\IM3XyugL5J5C9MkQ_ENCRYPTED_BY.WHITEROSE
|
MD5:
fb48d99e48d1ddcd25deccaaec781095
SHA1:
f85abedfcaa4853089d9bd93a1b7da2dce12946a
SHA256:
a0ced1451f5374d1bf604f7a00c89ad9d3fd0b5e61124aa2b967afd313b62f7e
SSDeep:
48:l5lkYkNKpOOxyudgffiGoMDGQWaaNaLCS/ejv/jC1z:RvkNK1dgffilMDGZQCS2jv/W1z
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\info.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\ISb0hOROgQMM7p8x_ENCRYPTED_BY.WHITEROSE
|
MD5:
2ebd49b40f49bc2cc901f19a9007a335
SHA1:
fdc34e8c814433e86d2304efed1972c06b12af30
SHA256:
b92026445fc4d22ee9dee69e7c1b433f013cc4d75abea73e123c77cf75e75ee8
SSDeep:
12:T1xO1kNa80AeiLcrnjCk6kUQ5cJ8MjqimgSuMBJkHfw9E3vqFFB+GgrCDXGWO7/0:X0kI8re5rnrUT5mgBMD3IauSNO7HFGH
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\J8LVmhrwX4YB0Wgw_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\JVqyUFgpyQwgcFH8_ENCRYPTED_BY.WHITEROSE
|
MD5:
e3dba1c02da91c9f3a7b7dfab905e8cf
SHA1:
3e70428687effbfb952a7b17c97275b2f3cad879
SHA256:
53d14ab4fe71329a624927223dcd35c5bec0ea9768dd4e4eb5e90634edd34db9
SSDeep:
6:dHGAD7Kjyy7ORTjArUilp6+KquOymR8HO5AXrl8C2lu2ALfQMSjfH8E0/htKx892:NGMKjyLYOpUH+7/Cw4j8E0JUyu/n
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\M3ptqJ2MgLWleAbK_ENCRYPTED_BY.WHITEROSE
|
MD5:
0fc383380d5de9bdbc8275f560a2d0ff
SHA1:
f36d1bb1d7f16788ef444473014676cc7ce6d31a
SHA256:
91860245745ed0ee99fd985738cdf8d2d6dd1f424c37f49aa88af49047d19489
SSDeep:
6:nlLnS1lLSxNiZl4qCq6kXqAEyilHY4d5jvQ+jvrYSBLogtXn:nRSnCQq+CAEyil4Yjv/o4Fn
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\main.css
|
MD5:
79ba6b02e91119adeaac1c184ec969fe
SHA1:
915e22e747880cd994b9c057e5c66382708b5c33
SHA256:
c4dd0e5b94d4d79a30be966e404f5abca600a4d216b5833d95eefc2d0f94ed08
SSDeep:
192:CWDLdsp9/iFA5j7shkVujJnA4Y69KeB7uJo/DSdPwDBuz8WvLSkGletxJr8uvPU:rdspltF7Ik85B9KW6GOPw9uz8wMlwxty
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\mlpy2e987AYcHRaA_ENCRYPTED_BY.WHITEROSE
|
MD5:
35a915df543af35700a33f0e574d8f18
SHA1:
551b109f0011c34e902f001bd5b4b8f0743a44b9
SHA256:
432822a530580e8a8ec50c51d8362b57460261fb177c1632039e09b1e2fc15e5
SSDeep:
24:Vn9Ert2MqWdJmVMUayEIMvDdo5gZKTl469+n+UY+w+KSWKXJfg11CP/es5I7V7:YwC3UapJvDdo5gZKTl4c+n9nw+7XC1mq
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\MUv2prxDYi5RS0oL_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\open_original_form.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\pdf.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\Qh5YBdjnGXb2ttV0_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\qVjTFD7XcrwHfsgm_ENCRYPTED_BY.WHITEROSE
|
MD5:
288029f4da1467e751a1e718812a91f5
SHA1:
7ced70f0a91bdb16c7e47d53efdab8409486bc3a
SHA256:
eee2753223291c14db1e840327fdaf1de39acd2f817ab920be7748fc577bbe33
SSDeep:
24:V0/qrDK6bqsd27etImJ7rv1YZofAWcJqE0jMP:V0/KDKQ07eSwvqOUJx0jMP
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\review_browser.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\review_email.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\review_same_reviewers.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\review_shared.gif
|
MD5:
56a912a3ce060388f665f885ed7f79f5
SHA1:
01c44ccd68d8867b057914e36264af3d1834bc17
SHA256:
6a56dd494c41c11b17b9ddeef8422f29b8c75476467c1e845c53ee859c04e482
SSDeep:
48:F02psyYPdUfMaZv5qBAJ8aQ0AFnG5aZs0:4dUfVh58f0AJG5Ms0
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\reviewers.gif
|
MD5:
e40018336d42ccacc2def6dd67d97bc1
SHA1:
04909190f24a2ef376aded1f0810355cbe66c9b1
SHA256:
4aa82b8e33b54d753c195995d75e3bbd6bcc4d1e8835355d1adb3abcfd1336ff
SSDeep:
48:OUh/WCPZgwiYMcm1Duiw2T+ZATDvNQcF0/Z51:jNScgDTTOmKcF0Rz
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\reviews_joined.gif
|
MD5:
0945ba59f10ff9cae3ce216287884ed8
SHA1:
f79ce3b5e8c11a5da85e1657f17674d6d1f834b6
SHA256:
910b7abea33070021c304df95ba1719aaef65052cd24e772810a5d2e0cb8fab1
SSDeep:
24:/Y61+7OSbIhLUzy6Z7Qd5J1XZ+PqiqNYT8Cnl5SDXQAifZW:/N4Mhgzgd5J1XstTNnyDgdW
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\reviews_sent.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\reviews_super.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\RjNeUbctNjkkThWq_ENCRYPTED_BY.WHITEROSE
|
MD5:
e12a68a3ae12a9ed083fc4ee19f3f4f8
SHA1:
3db9aad606850f7af299b20288b5ef763248ec0c
SHA256:
cc55f12253f462a473052d85299aef36f399d39752002905eb96e979191a1fa7
SSDeep:
24:NwWKb+kVnb89MG/woS+j1+ImXzvK+wfJbTaT+v0F0nwv6r+z6PRP9g1HAQu35AVu:iWKbJg9M8wojhOzwxyTaGmPRP9iHg4u
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\rJZvc2VQOe6mjbHY_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\rRTYdho18HYQGDuX_ENCRYPTED_BY.WHITEROSE
|
MD5:
9033707f9db58092f3dea26b1ab729ef
SHA1:
61bd3bc8555e3498cfd2babde6bac5fa684b7c9b
SHA256:
9eb59bfeee380d11cf6ec546aae0946e224420712a31b68eec1b55feedc69291
SSDeep:
24:YtJaA5cfdLDDbdNLvb4rWEFQ92wgEN6b5lYvvYPyunIw2K6zIN0cH:xAGlx94WH92pbX2vYaYIFK6e0s
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\rss.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\server_issue.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\server_lg.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\server_ok.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\stop_collection_data.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\submission_history.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\tl.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\tr.gif
|
MD5:
4bfd00b9f05eac9535ebbd35aee03073
SHA1:
f4ea5a28b27ddab40d916d9489f7f2996e1c3bc3
SHA256:
341ad0c017f2021f8278fa75c01da20d5fea0cf27d7baf38e1e30f34621f64b7
SSDeep:
6:nlLnS1mZK+0hJ2zZS/H/LJT2emHmaDk5CFuD/JINtuGICgqVyj0Y52x:nRS6K+62zwV6tnw/JGJ13N5x
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\trash.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\turnOffNotificationInAcrobat.gif
|
MD5:
34c40e07aa1348961e93ced715207d89
SHA1:
d0ad2fff83546975b6675e264d2cff3a407a37f4
SHA256:
3a2a1b206d94cd4501be9bc6822e98fd85e13dc75cf96a30d1d500100e74e4f9
SSDeep:
24:SM5GsiYVJOrtrUhONAKmeBSd/w1RH/OXFdJ05E8F:z5J6RUhfKmekRGkFz05E8F
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\turnOffNotificationInTray.gif
|
MD5:
2fbd5aa307aa894b616aa7f04a008939
SHA1:
2022426ba10cd721fff6e73cd09d7345700655ab
SHA256:
980cfaea6541eccb54d93d16c5c04bc45f093825e9184b46310ef5323e64f19d
SSDeep:
24:+fdrPdiFEUG5c3X/vtz8U2/E77s/G91FqKWoXyezZAadOJHIDpKlsUPfIMePx:MffUX/vq/E3MAXXyezZAa4TlsIf7mx
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\turnOnNotificationInAcrobat.gif
|
MD5:
f96ad452eff4af3c700f5ece8212dc2f
SHA1:
5bf1c29e6638ab4e85a284bdc7a920d654af3e93
SHA256:
4c4c7136d0a0f969a3f34c004abde60f8e2aef2efcd6584fd480682e8b6e66f7
SSDeep:
24:SM5XKVdP6y1TGbVZasjhGTPJ9sMBFPcvhl7EcIAPxn+lM/i6n:zXKSucn8J91zPcBBJnsW
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\turnOnNotificationInTray.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\tznp4lDQwoOlMI0R_ENCRYPTED_BY.WHITEROSE
|
MD5:
38f2e2e843636a6c00584106ecbaaf66
SHA1:
8655897abadf8c8d205c6bf99c45064c907dd334
SHA256:
415855da4293b812b6d93993081abb4de25b1a053f1379bc74cf5b8e3e50da5d
SSDeep:
24:wqRlru5Szkb3A4Tsuj2/H1Ed2RCFDok7lwXPsk4Ln77:wqzOSz+3TseuA2QFtiXPsNr
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\uQXrJ5Fcw0vql8bB_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\VerMXCMJ82j5ZWRE_ENCRYPTED_BY.WHITEROSE
|
MD5:
74fa01e0a3cef639fb01e96a340491e5
SHA1:
612404b5abc4aae92fd84d8d13f66d97fec8f564
SHA256:
0263ec64c80e6ee23953adf3465ce0b958a689e73cceae7839aa45e86838e788
SSDeep:
12:ba4qeGKpmkSV+uDX+pB88tAqnCkoq2AhuVEz3a35Iw7yV/NEIS4OtDVKkHFKcX:m4qF6bSSpB8KAqnCkozAwia6AtDxQcX
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\vZm36eES2fY7q1yS_ENCRYPTED_BY.WHITEROSE
|
MD5:
df0c1a67c8fe27cd17d16b554a3880f9
SHA1:
d2414f4c94023d41991bd4b17833808e0f96e8ff
SHA256:
c6dc8b8a492a3eca9fc089dbb1d11e3f6558730ce06bcf8601c85a6ff9f53454
SSDeep:
24:KTsOqzd0IHVaQMzBqCxYPoKO6sANPPU+ZSC9VBwoPzabiX:KTWdBwywKOlAVPU+ZJPiiX
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\warning.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker\zU1A0Fd9kYXPwFt8_ENCRYPTED_BY.WHITEROSE
|
MD5:
f881b4da00b0af03b517fcbd7774efc8
SHA1:
1ad7c0546240932f73fc7a5df3eda952f1e18b8c
SHA256:
d181ddf32c45c75868bbfcb0542f10ca0402cf2630b4b9466f1a610528534eb4
SSDeep:
24:zYJUcMuNIjMtMfLDYx4/lIaRHJo/RYbrDqeXiV0:zYOruNztUDYx2IaRHJo/IqeXiV0
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\CIDFont\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Access, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\CMap\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\ENUtxt.pdf
|
MD5:
3af081f3b477e696f828b7dc99041c88
SHA1:
b00063a12162a4f332cfa44c52b15b3f3d72a2c6
SHA256:
465050ed646104762b5ebe4a262911f152c38c0421d6087001d6154c88403ec0
SSDeep:
96:MI+AL5pYwtUH+RkZzItyE+8tw9g5RRDLK1gvsu1Me1gZReC00vgHPOvDrW8nRyuC:MIT5pNUEkZYZw9g57mQavggD6Y1bbg
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Font\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Font\PFM\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\0i6jZg3DlrQbjucK_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\1fZyr7ntpEE2VaF7_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\1StdnTGZPYhExCnR_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\1vs3EzvZqXvrRwFW_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\24S5ki9iDCgz0nEU_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\2XISBZxfqwxoaKRc_ENCRYPTED_BY.WHITEROSE
|
MD5:
e7b7e7b0b151c3091ef81eb0325869f1
SHA1:
a8ebfad5d617b7069a5c04baa14581a8769410de
SHA256:
f7bffc45ddfd7c3a65e7c1268570b99763285e5b4a2039726eba5cc2a189654c
SSDeep:
384:+nhHjKi0/ZpbIcZHd1ztlHJAZseGBs1JZGfQv4kQ//nmeUtQEG4vmuGKtNRepNha:+nhHgHddtliZw4zGc7+ncf6YENhonSw
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\45lmiZsPxO5Wp9LI_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\4kbmiZ5MKJ9Y8BHW_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\4L8wQ6OAQ0K97opj_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\5S2ZRlhJ0BDBtRci_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\6pq2w6V4lgnILIah_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\8DleqCjxE8t6BNUo_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\8ZZUmp47Rv4FvMGW_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\9IulbthWfcTaBSkP_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\9jkhixBcyCc0sy6d_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\aeDoyVlGgHhlKFqk_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\AmyI8KqQQPoUO74D_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\AN5hLbz1K3hxIveC_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\anjYdmTVX18XYCG7_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\AY0HUxbxW5mVwJVx_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\BbclE9fJrCXzSOud_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\BBJUizoUlQQcMeFd_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\bftZHSGZ4ZM5fFAK_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\BgIYbuFzflzgD1Q5_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\BSYvadBuKYDLy79Q_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\c64inf5GZR1kcbSc_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\CmCaBwH5fgWutzKg_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar.txt
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_AE.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_BH.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_DZ.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_EG.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_IN.txt
|
MD5:
cd0cf1e997d93b708c906ba72a39d155
SHA1:
06801b614c1b115192a9200ec27928d660eb7635
SHA256:
9bf0273f7e9a929f12a32a605effdf8d86da85ed153b1b30cfbcffd1abb011bd
SSDeep:
384:r2E2PrhOr/rOE3OqF6ewJsZykVeWEszBfgllI+cjy3mZHeDoeRtNwin7nIh6:r+4eE3r1pg1WE4e5cWWZAoeRT7a6
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_IQ.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_JO.txt
|
MD5:
eef6b6a08806930a41da5ab652a15a41
SHA1:
1ea42a622b4bfd9566bc031622ef53c8a7003e5a
SHA256:
3672d8626cc9c1551d5ce18d2dc815f84067759e01bcd0ad68c2d765ddb0b8e1
SSDeep:
384:r2E2PrhOr/rOE3OqF6ewJsZykVeWEszBfgllI+cjy3mZHeDoeRtNwin7nW4:r+4eE3r1pg1WE4e5cWWZAoeRT7T
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_KW.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_LB.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_LY.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_MA.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_OM.txt
|
MD5:
8bd5cc715b0952c5f8dadafbbd5c9f7d
SHA1:
eb82e0dd3f480b53855a97e429e40c32d65b8de0
SHA256:
dd5a519e7a3f97c1bbdf9b3c584bec6a45d0176d874a8da1722f6cbfd07c6d6c
SSDeep:
384:r2E2PrhOr/rOE3OqF6ewJsZykVeWEszBfgllI+cjy3mZHeDoeRtNwin7n1:r+4eE3r1pg1WE4e5cWWZAoeRT71
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_QA.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_SA.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_SD.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_SY.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_TN.txt
|
MD5:
5c3489336d8de592c3b1d5865d19ed51
SHA1:
57290af2be1e8f0daa9e62095981ee7fc1c30a5c
SHA256:
b2fb590b130761a5c5770acfd36d1cf8785c72543e3cf855ab4c6bdd1228d225
SSDeep:
384:r2E2PrhOr/rOE3OqF6ewJsZykVeWEszBfgllI+cjy3mZHeDoeRtNwin7n65i:r+4eE3r1pg1WE4e5cWWZAoeRT70i
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ar_YE.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.bg.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.bg_BG.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ca.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ca_ES.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ca_ES_PREEURO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.cs.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.cs_CZ.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.da.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.da_DK.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.de_CH.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.de_DE.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.de_DE_PREEURO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.el.txt
|
MD5:
6a754a77a6afaa0a1b5652b044da5dfe
SHA1:
6795a3f995e133b388544d0e163da9ad36e35de9
SHA256:
7b295cd10c3c219d52fccfe5c05eecd5b84986e7499771b4835b7ee0a5f278eb
SSDeep:
384:hDLNClxI92L8Ii+r75trAMFBW1oKvjXaxsOcMMQ5dVNXIQ+Y3ccPEicHEMRnu:hDx6uGr7DAtkiI5EYM4Mu
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.el_GR.txt
|
MD5:
8931a9956ec18fddb77b8b76be5126c5
SHA1:
132b9c6ad8886536482765444bc6e60bdbfea58a
SHA256:
5a69f9cb9fbce72a5c2a94133a021dddcb248b48d97a8103cdc433b2e7e2ecdf
SSDeep:
384:hDLNClxI92L8Ii+r75trAMFBW1oKvjXaxsOcMMQ5dVNXIQ+Y3ccPEicHEMRn7:hDx6uGr7DAtkiI5EYM4M7
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.el_GR_PREEURO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt
|
MD5:
479fea1b8001867f2c48a689a4438625
SHA1:
396dbabe2d0933838298cd345d3cadb85626f884
SHA256:
deb21d068a1aba3d45e9a3b2c40d1820012c9700e11cd5019481d0165625dbc5
SSDeep:
768:zJDHTAoNNzKnZ0r0iUdK5XFDKR4qZiVgZ3rrBEj2DWk:zJDziUy+FDUZm6ray
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt
|
MD5:
ca9358c293fb05d5e0fbc14ab9512df4
SHA1:
02012f7abe2531f38495a96023c2f061e3a8d90b
SHA256:
9dadd08e78f29bc2ef1083e85cdb53782347aa07aa4490ffee807df36ca566bb
SSDeep:
768:zJDHTAoNNzKnZ0r0iUdK5XFDKR4qZiVgZ3rrBEj2DWi:zJDziUy+FDUZm6raQ
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es__TRADITIONAL.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_AR.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_BO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_CL.txt
|
MD5:
b566f88a35e094836109835aa1237379
SHA1:
5f663482813242bf38566007892e4ea10314ca4e
SHA256:
9c711a41443ce527eca375140088cc10fd79a9ca67ee96d9201df0613ec5a87c
SSDeep:
384:+nhHjKi0/ZpbIcZHd1ztlHJAZseGBs1JZGfQv4kQ//nmeUtQEG4vmuGKtNRepNhq:+nhHgHddtliZw4zGc7+ncf6YENhonS34
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_CO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_CR.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_DO.txt
|
MD5:
b586c78caac50571dad410e94a6e72d3
SHA1:
43b2fbd32118e13ce3e90b495d712a1531deb587
SHA256:
ec60a72396ddc35f56991c30854ba963ee7f4fd50687eb05431832bef3c9e01b
SSDeep:
384:+nhHjKi0/ZpbIcZHd1ztlHJAZseGBs1JZGfQv4kQ//nmeUtQEG4vmuGKtNRepNho:+nhHgHddtliZw4zGc7+ncf6YENhonSu
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_EC.txt
|
MD5:
ace4b836dad0ee37bd572bff0cd365ac
SHA1:
6ecc48e16561f0e50955a09555a1db5fe2652f2a
SHA256:
ae6cb5d272ee11201c1c5f8e1531c40f41801512a3839ffd72e38eb46333c7b4
SSDeep:
384:+nhHjKi0/ZpbIcZHd1ztlHJAZseGBs1JZGfQv4kQ//nmeUtQEG4vmuGKzbYK5ysh:+nhHgHddtliZw4zGc7+ncf6aYKAs4IB
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_ES.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_ES_PREEURO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_GT.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_HN.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_MX.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_NI.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_PA.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_PE.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_PR.txt
|
MD5:
638dc42106c039bba1ad08bef6aeb462
SHA1:
fbabadf44e0fcfaf0de4fb98006f1f12826901db
SHA256:
de31d03ed1c05d495534fc8c0a60c53d32ff09264e83aec68a2a85073f2e8a79
SSDeep:
384:+nhHjKi0/ZpbIcZHd1ztlHJAZseGBs1JZGfQv4kQ//nmeUtQEG4vmuGKtNRepNhl:+nhHgHddtliZw4zGc7+ncf6YENhonScI
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_PY.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_SV.txt
|
MD5:
3006416fb0cdf94225e99c187bb8e3da
SHA1:
265738ff902845f7779bcb6e206ab3d147a6c2b3
SHA256:
1a0ecde0e04230dcddb02fd7fb0deada6bfa1c0c3b0caa85c1b966c4880ad297
SSDeep:
384:+nhHjKi0/ZpbIcZHd1ztlHJAZseGBs1JZGfQv4kQ//nmeUtQEG4vmuGKtNRepNhp:+nhHgHddtliZw4zGc7+ncf6YENhonSD
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_US.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_UY.txt
|
MD5:
697016b37ce7beeac06baefab8f0a1ff
SHA1:
5b49bca2ab68afe4e90c25cf1e393eae158fadf2
SHA256:
946e768d580562c9ee4dc485842e4c14eb0db2a1784c7dd0f306ffc2d7aa9305
SSDeep:
384:+nhHjKi0/ZpbIcZHd1ztlHJAZseGBs1JZGfQv4kQ//nmeUtQEG4vmuGKtNRepNhh:+nhHgHddtliZw4zGc7+ncf6YENhonS0K
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.es_VE.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.et.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.et_EE.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.fi.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.fi_FI.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.fi_FI_PREEURO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.fr_CA.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.fr_FR.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.fr_FR_PREEURO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.he.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.he_IL.txt
|
MD5:
7114e17f7e1fc4fc2a231ecdf6749a6b
SHA1:
89731e1b829c596b7f4b468458e48a4ae1bd2c62
SHA256:
4a2fa67f0cfbff6662288dae49cf4f320d14b9f5c432168a5a3d0514ec641f30
SSDeep:
384:e3d7avN5+rcGF3A1WRCF3muyeVtzdCZ0eCMCL72dMhUO2bGz44WT1L0JRHq2aqRx:e3cNEQGi1QTC1fL72dMZ2TAVaqR4LfS
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.hr.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.hr_HR.txt
|
MD5:
33467c5dce070b7c9e2e44a1abff564d
SHA1:
866136c33dc4ed06dd978dc454de3bace2111f3e
SHA256:
53cbc7a47a7bd8e12b23590a89a8e14b9317baf346d45c3f5c8c935c7c1c06b0
SSDeep:
768:rcsc6mzd/GHDwBFafOWSrLMpyauySdbCzixlizvPEk:TztjyIfgopypWixlS3
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.hu.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.hu_HU.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.it.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.it_CH.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.it_IT.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.it_IT_PREEURO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ja.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ja_JP.txt
|
MD5:
a79732032a0ffa67b9229c4e07e11578
SHA1:
945c31ddf29de789b9cf3cda2c5957e2875d1e62
SHA256:
0791511784fcdcae409d4c3db9215d5a9d144a59386cf3ac92c0322904ec7dbd
SSDeep:
384:9wvl76nBK2QGyihD9SWQp/VRaQ9JZMmv9dR3FuISZAx9G2Xh4l6EWZiXsAkIiJsr:9MWnFSM8WQpnaSNx1ud12XA1sa4w
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ja_JP_TRADITIONAL.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ko.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ko_KR.txt
|
MD5:
341ac25721d19c7fa1ebc84fc8046982
SHA1:
a59aa0b9bbe071bbaffaa3c61786d02394b2a308
SHA256:
0206610c1c1329dd9bb8f265a11e712b40571667f7f3e4bced3ac58b921b02d0
SSDeep:
384:IVYjFTh9y1/PXrmEwbKMWBUGxa3u15p70ZNBN4P7B71BM0dpeUwWEYJRi2oNGNk:I4h9a/Pr2bcuieM5p7syl5RLwWEki2oT
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.lt.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.lt_LT.txt
|
MD5:
81567ccce56e01d5a575107137a7e20a
SHA1:
cbafb10ce46495bb66871706de421d914af84287
SHA256:
0343712f91104519b94a566ed5ab2220b8ea9afed1ecf88acb5b24c3c5f23a41
SSDeep:
768:+7U+XEOXmTiLOb44KP2QZCct5dPMxdTWhoZ:+7f0CqiybRKekCcLxMxdTWyZ
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.lv.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.lv_LV.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.nb.txt
|
MD5:
fe3a561f7507b5170ee18e6eb74ff667
SHA1:
02f40aacefe7c39b60cc46670eadf9e0b66c4a71
SHA256:
2d802ba4fa535d2dd484cf5e3854172beed59e9976c3a9ea5c953d6e10a4c037
SSDeep:
768:BAH1whd0Gz8E/9b3H9ESK1NjgCpCLc2IPBbIF28TK:Bvhd0y8Yb3XK1hgmkcNIg8m
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.nb_NO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.nl.txt
|
MD5:
7bb0a484fa723ccf93f92c3c249e12ff
SHA1:
d91cb24f90aa75654868242d32fee37fccfb671f
SHA256:
a746e1bcc885d7f97cfac19081c20579f7a0ce1e8d4de182ef8d0e735cec6fae
SSDeep:
768:S/wlbJO6lRnVuiN35YSQnMIYpViHOZe3zQMmea2u:mwzOORVuA35dUMNVfOVQ2u
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.nl_BE.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.nl_BE_PREEURO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.nl_NL.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.nl_NL_PREEURO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.nn_NO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.pl.txt
|
MD5:
a2281dec08c3d1908e6b1f86f37559ae
SHA1:
728b23e7d1724fefa0ff8cf8fe99ee31190adad6
SHA256:
db846c8f4ce16c44835e5d16322ac99228a947e124046f19760a65b9385eacca
SSDeep:
768:pthwgKB/vonv+sj78AlY54wKH9jBiudtjlKifXfR3:6fVEmsj7Y7a9jBiujjlKifX53
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.pl_PL.txt
|
MD5:
2d98400ec083b99a956fdda4ed9670a8
SHA1:
b9e635f7441139cde1589594cf4fb8753ee64704
SHA256:
0171e78bb168e6395a8b7a957a5e930f882898c70214eea2a73f8a55bd08d3fb
SSDeep:
768:pthwgKB/vonv+sj78AlY54wKH9jBiudtjlKifXfRii:6fVEmsj7Y7a9jBiujjlKifX59
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.pt_BR.txt
|
MD5:
9412d42f043f19ef5ccf65872a609333
SHA1:
6684a70b3ab18ee89f25a27cecad018a15c7d2d9
SHA256:
0be54725cc72b69c55969ea65cfd0960372ed71c46a7c213262ec98bbd9cc911
SSDeep:
768:UG9t9kj+OdzADcgTkShZqYEBUBrh80pn27Smv:HCLdoxh2g47Smv
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.pt_PT.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.pt_PT_PREEURO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ro.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ro_RO.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ru.txt
|
MD5:
b9dedc2c43a09846bd759d7412f84ca1
SHA1:
92cd335f905c72cd772c902c2df7d4b3ddeff44b
SHA256:
bf6e7e6ae0e48af29e1a17cd92ccde3ae184dc935e8f00a4937d7c5916792600
SSDeep:
768:QotvueY/aS5+/yebGD2JwHVRoqx7QnaRpDfnijZRY:du1aS5mjg3xMnmD/iZq
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ru_RU.txt
|
MD5:
161648f06dcece0042cec98f3835d062
SHA1:
e4fa6ebe08c85f82f75d520c7e39f10ca46d2f76
SHA256:
d28977363d89d89e0e0143a109ffddf55e4d8627bf177cd189515b3cc1fe1e47
SSDeep:
768:QotvueY/aS5+/yebGD2JwHVRoqx7QnaRpDfnijZR7:du1aS5mjg3xMnmD/iZJ
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.ru_UA.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.sk.txt
|
MD5:
ca6f5c209495b9abbd0c668d3ead6719
SHA1:
09c267db6fa1a954a5c001a2890f4446f92512db
SHA256:
69f0b4a8cf2d8d3c88ef3df03db28a9738544213a201442ff98b8bd2f1f29b59
SSDeep:
384:4MZJNsuyTcfQnQcHXZ8PLv+OaCz7KZTf2fJhgzNC6SQdBgMXqr6s:vdYcJ0X6L+/CzGZCfJR5r6s
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.sk_SK.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.sl.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.sl_SI.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.sv.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.sv_FI.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.sv_SE.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.tr.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.tr_TR.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.uk.txt
|
MD5:
cfab53cfd7362ddc8fe1523653824613
SHA1:
ff7118df4cba9cf398b67e8e450e7aafd0863918
SHA256:
fd77abd1db68046d5b09b23d8b5b7d336320b76e89b498a74cf18aaefb49539e
SSDeep:
768:fz6Z/FlykF/joWyAdsTjO3Iii2eSfhr+I+eO0pL8Qx7BHA2UbxbEyC1vjjbA6:fz8/nygH32TjCIdahr3+UFPmb3gv/
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.uk_UA.txt
|
MD5:
e3448b13e9abeabc6aaa38e0c518e632
SHA1:
e83219079d805ff9a0b7eb3bbef0d9bb999e8119
SHA256:
8c0d650f963e026e960185804321c3c9ced955713ff3192ae8aee39d61ca2d0f
SSDeep:
768:fz6Z/FlykF/joWyAdsTjO3Iii2eSfhr+I+eO0pL8Qx7BHA2UbxbEyC1vjjb2:fz8/nygH32TjCIdahr3+UFPmb3gv2
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.zh_CN.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.zh_TW.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.zh_TW_STROKE.txt
|
MD5:
ca80584bd77bf9e3f2b74ee165661a1a
SHA1:
f5e118ca8bfed8d946fa04647526b8ab5999338a
SHA256:
97af25307161c72690840953b6621b107270e02ee00303fca0827cbc3f1c35ce
SSDeep:
384:RvS3ySz3OWzuOUj1qORhCdjBoWPBedJ/JBvnGIrEtO6H1eDemOavsRVCzVTr:hls3tUj1VCdVoWaJxBvnJEt9oSavsRC
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\e1IGOTOVz3MSKyfW_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\e68LT3kUnjxVTGzR_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\eFHJGP7BtxvWBjqL_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\EK8Fiwczztv4pqA1_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\eQg1uhbDuV10H7wn_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\fa9wLiffmGKNmjvZ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\fNBbH7zKM1npYLdK_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\fummecVu6l5BF3Sm_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\FWhCU7JZKXr7RHiP_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\fwLbI7YOA6kogihw_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\gQ8zEewVgbuRc6HO_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\GqWikpPyfgKPMbVg_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\Gw8u5IpBsms1KPHY_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\hb7Go76g7dXZVC4t_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\HpabGeKtSrNHWGst_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\ingD2FAFhHT3mTMi_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\ipFtuzEYMq0OY0cs_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\IQbUGzp0XigwyxdM_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\jdk73XtSndIt3SD5_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\JHuuEVFWZxE7VTvv_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\JjQz8SvIsCyft3Qc_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\kLL9HF8bAUsAjJC3_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\lCOAJW1oHrh4YItN_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\lwEo1DplukyS16H7_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\MBoLqol8bTswCJqs_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\MET0mwjhG6zYR4Tw_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\MqPuCWf6awZjvYjQ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\mwZPOGe98XspNCgd_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\nvIRvpGyUM8sFynJ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\O3nD5wPO1h0wNTJf_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\pAYvJvxPvkmdiGS6_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\PO322Ec3hybWkKg6_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\QaMepGPsuoCbSN7w_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\QghRX5eii9eTEYsm_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\qISYKM2ZONeHG9E5_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\Qls4GmPludX4CCe5_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\rQMqL5u99f8a4zr4_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\rrmpzQfPdu6cLciX_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\RThFeK5iT7sHYSKq_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\rU4Vlmwn1gaK9onT_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\RWhUQZvYcDYXuKDb_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\S8HKNoXh1hXS8vUe_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\saCX36yK12SPHNqD_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\Sf3TEMGJ7XSXvUzS_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\suSNvZd1IGbE1wM2_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\tiwp4l4UjtKj5fdC_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\twB5NW87P3kXpkNi_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\U1fAKOOFB1SL1Ne4_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\ULpQm4FoICkZPccA_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\VaFqIcf1pERGCzu7_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\VleHvFm2q3lTIkBJ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\vx6mLCrCJd0kG6U8_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\VYAMYCbNU7f3gtVp_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\W6ueZUFWcy9vDVIo_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\x91Lnt38q61Tbgl0_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\Xl6gFCHjciQBdkL0_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\yO1PgpiNkAJX43xZ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\yoAN5b5uqPHYMFoT_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\YsdC3J8n0WLXKg6l_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\yTT4Grkgkw7aTBqb_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\zfDf7tXHxmwpqEfE_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\ZgSez7WhKJjCOZwX_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\zipBkTtqeJZOO3Cb_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2\zYoFdOK80eISENN3_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\Providers\Proximity\11.00\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\ICU\eI7zaJ0UZhLIczRV_ENCRYPTED_BY.WHITEROSE
|
MD5:
fff4c73fad431bc0773d2e6172e9bd39
SHA1:
314700997ced3f8c05f95ae8e9640c7326633f93
SHA256:
042883d031b781e35f69ca4def1f1c25c0ef430501277b7f31a396ece6a393b5
SSDeep:
6144:LpegcuaPM62deuXR62bJqlO1ZJYnJ3FD5+diy:Uuao0UR6c2sZenJ3zuiy
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat
|
-
|
Access, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe\7gutylOfsOcapH33_ENCRYPTED_BY.WHITEROSE
|
MD5:
679b37160cb12a402b92377ddbfd6e2b
SHA1:
9323b05f70ebb9aa0c57f2178b57b3f5dfba0dce
SHA256:
95d5030f48eae80588efc911a34a420808a9dfcf6956b8c4a72fff661ca23d10
SSDeep:
3072:HYXA28WhAPhuUY5it7/Rp2P1fKnjobi90axwiuKl6BFbENlFeEuC38Lw8K7hhKLJ:HYw2jhAPh654s1i0bU0JTBFbENDeEuCm
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe\eNgLT3JYanuTadDC_ENCRYPTED_BY.WHITEROSE
|
MD5:
0f390407fc09ea4009b51534726601f5
SHA1:
072e77e8fcb20a017ff402158f76ad832ee7ecef
SHA256:
d8030f31f5b11b0d838ca74b62e486a5de95cc143ef864705194c81ff2a196a4
SSDeep:
3072:S7mrfiYwsRoJreWLSflVdRVANDyzzOrHPy:bfiA2IWLIlVdjOra
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe\HKSCS.txt
|
MD5:
ab211628814b5f903725025bd1612b8f
SHA1:
441241013437bb01d1bc31913fdd74d9969e0455
SHA256:
dfa95afc64aad06c3c6fde56413aa64113ca5c04badad162d90cd558f73da350
SSDeep:
6144:6GEVsqjsTqc2ot+xv6Jzc8NSHKfvVDCPcltChLf8h8FKOOB47jL5a2CE:6rP8j22+x6gPHKfvVmPjpkO0OzdJZ
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe\J9oEb2qK6YgfUHdT_ENCRYPTED_BY.WHITEROSE
|
MD5:
1cb11ebb0346edd679c9a0c7f75a4767
SHA1:
c7816e2544f86777b9a0e1434bdff4842ea0cc12
SHA256:
12b4e8bddaebd3398ca3d080ed91530686362bbca029d34bf3b4735c65c2467c
SSDeep:
192:OGHmKuseCqhB3uKg4B73/0TRsEGvNJcF4YWuNFRU0uHANM0mn2HGadC61BRcETsD:OGGKuseCOBx/B73/0TRsF1JUhDFRU0u1
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe\Japanese83pv.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe\JISX0208.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe\JISX0213.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe\N43cfs12oFf11l09_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt
|
MD5:
1fb7b4095cf5827776062d25901aba39
SHA1:
6258515cb0d106a6504ab9f76193be06d0d80e6d
SHA256:
4f1a10c2a7269d4f631fd805939771518defe7116779828b85c408a0da1f929c
SSDeep:
192:QCjkcd64spwshSf+zybduZnYxSXmq8Knyij/ju3tCOkECq5jd2/sqni:QLp5mKyZucq8Kn36tnkLqtai
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\2Z8I6TByWfOaM1hm_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\6sPR1YZlR2DvlZBr_ENCRYPTED_BY.WHITEROSE
|
MD5:
79187437505644e7ef3e35b17a82d92e
SHA1:
1583f6f50ef0b79847d72e0b4615f30212689f51
SHA256:
3b62d3f5daead1bfdf643717b966973ee90d17267d4b1107295ac9054c74b639
SSDeep:
384:Glmv1yqyKDoJQkGWKCDUDZ3NDzCJQ9nT+0uFcekCC+VEsMaaAZY+y3hIg:DBoKkrDUN9D6Qx+tFcekC9VEs9a6wig
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\8ieKQjHlzamtOv4j_ENCRYPTED_BY.WHITEROSE
|
MD5:
859927193890d9f395c3e32d22be7ca3
SHA1:
97990a3b442d4a6ae098b27d6432d8da0e567a90
SHA256:
334b108c744fdbfc3dc2129f2d4cf880e3e5a7a66fef93e21a957be2f56e0891
SSDeep:
384:Zf/x/+/ODDUFOmXeMnwzAKD/LcFnisRbgbPHFqkxmkUlNGJ:Zf/x/wO/muMwVDSnisx+F2lNGJ
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\aGNH37t7hPtDqQzH_ENCRYPTED_BY.WHITEROSE
|
MD5:
f68d5bfa38a18e3e81b13487ab74096d
SHA1:
8cdaf7a3ddfcda82b8173d433b4743d98910ec7d
SHA256:
2add9f1338947909fb71c17c99aac0ad8ed8597facea25636b0010daa062a51a
SSDeep:
384:6DcDjuG+MYC4EqdNE4PTSv1O30QxmmbJMtTQ2nPnEhyGV:hDjAMYCBzy0gbbJMNQWnbY
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\ARABIC.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\bWmJIOvshzaJ1eCr_ENCRYPTED_BY.WHITEROSE
|
MD5:
f84642ac880e9e3b3c53fc8ef37301c8
SHA1:
be824395184ec3118c4a10fc8f418433538b3834
SHA256:
1e9da2743fd2706c55d4652f5652fd69bd1404e4de398814eeb1b7f455d01b83
SSDeep:
384:Flgq8jgU+cjaQElCDBrm8/3co0zRqUpIAGc9B3s:7gqcgU+pCdJrInDt8
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\CHINSIMP.TXT
|
MD5:
8a2ab88f8ef54c0b64469b70c4523915
SHA1:
4924e8b5fee1849fe197020e24dc3fa819e1b296
SHA256:
a188f6a1f6974bacf3f9a6f40e456222c6b20f3685457530618dfbed291b34ce
SSDeep:
3072:wwJJoFWohyPf6/MX7xHikeo9oLaKSGIy1xNeQLkNixKG9dO6K+It+WxQpumick3P:bP8Urxuo9oGKZQVNq3gtWpJCP
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\CHINTRAD.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT
|
MD5:
c00dbddd62fece32515ec36f5e1217eb
SHA1:
042478d3033ec45d860237c272476bd249eaaaf6
SHA256:
ccd6b053b56c016f88ac52a83c0609ba34d3d43546fc0c3852a769aac17602d8
SSDeep:
192:ydgGhrxBOHu/Aak7s9sz4j0fWEUPKicCKrG5PswDfA56+EpWpCXOWZgE69fKYlHI:y+GhrxVAaWs9wzpqBp+EdXjqIb
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\DHBhmoep5ipCa88W_ENCRYPTED_BY.WHITEROSE
|
MD5:
b91eb99283d49d86ae716cff573079a6
SHA1:
e06a977124a969477800610d69d6c119c763281f
SHA256:
f2c7da1117ec132fecf9b5b79826d1415a23fee7378028aa5de00360acce912a
SSDeep:
6144:rc8My7YurYlY1XceWg7qe62WIfbboGSCu/OJerXCKWl6kkG0ApAfgpiu2:Tvs8FlL7mj4TOcKWkkUfgpi
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\DkR6XmCZSrZmD5hu_ENCRYPTED_BY.WHITEROSE
|
MD5:
87e6696dd64de6ec4ef200bf3d11cf69
SHA1:
4fa75f394c87f86542c98509c5426337ed704826
SHA256:
a1b677aa4531d80d33621ccbbc3b122b56cdeae90c9461f8b9a64d4326c7f5a5
SSDeep:
384:iJI50EvvlO+sNz95x9P4eGk2tMwnOX0uuCrpSEKS:iGEp93hfGrM8OXCAqS
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\dkRdpO2ZBMKhX7ra_ENCRYPTED_BY.WHITEROSE
|
MD5:
16f81ca8b900bf93191e6a9994c27bfd
SHA1:
c7a111575822ae4a1505e9c66150fd73f8bc7b8a
SHA256:
3417f0f355347a660965c0c8234efd2b549b2fee7fa15462d77a0f57f84dc9a2
SSDeep:
384:bLfObERKuWKuncQD+8DjAsXL8LDI5NrpufuScGHdoS6:bLAEIbKucXz3IjrpKBqS6
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\FARSI.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\HEBREW.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\JAPANESE.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\jczZnMpN1oLlbmah_ENCRYPTED_BY.WHITEROSE
|
MD5:
dd92f29dfe333d26b07bf4ee5162e067
SHA1:
160f8495789d45908cbcffea0d404fa6169587c8
SHA256:
7a3076b26bc73506bbf787a717f2282b5cc3598547e6a4919a0c5898657ed9dc
SSDeep:
384:zeq+I18IxorAw9qwSVqqKFbId9/l8mr8w+9YUWZY1jeMeeOv/Yv6eiKPiRv+MmjQ:ze/IG19qbqb8d9JuPF9eM7g6m5+acmF
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\KOREAN.TXT
|
MD5:
cd466589a4f70ff66e309e76d73ef046
SHA1:
0612849d12b9aa29aa5ba3f9307f96ad806e4ad2
SHA256:
bea84ed98441b9dab2fd4e29b319bb5e82e5e6a33749df9bf0dbb130ca7b6a57
SSDeep:
6144:wWkYLO1zKQfZpVpfUl7TfVpKJu6U/DoAR8B+Yh6WHfU39jr3WjGBl5Xw1CJhtJZN:sYL4mkxfUlnV3tQ6JtnySvJhtJZIGCi
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\MjxLqoLaZYpuUgud_ENCRYPTED_BY.WHITEROSE
|
MD5:
8e137a5a4cbf2a650e8dbc0d1f36ac6a
SHA1:
68a095bb7b47651241f836d8bb28ad59a7dd0880
SHA256:
a71320aa84f19cdd6139d87315c607dcba8def4b7f92f4db4c32a1f7e5471994
SSDeep:
384:A7S/iRqrkESCsyqEuIB4d/VTldid/+M2KpYXO0:8S/IRELsyP4d/VZdi9b2Ku
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT
|
MD5:
7b97c9f31ae0a5c176ad0af20419294e
SHA1:
c443239aff8925c9654196e54ac6c1e27e483da5
SHA256:
092ee0511f4dedbe78ab5ee0b7f0e8180befcf992fd29393f8683f9ec8bdc5b3
SSDeep:
384:vU3ApeOyfY1plE6UjX7pwY8tjICwsaGgNlwYxz7ao:v7eOywzUjXSIBseNldxz7ao
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT
|
MD5:
8df7a0d3c8cc18ea96d43993643ea7f0
SHA1:
07bb05ab65decc312d2de76552b566e5880fafd2
SHA256:
3d2c47f5390ea581b97da0cf76ee0a64c13f981e98565db43250f770d5944935
SSDeep:
384:W9xhAgi+hoQh6L8+IZMGEP5qyz0//W1GtjKdj+69gLX2Pq:W9xhAKBh242ZP5cG1GNKdS0zy
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\SxvCsvgUpMeDZ9st_ENCRYPTED_BY.WHITEROSE
|
MD5:
5671cb215bb787d6d975e6faf99702b1
SHA1:
e8ae1e31d29eaec86c7f96f8226667c6d1755e51
SHA256:
cf1aa8594eece0f837731102550c6b166a2e76d3c156316f3a18ea6ca4c15bc8
SSDeep:
6144:JN+muP6hgzC5nfb0wqbWjG3bXfcVdN6Zl:JNSFG5nz0wqYG7S+Zl
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\THAI.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT
|
MD5:
de7bbc9310e3f5bef4c084543c48c734
SHA1:
d41779d6d502699621cf69c6ad578b90995b0a6f
SHA256:
c47cb12f98dfefa2ffb9135920a386c193cf5d838a18ae417e62a213c70c810f
SSDeep:
192:+YgP7s1NO72NRe0h0Gmvq1jfiZZsrF8R1lgnKKgCi+ynjxHf8HYYH:Zp1NOCNU0uS1rmZsrFdnhni+Uf8HZH
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\VKEJHSBjkNnRZHJO_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\ZMXBQvg03fFXLq23_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac\zpcwTV4IyK2Cxpmg_ENCRYPTED_BY.WHITEROSE
|
MD5:
cd466589a4f70ff66e309e76d73ef046
SHA1:
0612849d12b9aa29aa5ba3f9307f96ad806e4ad2
SHA256:
bea84ed98441b9dab2fd4e29b319bb5e82e5e6a33749df9bf0dbb130ca7b6a57
SSDeep:
6144:wWkYLO1zKQfZpVpfUl7TfVpKJu6U/DoAR8B+Yh6WHfU39jr3WjGBl5Xw1CJhtJZN:sYL4mkxfUlnV3tQ6JtnySvJhtJZIGCi
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\cHwYj4mbobDXPEzZ_ENCRYPTED_BY.WHITEROSE
|
MD5:
aae77ddaa72bbd810b90808db1fc8f89
SHA1:
4bb69d5690c7984284c0ddf410accf6ac2e12ee2
SHA256:
47f52d2ebd01fa496e3d408650a461a3b98949062015337733612c90f05220d9
SSDeep:
6144:UI1Katxe7P5ioVoWOhLn1tF/ALkrasNXd31ObBT+:1F4DgKoFLn1Hjra6XdFEBT+
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP1255.TXT
|
MD5:
e48a3bcf376baab87af10a53f5885af1
SHA1:
60e9567634cf842d238dc32d0cfbad3d9fd2fe40
SHA256:
103cb6c9a958692ca7b6fea6c415a5637bfc250774028620a824bae1f6f94d2b
SSDeep:
192:A6FVOpzU94TRTTE18XBwkFXCZ0trFneJor2TJSwB4JIIOev:we1U6OJCooUE6
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP1256.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP874.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP932.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP936.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP949.TXT
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\CP950.TXT
|
MD5:
eb79be0b88898715b4d9d1513f76a91d
SHA1:
d5f4bb659984367e475e7b86a5a48bd6bf75b660
SHA256:
6c35f37082d8ed961fed6affa0fb7eeee1d7b2c3680730b33edc1a0455124b8a
SSDeep:
6144:j9yuMsJb262zPrqr916QSyccZaIG0rHkvuO0mRUu94xMldCcSQLMmXv0v5KMZ+4e:51+Pqh1/SyzaIGuHju9Dn0lRHc9Go
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\hjFIBiJDN5WWuvfk_ENCRYPTED_BY.WHITEROSE
|
MD5:
05247001c2b06cff2118d9a1acc6d85f
SHA1:
5195abff75410cfd8f026080d18c959fb222420c
SHA256:
1ee7b7d65bd8ea077d1f08481b0537042688702e39833e5336e3ccec88fbe762
SSDeep:
24576:uCwgBOMQEbWWf/qbkFqmIBPp52eV2Xl745e:uCwrMxKbKipV8ge
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\iAeKh3L1NOD25Vi6_ENCRYPTED_BY.WHITEROSE
|
MD5:
e58cacc29467801e744cfc06a09f5900
SHA1:
1081f467f5e863df6d79362bfcf5baf823820c7f
SHA256:
796c035afaa43bae0ef9b20fc58fc4d6a8ec4b1c26d99b2a17fea142b15d41aa
SSDeep:
192:q7KmsVWyJ/CeOCRaBIRNLYlJ0osiIW1sr/xsNYAx+ijI/Hb:C9SHBfJ7LYlKPWsLKHxhe7
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\Kei8ciUUnq0Kg02S_ENCRYPTED_BY.WHITEROSE
|
MD5:
4ea9c554250f0dd4aea571d9a2e0cf47
SHA1:
f3059d77e3c231815c0b7c342e8d2fa8a18f7ade
SHA256:
c8b440134beb846230eaabdb16a62b0cffb759473adea9b4ce61973ca4886b93
SSDeep:
192:AGvGA2fkXYGjoWbGx3SmGe7XOWfHvzFol2g3w2MsiAJF:vGfnGkW6x3SmGkO6vzi+NWF
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\leifFKiT8LVFAaay_ENCRYPTED_BY.WHITEROSE
|
MD5:
bd7ae0e0b0c11b751fa24ae3e16ce197
SHA1:
c00836b099d1ace24a0a287358c6c9b9ec501a8e
SHA256:
6a7e9d8c386e782cf2b0cca7912da4ec63855cd1578725c04cef45a757dca79e
SSDeep:
192:qknOD7eI9vhMEnyuNHRpOjIsQHVhIp46WE0/k+IHjqj6:W7eIVhMfuTbn6Wr/kdDn
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\NUmDA2rNHnqoNoTm_ENCRYPTED_BY.WHITEROSE
|
MD5:
98b2eb994689fa1ba3b943b181a7daa0
SHA1:
2a1a4b004fe755eb4a3bb1a58d8c12ed125a299f
SHA256:
ed0fc93974d972c0e8eb98b188df7a6ad80c5f56e0a777e838c4b0ad148c0a71
SSDeep:
192:Npt70ukdg7tqz/0dLqf7D5cY6DKP4QeJYTp49PNJX+i9j7aK:Z0i55qDFczd+O3F+iXaK
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\p5MC1Rh8emaeIaj6_ENCRYPTED_BY.WHITEROSE
|
MD5:
85cc5f8ab63335eb898cc73c1478ea77
SHA1:
6152304ed4274e48baf4d68b92ee79f439e3dca3
SHA256:
f601e052a0a21aaad3da451a39e2efa650d1c02c96eaef498e3ee70608cd5158
SSDeep:
192:VElZXdfDqhnvWOEOiY1P5/BSuMrAOmQ0kkaxCuZT7tVQDR0FPh:ehrouRY1h/BSuMl0kkyT7tVQDWP
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\rm7VYxdzlt3DHom8_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\uM6x2qeBQkbnlGN0_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\xeOGWwBoK73HWE7d_ENCRYPTED_BY.WHITEROSE
|
MD5:
068f1ea153f70cdcd7f200ed66620561
SHA1:
c0ce6ffb273814369a0d2a4e7956d3a4f7a79146
SHA256:
17b75216b3f64165ceeb89c13a5f280706673ec093a562ad61f5f707252cf5e5
SSDeep:
192:K5hAYVm9ObA+79X4PJzrDs3XO3MewcNr6aj:KYWm9uA+JyDqXgrF
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\yByUlydPXWrXtHVF_ENCRYPTED_BY.WHITEROSE
|
MD5:
f8dd530576b097417d384f41e56443c2
SHA1:
873d680657add096d5a165d0423f623343e8c084
SHA256:
a1648b104965b8de9577532f260f9999059b0ca3b068f66fe21ef567ae2425ee
SSDeep:
192:Sy4BW0umXBED1sCkMTFYa4BhRRcuJ7ZDI6w8u9aWrox295UjHtJfZ:SfW0QsCkeFl4BfVNO8u9kegvh
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win\YpIe6A0cEKEvvXBh_ENCRYPTED_BY.WHITEROSE
|
MD5:
4e86f53af9000ad76ba5f25922a249cc
SHA1:
3092bcb8ad346f1591a88b5da77de7a47a343553
SHA256:
d42a9267ada0b60ee6edd33d5d910ea1ab2a0480fd734750aa3036705f395835
SSDeep:
192:CD4j3RbKiprIQa7ImqLdtL5nsk1OmbALMjdjIMo1w:CmheAL3LBH1FbaMtIJ2
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.SUO
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.SUO
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\Adobe\Acrobat\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Common Files\Java\Java Update\brXWDkkOorWSffxe_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Common Files\Java\Java Update\task.xml
|
-
|
Access
|
|
C:\Program Files (x86)\Common Files\Java\Java Update\task64.xml
|
-
|
Access
|
|
C:\Program Files (x86)\Common Files\microsoft shared\Help\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Common Files\microsoft shared\ink\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
|
MD5:
4a399cb8f329fcd9ab3f990b668fd76e
SHA1:
359804684d68b8a6535a0320b5447d17618d70bc
SHA256:
21c8e6d4a764e78d5915927d976399331bc40d2a2d3eea2c8efffa83e1ae5aec
SSDeep:
98304:+RumNB9EVjA9RX+DNk/SCbIga6zYE6INFMemaeMiSsKIMdqAoE/Gej:sB9EqfXeeZNDY8NF7m9MiSJ1wKGej
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\microsoft shared\Stationery\GreenBubbles.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\microsoft shared\Stationery\HandPrints.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\microsoft shared\Stationery\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Common Files\microsoft shared\Stationery\OrangeCircles.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\microsoft shared\Stationery\ShadesOfBlue.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\microsoft shared\Stationery\SoftBlue.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe.config
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\otbDb6xp09cd1xsa_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.config
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\Services\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Common Files\Services\verisign.bmp
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Common Files\SpeechEngines\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\ALbDENB5mLtKeXIW_ENCRYPTED_BY.WHITEROSE
|
MD5:
3234bcc11b0af49a9a055d899f15fd81
SHA1:
39f6661d4c15c8ef206594013ace3a12622c3ff5
SHA256:
2dcd61882496d197106f9f4cc84faff3959fcc840abe88dfefbad821fde2576c
SSDeep:
196608:XQ8AkpvzcFqR5S4qQjhHS9Dt/N49hgxrim18UofpIG0twUANcHIXhLN:XK45JpjhHUMjm1JofpItwT6IRLN
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\default_apps\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Extensions\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\icudtl.dat
|
MD5:
3234bcc11b0af49a9a055d899f15fd81
SHA1:
39f6661d4c15c8ef206594013ace3a12622c3ff5
SHA256:
2dcd61882496d197106f9f4cc84faff3959fcc840abe88dfefbad821fde2576c
SSDeep:
196608:XQ8AkpvzcFqR5S4qQjhHS9Dt/N49hgxrim18UofpIG0twUANcHIXhLN:XK45JpjhHUMjm1JofpItwT6IRLN
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrome.7z
|
MD5:
e6413b04508793c12c35a62212d9cdf1
SHA1:
a834626eefcbe788053667d100dbf3ad45491875
SHA256:
ea79defd73a3cac3532ac891f3fe765f4190df78f4301f5d69b5f7071c4eec67
SSDeep:
196608:7/b+NZXibVKao9UVagSt+EHNjtBbDqJQKLfrH5JBbpyzDA:ngybVPcbEGPbDqucfrHB1yzs
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Locales\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\VisualElements\8kLaN4en2akKt6Qy_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\VisualElements\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\VisualElements\logo.png
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\VisualElements\logocanary.png
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\VisualElements\outWcKHREqCkYKQq_ENCRYPTED_BY.WHITEROSE
|
MD5:
e75556a76f3025a3bfa28681dd26e737
SHA1:
66936dfa2fa035024ee1a8684cf212916ebd624f
SHA256:
39705d4f99a7fbb116b4e91e0527554691c495bd6f00bf8741d12ed0cfe42674
SSDeep:
192:9X0uUbgYtYxRdinshVlHvycJyceBc6si3dN3NqHDE:9EukfIWnshzPyUuXpB
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\VisualElements\SGbd0yoZ5TW4Ck4p_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\VisualElements\smalllogo.png
|
MD5:
2e3aab57feaab4de4dc141d8d827b8fb
SHA1:
1ab038ac3456dc13c26dc001f4c93dd9c4cd073f
SHA256:
f729719bb032a1a68589e9c5ea8c2e8675504f656725f874f04ab9018c1daa7a
SSDeep:
192:lGrO/ytVMp7YbbfnxaKb1ast3s14oKRX1FF3E5TknT1NzUVhbeqbIR:lGrO/aQQb/xaKb5t3srKnfWwTg7aAQ
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\VisualElements\smalllogocanary.png
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\WidevineCdm\_platform_specific\win_x64\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Google\Chrome\Application\chrome.VisualElementsManifest.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Google\Chrome\Application\k7DG1iKFqt75ncVN_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Java\jre7\bin\client\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Java\jre7\bin\client\Xusage.txt
|
MD5:
0703a02a5465287306d4006179e0501a
SHA1:
7608b070f22a7a09977f7070021ce8de8f66b0d3
SHA256:
835d86c97f1456050bd97e17bd3615f82f7e30097b675454b86c6681bcb723f7
SSDeep:
24:NjqNaUbqGfP2x9n4tOXFkfhYz32K9ihCxKWsGmF2457r3kfXsPtTc3wOh2OCSBn:waqfuTXC8wCxlsrU4x3GItwzZl
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Java\jre7\bin\dtplugin\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Java\jre7\fvNeJIyFxUbcGyCG_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Java\jre7\lib\deploy\44mpjA4HuCWKPn7S_ENCRYPTED_BY.WHITEROSE
|
MD5:
92737683eadcfd8f707a4519a9910e9e
SHA1:
29ffdb7d31bdd7dd63f41c39bfe93dfd38ed60c0
SHA256:
033e44db79630b5cb867dfbdbff80003b7a9477c5458be3bdddb466c8c7ee28a
SSDeep:
384:C2m9t8ikMKMSY6itS+JnXOAIhHwH0VnM1XjzdKvJ:CfrAJMH6iE+g/hQHSnWd+
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Java\jre7\lib\deploy\ndUUw3FtEFVfnlNF_ENCRYPTED_BY.WHITEROSE
|
MD5:
13e1b6da77fd2f610f5d8fbbf18a7cb9
SHA1:
2463c40e728327951be26b016b42aeff9aba08dc
SHA256:
388f88e2f9c7cee0829731f6ebb8a8df7f6d7a8559b7bb57d78dc2d2d572b811
SSDeep:
384:AmTN3X6NX9zCiBUaXA01XBWVdiA2ZLNMDG7nbMa4:DNn6PCidXAwUVdiA2BNMy7nbMP
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Java\jre7\lib\deploy\splash.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Java\jre7\lib\i386\CTsRawvSBYjWf7AO_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Java\jre7\lib\i386\jvm.cfg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\3MNnDS2juSeFfZ59_ENCRYPTED_BY.WHITEROSE
|
MD5:
8e8de84b8db53d9d36a523aae3f880be
SHA1:
ce83fe0300159cd3e4ad07604418afe092e05382
SHA256:
120ad4545f6f8f1d92bac9384e5235d6a230027089278ba7d5d6f1541af4d9f5
SSDeep:
12:4tyZ6jiuNc7L4eVGlLKvrO2JWuxQNXPMhe6K:4ty6NCVGCp3xQqS
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\6fwwzXn8pC6ZQXmc_ENCRYPTED_BY.WHITEROSE
|
MD5:
8997ef80d9b76b232c92fd8de3c96613
SHA1:
3bc8f9a0ec712519c9a3774022ba0c46d1c47591
SHA256:
e4b75381875abae191dc2ee2a840c21d40ad938fcaa1f17766ad91304e84e1bc
SSDeep:
12:4tyZ6jiuNc7L4qrmf2G9ThM7sG2IY9Es1OpBih:4ty6NZf2UVM7Mr1qih
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\AWoCgYHjv4hC8tMW_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\invalid32x32.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\QBXzVsxIskGiYdz6_ENCRYPTED_BY.WHITEROSE
|
MD5:
a6b5d219828e94b53940f156712445c1
SHA1:
1cd8b1290b9a4d1ef21a4d706bab24bc6c164b8c
SHA256:
976aaa933b31cc9f55d8de4ef99d9793d76a33f25c7f2a48a02801044bc03232
SSDeep:
12:4tyZ6jiuNc7L4QQjl93aDO5ne9p5xHA1N:4ty6NLD3ao8p5lA1N
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\win32_CopyDrop32x32.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\win32_CopyNoDrop32x32.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\win32_LinkDrop32x32.gif
|
MD5:
2aea2987786b5a427884757c868b9813
SHA1:
12c058985bbfb26e89a0fb8da306c1bd8ff519fa
SHA256:
bfac4ff42db5527c287b55533377ad6074dbcf6e436420fff7c69b1d4bac1b7c
SSDeep:
12:EOkz8IdUAlwc2OzEMH14mgK3wLlq9wbEyB+yetAq:Xkfblwcn1CKwpq9wwyLeeq
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\win32_LinkNoDrop32x32.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\win32_MoveDrop32x32.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\win32_MoveNoDrop32x32.gif
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Java\jre7\lib\images\cursors\YdT4Zt5tn2GbHnYl_ENCRYPTED_BY.WHITEROSE
|
MD5:
7d702fdc5de977537d406f00a6e16f9b
SHA1:
63f11c7135e04fbd7875312ce2e78429f55395dd
SHA256:
6c3204aa3890694429fbdf7709751a12436ce67fe3f666b641f8ba9678c1493a
SSDeep:
12:EOkmVtPes0w8Tt4WjgqxNpM0AYShDPq0qj72CEB:XkmVtPwDTtbjgOxAnDySvB
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Java\jre7\lib\images\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Java\jre7\lib\jvm.hprof.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Java\jre7\lib\NoOsF7cixkx5YEiK_ENCRYPTED_BY.WHITEROSE
|
MD5:
728dc41423d87af8032359280b752772
SHA1:
50ce50f0264328f6f086fe2dcb21cd6de26fef27
SHA256:
9e54e9855a0856f5c701f956285392e75a1a40b91ac908b69dbb5e349eab159f
SSDeep:
96:g9XSgfRRx/6WTApo5VPP/FHJGeCIS6HHsxokeh9d6fmkn8mhJPh8:g9XSgZqGAy5FFkeCZ0sykeh9smk9A
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Java\jre7\o4yw6ounfttVr6eg_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Java\jre7\README.txt
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Java\jre7\THIRDPARTYLICENSEREADME-JAVAFX.txt
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Java\jre7\THIRDPARTYLICENSEREADME.txt
|
MD5:
d7ed145647beb2bab1004778741cb744
SHA1:
f4b15798a41a468bd082af5d840ec4fbe63cda10
SHA256:
a1525032d07a5edaa5dcb648316fa7b7b7b34a7b936bd4a676fa80e050bd6579
SSDeep:
3072:hNzm2uo7vNj5nK4PBc5be1vxWutF2yMk4zEXpF1V+KxWrSG2gxH6:K297nDZcg1v4ubtXDFn+Kx0fU
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Java\jre7\Welcome.html
|
MD5:
cbec0bd546f1c265cdbfc9daa70fc661
SHA1:
b0b6fc078bb582f817d7846020b30cf51b253f5c
SHA256:
3167f003410a0bf44d57109327f7126226844537cdbca0b40a48d3659b846998
SSDeep:
24:kJwnVnW++cFcUvDqIdHZOqvTDeBgdj3rh4JNmFJOt9lSj0SiMCX/gF9i:kJqlW+PrvDdOq/dj2J0fiMUgq
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\0ej2Ls7LCTfDnnam_ENCRYPTED_BY.WHITEROSE
|
MD5:
6cbaee64ea2f8936eb2bfa13918070c8
SHA1:
088a7f9707325e1579b8b3c6f3878f3a72f5fd8f
SHA256:
899790bd53dae70d4bfc2c78ec96673aebd01e64c87aacbfe13128260c790473
SSDeep:
48:DBXVUhpKzzRyLMn/evKITeHniKeYWj2xqS5YC6qetVp5ylGSO7euDG/+F:DBXVULpLAEKLHnpVbxY17vEzO7ZGw
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AboutBox.zip
|
MD5:
89157eed16580e53fab7996756ace2c0
SHA1:
6c1d2629439ae88797f0ef0f15a62e26ebca1bf9
SHA256:
b4b1a994ddd992bf14d18cbf22e6c7d1f01cf4331777d93c4722ff4a4aa0ebd3
SSDeep:
768:yNvDL+n0VhvexmAZZMWSYkon3PcaCiG5+ObTU7KWhyRrl5xazQXaMV0v8Pr8SmNz:iq0VhrwZ9YonfcaibggRxazQXaM2v8Po
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfig.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfigInternal.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip
|
MD5:
50825e3bb31f19f9320ec94445bf637c
SHA1:
a44513f361e7e1070b1a155cee9ab05a6fb40889
SHA256:
d43dc16dd7bed233e7536f63993f13ba7ae10fbf35f7d4db8c3f69185e3904e9
SSDeep:
24:I0HRUoLsYjrk+zinrAK1I08vSCp8GMTci4saDLnj245usRssVMc935udo2f:IuUoL4zrAKyp/p8GUuHeBsrDudog
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfoInternal.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\bNdlpS4BJKO8WZg0_ENCRYPTED_BY.WHITEROSE
|
MD5:
27f64556028d9ff3a6fd0840ce01d0dc
SHA1:
c548ab526ee6f77ebe27580953bf5296a9b3b879
SHA256:
d856ed6825af02ae5e84e1a8273c598813b0dfd6fd2f8048e98097d0a2c1de93
SSDeep:
24:vmgm7Ph3jZrexj24XO0b5mYFfiqwsB8i5CquiOYoiXwEfcU:vmgOPhzZrujf95mIijwVUHgxx
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Class.zip
|
MD5:
7427562727bd8afeb9e500d2c2f554e0
SHA1:
9155b6a6cd0a54888ffb5bfe84d0a61d32d815f9
SHA256:
c61f5bf9b0872fcd5b2b710d65bd0d0ced3ea7383c186dc4110f274b8bcdadd7
SSDeep:
24:IqfDkPQMYvwofiA5lykN80Ru068URiiSN3izLrzM1doGiG:IqfIgtiAzBDiVG3izfzMTpl
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\CodeFile.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\DataSet.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\EmptyDatabase.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\fgWtkXpoDvEqvYAd_ENCRYPTED_BY.WHITEROSE
|
MD5:
5ffbe9e884d993e81f44f4951a0d0e10
SHA1:
4887b2c752d1e46fce174a049bb2fff55087c349
SHA256:
7db492f6422962457bb7566974128270759e3375d158ca86ac28f4b058d8f032
SSDeep:
48:DBXVUhpKzzRyLMn/evKITeHniKeYWj2xecGc5pS3ydD89XaL:DBXVULpLAEKLHnpVbAciQD8p8
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Form.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Interface.zip
|
MD5:
00465d1f85f164e25275f1519112a339
SHA1:
a91193292e801073f1713e9f228befee6072b2d5
SHA256:
f62a613d21047d3ff68bcb42d8713b81e63ac0c262b4e8c7c87220cb411e6080
SSDeep:
24:0KpL6mu1YNY8Cj3SEknxfAjkM+nZ+nHxirG5dC6xT:0r1e3CrRkxAgBQnHXd/xT
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\kYeplwmTetGA0s4h_ENCRYPTED_BY.WHITEROSE
|
MD5:
0dda9991d80c30c46aaf91453ffd7498
SHA1:
65f15647eddd205daad3781593aa0762786433a6
SHA256:
6e4106ade37c95cc678dfbad01d02fb84721ada1adbadaeffbcbd6302091f1d6
SSDeep:
24:L7voosg1yyl1Ju9bLT9bde3kDSe4K07tl/j4OstlodcU6T:L7ug1yylHuvU3kIzutloSUu
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\MDIParent.zip
|
MD5:
c51869b18d7f3a804dad6f885553feda
SHA1:
47843466e4b2d6933e4fe305ad4e187c92ea2801
SHA256:
2c7e67281f100dfa7e58f58d850c0d2073bf9d6a3fe342bf54317f6a3dee2d15
SSDeep:
384:w4x4wyZqD3v306Mc4MVvVn4Halj6vDajzTJTz//wYMjE:w9wAY306H4GV46J1Nw9jE
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\NH4i01RyfZRSgnF9_ENCRYPTED_BY.WHITEROSE
|
MD5:
252ecb4c5c7337ac605b234b6a8f8cc8
SHA1:
f8dbf1e7cb9ca22af0e6a21081a2d287928d5b76
SHA256:
f1a336641349cedb087e6eec58d851e5033bb647d8a42739ef7e44604ebd1a10
SSDeep:
24:eYnplOPlVHHGwSczZlpC/JJDAaXGWX6SyahqWMyizZ8bLLY5xh5lT6:eGvO9HzR0jJXKYVL6hfT6
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\OYDjPITVfKyYRMHS_ENCRYPTED_BY.WHITEROSE
|
MD5:
2597fdbb7323fd49512f30a276791856
SHA1:
49d9df3942feca859cd380574b3a2c3d2185ff9d
SHA256:
380b5ccc35b49d5b68590dbd0cb8bc0d1282106ff419fa4ed87eae068e5dce75
SSDeep:
24:5g0cxakhoZSmJVyTiVzGNZZqVZKtW88VZ2vSxBxg7xlQY/yMLUwr:5sxavZzVZVzGIbljxPXY/yMLr
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\PknxeKvlsAZdoOwj_ENCRYPTED_BY.WHITEROSE
|
MD5:
b397ff9334fb2065f4666925b86b1b5a
SHA1:
6a0d056fb633ad6c80e8037af6e94a0c1589c520
SHA256:
cabd7ac3ef80282412b036eb7e6038bfd5a7040329be4a382c2311b21fe3a0f9
SSDeep:
24:IaPSUfZcdPkAjKXojxuzZZyAOn5KPjIWEBcc7bxrWAis:IaPNfEPkAuYxOSAk52vEBc4bpvis
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Resource.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\ResourceInternal.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Settings.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\SettingsInternal.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TextFile.zip
|
MD5:
8e0b5654bc3e3367280e358ae4fc0551
SHA1:
afe24878b9ab417fed9caf569fbe2cb794ca284f
SHA256:
09107ddfc9bd4997316898e12dc2146cd1d3d810e2079b26badaa8b25a56c0fb
SSDeep:
24:rh7Q6my+v+ZQQkmNi/j4T1+MODVsyhdOr+QA047p:r8PvuQQHNi/j4TIJJsyhHN
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TFWfQhPpRIA8tgaW_ENCRYPTED_BY.WHITEROSE
|
MD5:
38a90cb80c6680e52fc66709866ae699
SHA1:
886b890c627edd8a53a13da7d342947471d8114d
SHA256:
f290f72a7ea8f41a7448157b81bbbf10beab146669c35c1bef54118e2886db65
SSDeep:
24:vmgm7Ph3jZrexx50aaT/8nDIVwA85WiZZH8S4euJRRYTrmmUltciJbELodn:vmgOPhzZruf0r8nU/eGyij5Esd
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UoqGEl5ggpqCzmPP_ENCRYPTED_BY.WHITEROSE
|
MD5:
480d98b5b53408fb09023097a7714431
SHA1:
13d2c85c428b0d6c1ec3cb3b47356ebe1563504f
SHA256:
0599bd56efd0f79556bc72c8ae24a2012032b85aa073eb8f996f11954ed7541e
SSDeep:
24:I0nIdYo5JAjEKBTCnF8q00NAHkqc9SznqU5y15TC1TJSkAVeMNt7Q+FNd8UXfgfX:IFB5JVKRk8mNikqcoqUKlCZckGq+Z8uA
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UserControl.zip
|
MD5:
6fe0fdb495219bf13740d059c853a123
SHA1:
152c25fe2b7d2d3f45f7eba9f8c73100c1019490
SHA256:
c5413b81373d6d61126689686430a1a51e9db3ff8959a85edba330ff60496af1
SSDeep:
48:wgrSf/1M4L/c3gFJAYcFXWBJlQSF9E41kyjx:j6tHjc3gFuL6lNx
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UWvhw1RNRshb5GdG_ENCRYPTED_BY.WHITEROSE
|
MD5:
e8eebeca949231e7ddfd9672f9711411
SHA1:
6e494a7dece82d7f9e1fc0e85bc1d965a020b57b
SHA256:
89668f615ddaec7b3ac893b120ed141b38c3042160958fa2a13d5079ad9d16f1
SSDeep:
12:IL7bsvG7WzIon1EqqwlK1ua2sNpDlCdvvdkr7nyzh/MWN+7XoFycMM/GA9YyR:IL7AGQnBqw8MsNzoHkoxnONM+JyR
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Visualizer.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\vQkef0FJoHkXp5BF_ENCRYPTED_BY.WHITEROSE
|
MD5:
bf6d0e666547782fb53158cac1007019
SHA1:
cdd9d4e192077726aa5b52d3fbae60d088f4f70b
SHA256:
079e488585f326202562f94f2f5669328c021b450ddbc41e5fcb2e88b4f6553a
SSDeep:
48:NoXeh9eZDIj2Mm32xpPv4On2prSJ6IBYtLltbvdhGf:YehsXMA2xtgw2prw6BZna
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XmlFile.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XvoCapPDZjQGBhis_ENCRYPTED_BY.WHITEROSE
|
MD5:
7c73391b3bd5f4e28566ff8a3ea564ef
SHA1:
96896382b85da6040ce9b89ce482a5c54a662d49
SHA256:
e64cb6a6997280c47ab1d6420c1bad45647df5676ff3ebd1320ebaead5817301
SSDeep:
24:2XqrFJ4EK6i68LuwIdgVyK02xN16ZoK4yXgqtCn3w2ARMa7HZpwUTYj66q:7rX4ETAIOAK02xX6ZoByX+gWa1FL
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\zFOBAfFXviAwx6Jb_ENCRYPTED_BY.WHITEROSE
|
MD5:
d93f24f5b940c6faa94b3802e0a319de
SHA1:
6f6eb888c20cd329a16a38f1c00b2730f6fb8797
SHA256:
0bd0bd402a7cdf5bf4ea32f88b9b7115df9ae6d7b2b7cf2da57773b8e5cf82e2
SSDeep:
24:IaPSU//C6eEq6uTVP/bJ7Tf5CpYaXV6Tvwhp9oHK:IaPN/re96gBFwvwjyMHK
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\3yXCe8S4BtHT6o2F_ENCRYPTED_BY.WHITEROSE
|
MD5:
cc7643c0c8b4ff15e9c9f662eef0eb18
SHA1:
34de482780d1aee8254e5ceb8a7a0419f247fe99
SHA256:
7e00f898fae5ffd5e19c578a552ef12b8a0e1265b774c863069f5aefeab82681
SSDeep:
384:2M6MHDapbutWALVz2KM/JYKIGLS/uhGBYQnk4fe2cc4QJcrsN/Zs+waRouihy8X/:2FMHQIRz2ut0S+7QnhfeKJgKNm/Xa87
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\4erOsWFdHE20DBMN_ENCRYPTED_BY.WHITEROSE
|
MD5:
32cdb74afb02f07e955d084897489532
SHA1:
dfea231d54c82ae58490e2e64aebcf5d1ae41e50
SHA256:
9a6a1314f6f72a8e4ec8286f81d815bd5c1fd2709f7b77473e9d2d369a2995ed
SSDeep:
1536:ukgdkSagYZNuIp1uj8w3FYmKkxmI1dOOp1mooHEjXhBO/w0eREM2q:uXGSN8P1s8wPKkxmU8OcxohBO/vOt
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\6pREql8yuh15fm4Q_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\9YKZ6K5oB0yxNZ0C_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AppConfigurationInternal.zip
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AssemblyInfoInternal.zip
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\BznryFvk83vpqn61_ENCRYPTED_BY.WHITEROSE
|
MD5:
7eec4b2f7b44b840b01a250a74827066
SHA1:
5212a32974b1f122ff830f6f87844a1665bb48ac
SHA256:
fa2c482591fcbefc75901384201ad842a614eca7ec076c3155e76bd803afb2af
SSDeep:
48:bzdOB3ivfWwptpACU9r+Pl9z6P57kLfcM:FYIWMtfUAPS57kLkM
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Class.zip
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dataset.zip
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dialog.zip
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\EmptyDatabase.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Form.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\goRWldTxXYwVTpnc_ENCRYPTED_BY.WHITEROSE
|
MD5:
ec73710326740968c926c7a0d649733e
SHA1:
9810e68b9e49c6408b77160aad74045763dffb50
SHA256:
417535c5acd48d74388953cf09b633f8ad59f78e0b52aabcedf43da2b3b98197
SSDeep:
24:brv0LQ0PDWDt0sDZ6sPodcOV40FOIin4dFrAwf8:br8Lbs61dhFn2/
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\I5Vjgv4rxA3D6D61_ENCRYPTED_BY.WHITEROSE
|
MD5:
f1e20a83e08047a6711c06d0a1327aa0
SHA1:
6e4d81a9cfd401a9b4ed695e1023351596e694bc
SHA256:
149338eb131849cf960930a2c21ba4200233899945bf5426ca075c0a29fd3413
SSDeep:
24:a8p/v4oZLzfFzIbVMvOfhnI80MN2y2vGDfaByS3yS8m8Lwf6uqpuxbDhH:jnLzFzIbVMv/EwGDQV3X8x8SVp6hH
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\JpFxFxFRKrsTDGVs_ENCRYPTED_BY.WHITEROSE
|
MD5:
9f2f770699689f3f1bcb8b958bbe1e22
SHA1:
a716ad660b71ca7e484cdeb2b83f80030f94b102
SHA256:
3ec653a539eeca12565bd36d3979357eaedfa32c31e667e1b1742d9a3b259b37
SSDeep:
24:QuznqV077zPQopEI0FlvvBr9uyCwdYqX6NPoXMzftgOxrEg1r1gaAlO71JPuKNCm:vOeTE73V9Ai6NPoXMzlNWna0Uzgu/P
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\LoginForm.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MDIParent.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Module.zip
|
MD5:
1080a942af3d321332e0eaf657a7b308
SHA1:
9fbcb258a95b60beae1e9f49d19c10015c4bf550
SHA256:
52155d07a2450d037647ab494bf42d87170f3f65b6930d029d7d3e2b1cf7b9d4
SSDeep:
24:QVw1SOK5XtfDPhLbc0BFVZVBlKMQHXaMpAoCh4:mw1SFNDBhrVBlKMyX52Lh4
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MZyRjWCHRh2nbh1e_ENCRYPTED_BY.WHITEROSE
|
MD5:
1596c1dded985e45e5a3e9656c012885
SHA1:
3d51ce418764059fedbb87e3babc1f33f7ab0989
SHA256:
3ddabdd1e45ed97ea0f1898e1867df4b29b961a9c36a61f00c65101c4a791504
SSDeep:
768:jm/1lbjIOGLrxtSr8CguUWGQNlgfuU0jso+YYMwyV+9AoCJpBtzPoULWfm5qvq:y/H3ItfxtSfwQNGfuUeso+YY8WoRtzAM
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\qbcfnDRCFhvIdk3x_ENCRYPTED_BY.WHITEROSE
|
MD5:
b95f6d47e50297b4aa5249f6b1443c23
SHA1:
b3ea892d1584dcbfafc0ca4ce4c826a04663f3b9
SHA256:
55ad731f17440550a5cb190ba8f7d838827eace0c28786b1227ca7f1570f1e43
SSDeep:
24:nrELIVfS08YbvipjF+88JtJuoaDMyaTA16NpHfwCCz:nrjVzJbqRF+88JPuDDMbNvp6
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\ResourceInternal.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SettingsInternal.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SplashScreen.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Text.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\tRgMKlowZfMmJzU2_ENCRYPTED_BY.WHITEROSE
|
MD5:
e5a9fd06b9843d91b4aa529bfe8b9b93
SHA1:
d319370183a6b28c02758bcafec57535653b8a1a
SHA256:
e4d3ba4fad737c95f347d676894b66f89baf7066146816a0556a81d6a010c83f
SSDeep:
192:dnC4DQfhM2tusSRBu94tPJFXu0OFQXMJLwXtBqtwMHe3Z73Vpcqfo00hyB/V60aS:dnlF+45XWt+tKHCZPcm908BVl
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UBukoW0sMY2fUrov_ENCRYPTED_BY.WHITEROSE
|
MD5:
ad46230d948c65301d35a9ec41549cad
SHA1:
5de93233a6a135036d2f3e8b1164b5fc9a3f755c
SHA256:
4c9b890ceaaa5a1192ddecb8d0187d8367191cbcbba3c9a41066edd7daacfdda
SSDeep:
48:cgF5vrPQF4Q59n7xhS3WvdKGTDtDPGwKAjBtDWVhEeSv/CwIGNsOWiq5:zvrPQeQ5vhS3WVJDPGwNtDWVhEeAOi5e
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UserControl.zip
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\x0ExdOBcvOalngEH_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\ZrYHJ59GTzgP4sx4_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Microsoft.NET\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_client.xml
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_extended.xml
|
MD5:
83564da900c8b6fe0f2e926fae2573d9
SHA1:
52e25bc9ecfff9326eb7adcefeb5664e55049078
SHA256:
e1a29a297cf3fbeef781e648ca4a48db5773a45551e6b67cd5ede0644da44453
SSDeep:
192:K1xf8qVOCGGM2949z9BrejMz/H/T2ObjHnYwY9kjJvhzv:y8q4DNdz/ejI/TDjHa9kNt
ImpHash:
None
|
Access, Read, Write
|
Modified File
|
C:\Program Files (x86)\Microsoft.NET\RedistList\cV9Nq0wK3cGBir59_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Microsoft.NET\RedistList\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Mozilla Firefox\browser\blocklist.xml
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\EdrXWn4dqZM5XCXt_ENCRYPTED_BY.WHITEROSE
|
MD5:
f6f9965ae7a17ed4cd7354f0e6d2552b
SHA1:
ce17a245ca49a81de8c13b7c516a26d35b7ad90d
SHA256:
77db90d252892fd1f951ae39c1ece0acbca6c9a1201dc3376d21ad91614c2556
SSDeep:
1536:ResoZUmLLckStseBJSOBXoG3yb4atLg21TDL/S97FyhxYJT:FoZUIokStnJH6JtLg2NfSOhxYJT
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\xbPulTJAomogP4xC_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\07Er72xxVBq3aqVB_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\DpMkn1dkPbdoTUvT_ENCRYPTED_BY.WHITEROSE
|
MD5:
74fbbc219113bea437abc3cec058445f
SHA1:
9ce62b98111d5f3be8e72b4427452116d3ce1982
SHA256:
b22c2ac17abc09957c5087151d561b3ad75253965bbcd2287c42483618de44d0
SSDeep:
48:Ls6o8sE5NqIVhtxcnlFcqRKg27i8lQC/S4/JqymqoD7jPbyHE1iR9xhSQ:qvQpZOnlyqMgc3QC64xqBqQjyHRzbR
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\hCqJqItfDbIKVWxb_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\KroOXuyXQNCc3uVJ_ENCRYPTED_BY.WHITEROSE
|
MD5:
604a06047b191f44ed627a58e9a1dfaa
SHA1:
f0fdde67bcf08a2489e29ab27f112307f8f527dd
SHA256:
bed40c13c081b29450d52afe89e0f97b1bdde03d5204b4fa012153d634859b32
SSDeep:
96:qvQoYN4GQ52ZlcIqo+G7yyCJE7rSNmJ133nOmYgT:vNBQ52ZlHcK/Pj33nuY
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\oF4c2cNTFN8x5wW4_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\uS143jiC7BWG0nUi_ENCRYPTED_BY.WHITEROSE
|
MD5:
02b536797dc8ac0b80051814d27f3379
SHA1:
41d554ddef06667abf4613992f721c72e7d2318e
SHA256:
75f1b1eaa7d4ca8e7d722c57726dad254c29584615b6587ce185b4f3c64d1da8
SSDeep:
48:Ls6o8sE5NLJ7LiEQZ3Yl3SPrGqmJbknn5pccIQqiL1zlPoZRvCoDAK/EhQ5kh1nM:qvQhJnin3Yl3SPrGfVknnSAzlQ/PD//3
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia.xml
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Mozilla Firefox\ctcohNjgDgyaMLsZ_ENCRYPTED_BY.WHITEROSE
|
MD5:
2e8a9af2879879d21d938e726bf08729
SHA1:
ca25c5ef77755f0f31a9f87ed9f3dd89a7a7537c
SHA256:
1afbdf308d18647e47b4b4c30ed84a8bd19efb38e11bc8c84c9676f3521d502e
SSDeep:
384:gTxco6HBpzMaoyZwsW/UJ7BCB1+AqoJ4V7KbXUxfxLjM+2xr4We39fx/SDWI/o3o:K6hpMNsGykL+AfylKw5Gxcb9OLA8IC
ImpHash:
None
|
Access
|
Dropped File
|
C:\Program Files (x86)\Mozilla Firefox\defaults\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Mozilla Firefox\defaults\pref\channel-prefs.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Mozilla Firefox\defaults\pref\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Mozilla Firefox\dictionaries\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Mozilla Firefox\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Mozilla Firefox\install.log
|
-
|
Access, Read, Write
|
|
C:\Program Files (x86)\Mozilla Firefox\uninstall\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Mozilla Firefox\uninstall\uninstall.log
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Mozilla Firefox\webapprt\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Mozilla Maintenance Service\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Media Player\Media Renderer\avtransport.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Media Player\Media Renderer\connectionmanager_dmr.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Media Player\Media Renderer\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Windows Media Player\Media Renderer\RenderingControl.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Media Player\Network Sharing\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Windows NT\TableTextService\en-US\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceAmharic.txt
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceArray.txt
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceDaYi.txt
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceYi.txt
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\drag.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\icon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\logo.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\drag.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\icon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\logo.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\drag.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\icon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\logo.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\drag.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\icon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png
|
-
|
Access
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png
|
-
|
Access
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png
|
-
|
Access
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png
|
-
|
Access
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png
|
-
|
Access
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png
|
-
|
Access
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png
|
-
|
Access
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png
|
-
|
Access
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png
|
-
|
Access
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\logo.png
|
-
|
Access, Read
|
|
C:\Program Files (x86)\Windows Sidebar\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\ProgramData\Adobe\Acrobat\10.0\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\ProgramData\Adobe\Acrobat\10.0\Replicate\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\ProgramData\Adobe\Acrobat\10.0\Replicate\Security\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\ProgramData\Adobe\Acrobat\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\ProgramData\Adobe\ARM\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\ProgramData\Adobe\ARM\Reader_10.0.0\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\ProgramData\Adobe\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\ProgramData\Application Data\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\ProgramData\Desktop\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\ProgramData\Documents\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\ProgramData\Favorites\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\ProgramData\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\ProgramData\Mozilla\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\ProgramData\Mozilla\logs\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\ProgramData\Mozilla\logs\I8J3eVKVuSq2Ipgu_ENCRYPTED_BY.WHITEROSE
|
MD5:
60eb67c13aae8068afa985cd39d5719b
SHA1:
84d093fadab10725b1d1b535f35cc3a7039a1b37
SHA256:
28c4c0f5e2eced242210328343de2065cd4d189674fe371eeab50115541fbd8d
SSDeep:
12:shG4ERXxxzx46qF08lvAgPMc10XporzU42H:l4K3xu08J2poc42H
ImpHash:
None
|
Access
|
Dropped File
|
C:\ProgramData\Mozilla\logs\maintenanceservice-install.log
|
-
|
Access, Write
|
|
C:\ProgramData\Start Menu\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\ProgramData\Sun\Java\Java Update\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\ProgramData\Sun\Java\Java Update\jaureglist.xml
|
-
|
Access, Write
|
|
C:\ProgramData\Sun\Java\Java Update\TizQXjdwxpZnZbLy_ENCRYPTED_BY.WHITEROSE
|
MD5:
ac70552d7c769a7a59fb0fd1dcdaa7ad
SHA1:
9db560670ad1500ec9ff2bfa39bbdd3c72943348
SHA256:
d86da7e40c13d317236fc3ebf3bd1520779e9a64d2d6e09a7e878560bf600b1d
SSDeep:
6:QQd6ztS6NUHso705MbyPe7ofbL8J2bFcN8KbsFhJjM1tU9bU21nGtBaDg4Wef2RH:F6zqMo+MbyPKofPKnAFfw4J96Cg4mR/v
ImpHash:
None
|
Access
|
Dropped File
|
C:\ProgramData\Templates\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Recovery\e9e23962-4a25-11e7-88e8-91fb2ec43f0b\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Recovery\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Adobe\Acrobat\10.0\Cache\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Adobe\Acrobat\10.0\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Adobe\Acrobat\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Adobe\Color\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Adobe\Color\Profiles\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Adobe\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Application Data\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Apps\2.0\Data\CJW3O3KP.BX7\6NG60CXZ.9GJ\goog...app_baa8013a79450f71_0001.0003_290679d077f4cfec\Data\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Apps\2.0\Data\CJW3O3KP.BX7\6NG60CXZ.9GJ\goog...app_baa8013a79450f71_0001.0003_290679d077f4cfec\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Apps\2.0\Data\CJW3O3KP.BX7\6NG60CXZ.9GJ\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Apps\2.0\Data\CJW3O3KP.BX7\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Apps\2.0\Data\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Apps\2.0\DQQ19BCJ.JAX\YVORLGOR.PNT\goog...app_baa8013a79450f71_0001.0003_290679d077f4cfec\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Apps\2.0\DQQ19BCJ.JAX\YVORLGOR.PNT\manifests\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\GDIPFONTCACHEV1.DAT
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Crashpad\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Crashpad\reports\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000003.log
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\nm8HzASWqe6G0fi6_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extension State\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extension State\JBnIEdQu2bJKCUTV_ENCRYPTED_BY.WHITEROSE
|
MD5:
87faa32a304c06b3deb076d5ab2bc6a5
SHA1:
35c9cfebe51df14d3c841c0dda5091cb1fa187c9
SHA256:
f625a12cc34207a6fea163921727d334f462fea31496ed68833e2b6aa7f2a6fa
SSDeep:
24:uDXzNigYsW4GRNkhERWMTnHkv1nmfvenaYfmTGASeLsumo4+nFPOPMTPGlRx+:UMgYCGrWQEdmfTYfpC4mTP6Rx+
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\C8QQWnjnzCbwYDSV_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\icon_128.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\icon_16.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\main.html
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\main.js
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\PgfYPGyHQXHidrtk_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\Ve9VvYwzrFqxqlZ9_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\w0YSf7kvYUsiLJm8_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ar\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\bg\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ca\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\cs\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\da\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\de\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\el\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\CmVJhcPfoIiqQBkm_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\icon_128.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\icon_16.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\IkOGYvO81r2F4vQa_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\main.html
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\main.js
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\pcvBoVBW0oNFBNKX_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\128.png
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\OyLw1CjRqfRO9mOq_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\128.png
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\4Lp5vLXMZA86tq1p_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\4iuFnqKiADYEXKog_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\icon_128.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\icon_16.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\KaczOQw8IBKEv3h4_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\main.html
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\main.js
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\NK7UseuXQsi95EnP_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\RiZe8DrNXjRCCftB_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\128.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\AhG548ZZNa3GctR2_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\contentscript_bin_prod.js
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\eventpage_bin_prod.js
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\JOsmoOUGwKjoY1sB_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\page_embed_script.js
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\SldEKuQoejB8Jv5b_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\tf5BtDElLyES5Tra_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\bg\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\ca\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\craw_background.js
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\craw_window.js
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\css\craw_window.css
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\css\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\css\uV4ElyV2G6nWVFD1_ENCRYPTED_BY.WHITEROSE
|
MD5:
5a8a79397ce99997715d4d89d825ad0a
SHA1:
f65faf10810a7ba428906f827107fe8781c3a9a1
SHA256:
d88a578bf8125e2ccb7b5d83a8a439bf88d93712bf36c02044c686c3b5f139ac
SSDeep:
48:+1yqgeivTqssOSDaxEy8L1SoypWdQJJ1T9KYzUspTI2bYRjqV:+IkibqssruBQ0MdQJjDrpT3a2V
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\html\craw_window.html
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\html\hmsDd9P1rHoj7Rju_ENCRYPTED_BY.WHITEROSE
|
MD5:
bc9665dff290e29eba3a4ab73e5a2bf8
SHA1:
50473e539698308a56a75d32f0b3eb6cd67b43ac
SHA256:
5003c04610755b640e013e1e82bc3a0e18674587e67253c9e978a4ddb8a79d97
SSDeep:
24:rsuH4qEexi8eVA0AjGHF1O4HkPf6VYILvroGULB5e7gF5vkTgemb:zxi8eojGHnO4HkPf6VvLrozLBdrggemb
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\3O5SiXzEHvJNcKj5_ENCRYPTED_BY.WHITEROSE
|
MD5:
7fb011160fc8119c9ecc279250316895
SHA1:
f504fbe910645ef4c997552962148d8afd6a7ae4
SHA256:
5714d703503219c9d6ccc4b480c2162915f5818426ab3c2cd2cea0e69b9acb71
SSDeep:
96:80JoXguUaOBkG1jtsSHclZiLo3ORnmOTWbOAeFxacQmP60nsJ:80J9bsS8niLo+RnmwUum3mXnsJ
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\aZ7XeBTWceAgpd7b_ENCRYPTED_BY.WHITEROSE
|
MD5:
1d25f55184b3127aea80df9a3933bd1c
SHA1:
85e4c38ab5c413f84f8f16feeadf92f7691607d9
SHA256:
7c9e33736a7c662d273e59bffa61f195d610d58ca903dff13c9895b7392efe5e
SSDeep:
12:5bChGNEqduHO7TzrOjXUkT/5EciW0gHr2GFfCc5:5bwGSvu7c4gHqG1Cc5
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\FidQwAzJ8OnD0HGs_ENCRYPTED_BY.WHITEROSE
|
MD5:
df177144dfe1e479e2d842d1af02bd70
SHA1:
e8196b26fb1aaf90fe21f4b28bc626e98a532fd1
SHA256:
1729342c2ade240dc87225bf69c91d83720f1c328b8079c29797a257f221a2be
SSDeep:
12:5bChGNEPCw2qiV9fD2YjwdC8q9CZcZoQwSH:5bwGSPjOF2OwFq0ZcZoQwSH
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\flapper.gif
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\icon_128.png
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\icon_16.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\JFMNJmmsPsuNL3cQ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\MkQi86Ul0pLrhh6j_ENCRYPTED_BY.WHITEROSE
|
MD5:
aa7cec384a815dd30915fa5f4f065047
SHA1:
abf435bf8a5393a34db7422892a201b76a2f8480
SHA256:
87f3f1815740682f92e9e7884971976fd84d5cde74bf30534976f56bd7ad7c86
SSDeep:
6:lxBikbCQEG151qQvMyYYEQZES1EDYvnGvT+sYPebzsdPgeHnTeriTrh2n7MJb/l0:5bChG58yT6SvOiRIkPghwrh2n7Av6V
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\PDFKqEkkqad2YWIE_ENCRYPTED_BY.WHITEROSE
|
MD5:
5f9a4c3d663bdadf3e38bdf993b48eee
SHA1:
47deb20c1b5232869a1831d546fcaa459c5c8a69
SHA256:
09558cb3a71c54b79c116dd90d90277d809b1c6ade84a6436e4c489a061fec91
SSDeep:
1536:oo8F8TdUN7Nv5Xf4AVjZ3X/TxLWaUsomX0AELbcxU6p:n3ONv5Xf4sFPTxKhsoQp
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\topbar_floating_button.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\topbar_floating_button_close.png
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\topbar_floating_button_hover.png
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\topbar_floating_button_maximize.png
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\topbar_floating_button_pressed.png
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images\x9bLBWgrA6vaWdUk_ENCRYPTED_BY.WHITEROSE
|
MD5:
6218b178adceb1900d7b6c1abd598385
SHA1:
aaa05d2b9b8c2f3bcd73daa7fffe64e5840fefda
SHA256:
6004611eab7828afe0bfbae6ffec9b01c56edb24dd60d2f4662bb968db14cf48
SSDeep:
12:5bChGZDTfE1UmdbI/g9jQIV/VB8pOEhrB9qEdVmb:5bwGZvE1UmjQIVtB4HrdVmb
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\MtwSMwsAPIA4uek6_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\Q3pcqVpqXy0x3RqR_ENCRYPTED_BY.WHITEROSE
|
MD5:
6ff7705bd061567d3b11a691929259bf
SHA1:
415790dc59111f644b729e7c107ae30a4ba54f3c
SHA256:
461fdc22f16e70afca83e93c3710762e5db14cf255ffeb6d4fcd6fea38e7a0af
SSDeep:
6144:WmaAwWdCwbmS/8j2Jbl0doyt2fU2eecAF+yOjcUA3fXgZjQDyBEi:/DhdCw7/vbl0dsheQ+yOo3ajcyBEi
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\128.png
|
MD5:
1206d040b66098663b2be28909e622cd
SHA1:
d9646cc4ba1c5dd76c07c140d4d0480fb36983dd
SHA256:
ddebbff78ca120ad154869ef0772160fbbf4aa45eef7835c73f7602727851b29
SSDeep:
192:8/FwUHrcjHpHtwLdUN707eTPQkfkBcysMT:8/FnyXwxUJ07eT0Oysa
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ar\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\bg\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ca\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\cs\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\da\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\de\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\el\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\en\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ru\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\am\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\angular.js
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\background_script.js
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_game_sender.js
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_route_details.html
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_route_details.js
|
MD5:
d53b98ae34a46a7623626f01d0284586
SHA1:
ff6c2523e597aa864edda23b085ce7333a071a23
SHA256:
0d19eaebaaacee03e6a432b592d11d60d2265950437169cdb0e40297326996d2
SSDeep:
6144:BR6ARySX5u96k9cj56d/Fa0lZ/C93BTdZRkYvyNGYEP:B8UySXVcDaoq9x5T3yCP
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_sender.js
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\4Z0hrhbaTxOb2Y1Y_ENCRYPTED_BY.WHITEROSE
|
MD5:
a656c8ee8dda6b17e4cb5dbe94141a1a
SHA1:
fda6b4768ef893e9994cab70100f32eac6fdafce
SHA256:
9c503b25d40f74e0e04f987a58114a9d2a876da3aa62b2a4ac02a6ab78e09854
SSDeep:
6:eOUQhdqYeMJb0gra+cRqISqrU3KUce7lStLKP53CGXKIZsauC:/UQhcYe606a+cAISoU3CeRS0skbl
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\cast_app.css
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\cast_app.js
|
MD5:
1e3565e96d63b7acc42e9fffc4025104
SHA1:
a47c9fb4c0c0c840ce5f6034a3feb378012c3eeb
SHA256:
394b29873dca1e59392653497fe1d5c4649303b1c481a6bf38ff294e411105d4
SSDeep:
3072:l/Noty/ozWwKEDULuUQ2U7wD66nlqwMdXckZTBwN3lj2TT9rI:l/Noty/ozrACUe6lqwMVcGTGj2T5I
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\cast_app_redirect.js
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\chromecast_logo_grey.png
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\devices.html
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\index.html
|
MD5:
c9ad64b5e871a5619dd68b3531c57f18
SHA1:
efeb40b69364fac0213fdbcfd3cef15fddbde731
SHA256:
08a59e3919fa7074249e071961542ec8b248960cad1970463f5014047a97e380
SSDeep:
48:/mQSYJceOIs+aiTRG18uXL4Q3sZISXn1+3F+aOYuik8p01+Vst:NSYJ/s+aBoOQnqkYRk8prst
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\iUhfMv5XQzUXs8PR_ENCRYPTED_BY.WHITEROSE
|
MD5:
70386aa14fb96e0c40f01a05851dd1ae
SHA1:
528028c50b365a67500a9888cf2b1781c31db898
SHA256:
1533a9fcd8fb70a1fbd33dc0a84acd68e69eb58508bc14b30492282b18197196
SSDeep:
192:fjHxTwbM+6xqZbXkstQ47I4xfDViJ4H5dC2:fjNwuxHDWIkhiJ4dC2
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\KFvPp6NTCh0QDYjm_ENCRYPTED_BY.WHITEROSE
|
MD5:
43ae4bbdd1e3f4c4cd7f33f301e26e36
SHA1:
49130dff45a1993b0f9cef86eaff57d2533621f1
SHA256:
9b59e1846635326c0f255058365a262c19ef897a58f6304af23ccafb26525e84
SSDeep:
12:uoOLGwoZRqMYlQ7dS3OyYQ5MeC9XXqzDpebc5V:zZZRtPdIOPQaecsDpebcV
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\NMuKW0yfkbyVFUOZ_ENCRYPTED_BY.WHITEROSE
|
MD5:
740307de7ee232cfb1fdb5553c9d0df7
SHA1:
2ff7b8c04aa62a661e96654706aaa91dd5021b57
SHA256:
ac434161f15871c4c969bd43b0818c84c305b6aed895e1389f676461b1619a8b
SSDeep:
6:eOUQhdqKDXJZ/0wSUq+WzW9r3DwsRp4DfPVNMyFs1H1xZEBgFtAeeDOIutxmOBWO:/UQhcYXHLXFwHDfd+ymrMcGeeo7WO
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\offers.html
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\sBYeJIWta0zp8W8b_ENCRYPTED_BY.WHITEROSE
|
MD5:
5c1fc12dc61ad7d77804d93bebc21df1
SHA1:
4744731e26d24e8952a39b827dbea40d2959f418
SHA256:
4ea42e377be30a2e27b56334fd022a27b6cf67cb28fcb64ea86bdadacbe455dd
SSDeep:
192:W691/lkI4+YjWQBwl+CmAlkxc94rh9i9t4jaWbjC8uy8j:7vsMgCVYr7jaCNu9
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\setup.html
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\XV703HCg6ImNQqHt_ENCRYPTED_BY.WHITEROSE
|
MD5:
772395c8920050fcb7a6b1e68689d23c
SHA1:
40317aa0a403857e9bf6caa3960a3739be632849
SHA256:
85ed8da875a2585fd76f8e5da231eb13b239de5c2ec70aef14d26d3e3d9fc305
SSDeep:
6:eOUQhdqRrdQ3KRwLfzaOAa5cFG7Pmcr/Sbt9JgNljNnKRgOuPJvMKjXiXew:/UQhc5dQ3KRw7zaOAycFG7qDghNMwyXZ
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cloud_route_details\c9KGxQfaD4C5btTs_ENCRYPTED_BY.WHITEROSE
|
MD5:
11b7281e8413032aea060678de46f61b
SHA1:
ed789ef76d0a8264aec42e62eacea5b6b264bd1a
SHA256:
ec9587fcf427ce7c27fec5921831d2ca1871011c01f636ce457d25969d5d7395
SSDeep:
48:5TUXhR+Hkn14ZxI3/yiQI1v2MGenO9Fv4rUo+9LHOWyPv+EXKbkziZ:5W3+En1ua3/y0v5nns4EjOWEmBZ
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cloud_route_details\HOW-TO-RECOVERY-FILES.TXT
|
-
|
Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cloud_route_details\view.html
|
MD5:
7ada0d6943bb77701a08d7f91803421c
SHA1:
67915111baf6a4fbfc82ed18114c328ec8e5975e
SHA256:
d348a3b5f67e5c022af5d6243108a7fb3a4803d6b9b51b896deda88c33aa33c4
SSDeep:
96:62YRD3urlA49DRIHm3AbmoLsQuaGFJtwwKYT23aVUUOwz0Ccp5Wpcly04U:62QuDaHzERwwKBqKUJRKWclz
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cloud_route_details\view.js
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\common.js
|
MD5:
98fcd76ff5fd5fd86a48f6262707da09
SHA1:
c8badfa274c7dfa770d507e117f930a310a7c4f4
SHA256:
2b70cf94a4741fd21d374d146aa4a67f5c895e72b3a196328b38bb800e109d4e
SSDeep:
1536:1F/2xfULPxqq6Sfe9wLPrF5ueSLdufik4MnTb:1JPdYS3jF5kLMfBBTb
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\EzJoIwkSI8x04C3z_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\feedback.css
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\feedback.html
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\feedback_script.js
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\HGIjdA7eq2Xc7yvb_ENCRYPTED_BY.WHITEROSE
|
MD5:
d53b98ae34a46a7623626f01d0284586
SHA1:
ff6c2523e597aa864edda23b085ce7333a071a23
SHA256:
0d19eaebaaacee03e6a432b592d11d60d2265950437169cdb0e40297326996d2
SSDeep:
6144:BR6ARySX5u96k9cj56d/Fa0lZ/C93BTdZRkYvyNGYEP:B8UySXVcDaoq9x5T3yCP
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\iNnNLdANw83t6F4S_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\jmcFVQgqew4nYNr2_ENCRYPTED_BY.WHITEROSE
|
MD5:
cae7c18490237ba763ff0133aea3c1d0
SHA1:
3cd901d5c62278d9a3b9dd0fa8c23c9846ae1217
SHA256:
8949e1f15d6b496a5364f2e5b471ed0933ca17c350160a702c1ee5c0f649455f
SSDeep:
48:FCiGfJ3x8Fs7gp+mIQ7gcHtY1Tq9rNLT2g2L19na/Um86xU8EeS:AfJaFmG+meUHf2L3CX86xUZ
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\material_css_min.css
|
MD5:
49ccbc8ba575e9bfaf3bd05bc074d870
SHA1:
ee6a3bea7ee991f104aafb532e95b01b2517f094
SHA256:
7fccef9f56640ad809e9ea573541cade59c3646c40c549eff296aa90f2d2c6ce
SSDeep:
6144:ytthGAC0788/C39RLtJYA6NfGOhx7lar4+IXtqrhPtG0ckHeklONhWyN:ye07TKRUGxr7IX4h1PHe0fyN
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\mirroring_cast_streaming.js
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\mirroring_common.js
|
MD5:
0e62aeb9e2021a82f4b5ff7aa926cdfa
SHA1:
b47cbb169cb75c2d6ec724c54d435143b63ed98c
SHA256:
b9d905475e35ec4a4c1b6797ae0b4db26ff93d6e8f3bfe56de76a78322028a05
SSDeep:
3072:GF5yyWfPxBJ5PJaJIigbGxdIiXbah33ziQm6RrNi3D6df0Y5G6gFSz2Tisug:QghrigbkbahWuVI3Dyt5GLFS6Kg
ImpHash:
None
|
Access, Write
|
Modified File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\mirroring_hangouts.js
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\mirroring_webrtc.js
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\nEAqnjs8L6rmCtbG_ENCRYPTED_BY.WHITEROSE
|
MD5:
f1cc8577eda16d576ba24f92d08ca427
SHA1:
388388a7b8509f89426836c05141bf4e6e35e2fc
SHA256:
01dbf86422fad3d2332a77e91d6ac0d0d02fbe49a40fc95f2e49ba47481b9ad9
SSDeep:
96:etnkgnqWa1rGVJFyAwrJT/La/kKOpYnOvRXhaoxt09YX2Ac2N4y:etfqWcSzeJDlloSRXTX2V2Nl
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\O46MCRADkWf1eiRJ_ENCRYPTED_BY.WHITEROSE
|
MD5:
0e62aeb9e2021a82f4b5ff7aa926cdfa
SHA1:
b47cbb169cb75c2d6ec724c54d435143b63ed98c
SHA256:
b9d905475e35ec4a4c1b6797ae0b4db26ff93d6e8f3bfe56de76a78322028a05
SSDeep:
3072:GF5yyWfPxBJ5PJaJIigbGxdIiXbah33ziQm6RrNi3D6df0Y5G6gFSz2Tisug:QghrigbkbahWuVI3Dyt5GLFS6Kg
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\PpPZ3Tc5xNFfNlGa_ENCRYPTED_BY.WHITEROSE
|
MD5:
124af2343f593eda514ac1b2cb052055
SHA1:
71e022f62009a9423d7b302a8d3f70b8812d019b
SHA256:
c26d0fc93912cf8a2030189312efa5bbb515698185329aae0390ae431a2395d0
SSDeep:
384:UBrwHz6bCLUpq4ByyR+4bcxrcbSu3JIoze1o/PhjIG6I:U58NLUg4Byyw8uu3Jpz9j+I
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\PuZaKcN8KTopLZsT_ENCRYPTED_BY.WHITEROSE
|
MD5:
09a5062f7609ddb0cc7a9b598ab8f991
SHA1:
445fcad0ad549cb206f7262c6ebee6b25b329c57
SHA256:
037c3fdda50bb410d2a8fca6037460c8a4d6171c9f1ef42b7210aa4cb8877758
SSDeep:
768:J54BNMhltkGBRQD3N1miQIaSqk7csQcpxftIg6i:+yhltkGBRQ3Tv97ccDVIgV
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\PXUATy1A0QxQgF53_ENCRYPTED_BY.WHITEROSE
|
MD5:
874bddc142b8830a30ecddb6d1ce68b3
SHA1:
f526fd21ea1bcf42dd362a7ac30994cb966df935
SHA256:
7341391bb3ccfc8b281b34048d582ccdec272ac3ba84f51794cd395ec1bd4b19
SSDeep:
192:wBGJvBsUzyBg5PNXmcyb1TRcmh7QJnNRBvApfVXSfHXWmjFJE0/MwmVjFvqzg3qG:9ZsU2WlNXmc81TRPivQfcPRHf/nmZ
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\QdtCzg2X0AeVQ58M_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\SBY7ggxtsNOuNVXv_ENCRYPTED_BY.WHITEROSE
|
MD5:
5a996a0154b665a69acbd9a410fe9688
SHA1:
1ee96824f45316a53084ec8186e907a01df411f8
SHA256:
cc142f3706a57025994c366cb7d4eb1e1693cc1809119b5633f790f111a2bf90
SSDeep:
12288:1/5qtSFRmJtv1yOVCF8/RP9Uj0W5u/5dlBzl:sSFRmJtv1zBFqj0xxdlB5
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\v4X8mQpaZxfpi8pZ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\wDg9RlBiSBRuTGop_ENCRYPTED_BY.WHITEROSE
|
MD5:
b390fd91d8409968c6cc47e338fe3b5f
SHA1:
2d52659c6d159b7cde29c884dfb99f44b7ac77aa
SHA256:
8e91c43e96114083a78c8f442a020e2d028dfa31f0e1b324c126b79893ae2fc1
SSDeep:
1536:WRGtG6uxMZLOtv6Nhk8b68YUB0kQzQb/Y:ls6uxMZ+6LjJhfv7Y
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ghbmnnjooekpmoecnnnilnnbdlolhkhi\000003.log
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ghbmnnjooekpmoecnnnilnnbdlolhkhi\3atFUVmhhJfwXeyn_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Nw2fIEpLjTHuJyO0_ENCRYPTED_BY.WHITEROSE
|
MD5:
20ed47c674c6301a7cb572dd883ffbe1
SHA1:
26012205ac78c6a49490f8c30c33e90813a0e950
SHA256:
bfe2bb524480f9b4a17defd14e5ff792817dc0ff6aad0608227c96893b42d106
SSDeep:
384:uvGMWh4OaZOrXnWuh8EP1BjN5So8bvpf3Z6JkEVT2TQe825ge:u6KO5zOENBh4vpvZMTnC
ImpHash:
None
|
Access
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\previews_opt_out.db
|
-
|
Access, Write
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\000003.log
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_aohghmighlieiainnegkcijnfilokake\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Web Applications\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\EVWhitelist\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\FileTypePolicies\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\OriginTrials\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\PepperFlash\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\pnacl\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\SSLErrorAssistant\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\SwReporter\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\WidevineCdm\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\CrashReports\HOW-TO-RECOVERY-FILES.TXT
|
MD5:
6ed7c0eecfdea7c82c69f9073d01c89b
SHA1:
0de0a5738bd9fa34e202bcf66f052c36b2eee735
SHA256:
bdd1f3afc77b2f61647e6f550a5b9ccec01aef70ed904d38b2f45f24d722994b
SSDeep:
192:1ezYQYB9PreN6IHiO5fMLkm7Hg+atdMpTn8TN:1egPrediONMBl8MtncN
ImpHash:
None
|
Write
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\IconCache.db
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\Firefox\Profiles\silmbjec.default\OfflineCache\GDcWhr96VPQLRe39_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\Firefox\Profiles\silmbjec.default\OfflineCache\index.sqlite
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\Firefox\Profiles\silmbjec.default\thumbnails\4cc87c1409819bf06f42b782d4902b2f.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\Firefox\Profiles\silmbjec.default\thumbnails\ba182bcd131f1f3c6b6fbbb1ba078341.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\Firefox\Profiles\silmbjec.default\thumbnails\ce8c0453589216a67cddb50284fbfe8d.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\Firefox\Profiles\silmbjec.default\thumbnails\Gbhx08VBwSIlkyqZ_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\Firefox\Profiles\silmbjec.default\thumbnails\IdwXMXjcPTsQrO2z_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\Firefox\Profiles\silmbjec.default\thumbnails\n41rzwHpFQtkTQjM_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\updates\E7CF176E110C211B\active-update.xml
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\updates\E7CF176E110C211B\CfEZ7FlkcaJBeUvL_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\updates\E7CF176E110C211B\LNphqmh4WK2k1q8l_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates.xml
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\RUAcVqcu4yODkTkw_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\16rSoPuZ1qv-.swf
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\2aa-Boe9Sxh.swf
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\4Kiw4x4U10gpQmXv_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\584KszFkb1GFnpMX_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\6XcCSOAuN2uqc.doc
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\AdobeARM.log
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\ame19xzFVPgizwlN_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\CxmsUH1E1Go.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\dfxvS6m.flv
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\DL5C.mp3
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\eIakVV.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\fh93AKAvtknamxDTPKd.mp4
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\FQx AKHh2ppG_EGqk.mp3
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\fR BgKrKddnOz -dLax.png
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\fxi1tJu.gif
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\FXSAPIDebugLogFile.txt
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\GCA1 VpB5EYW.wav
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\lSABC8f7Rbuqh65J_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\OrtNO6PWfHhZwFZP_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\oxE91POZa0M6OkWc_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\uvw6H8MRMRui2er1_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\Vzgs8SJCtpoXCTan_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Temp\yqaDLym87zt48Tme_ENCRYPTED_BY.WHITEROSE
|
-
|
Access
|
|
C:\Users\5p5NrGJn0jS HALPmcxz\NTUSER.DAT
|
-
|
Access
|
|
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\config\machine.config
|
-
|
Access
|
|