General Info

File name

kkk

Full analysis
https://app.any.run/tasks/e3038d72-0a76-4ec6-a9aa-e03f804c826c
Verdict
Malicious activity
Analysis date
3/14/2019, 16:01:13
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

MIME:
application/x-dosexec
File info:
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5

8efe63fbec56da047389523c77654ef6

SHA1

b73fc2ceceb2b76cf1f8e5ae5987a5ed52e512c4

SHA256

bfc97f484b27a23ce32d54a542422938b66b537f956ba0a9cd69b7ab64190efa

SSDEEP

196608:ZBqsN8Fwc75pl5sDSOmRSdE+K5Uy2TVMP3HxRYAsxMdyEW:/N87PsS9Sm+3VMPHfYDxdf

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
240 seconds
Additional time used
180 seconds
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (68.0.3440.106)
  • Google Update Helper (1.3.33.17)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 61.0.2 (x86 en-US) (61.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO
Application was dropped or rewritten from another process
  • nsC5CC.tmp (PID: 3200)
  • Tomcat7w.exe (PID: 4060)
  • nsC6A8.tmp (PID: 2172)
  • nsC793.tmp (PID: 3276)
  • Tomcat7.exe (PID: 3516)
  • nsC4E0.tmp (PID: 1868)
  • Tomcat7.exe (PID: 3772)
  • nsC01D.tmp (PID: 3040)
  • Tomcat7.exe (PID: 3556)
  • Tomcat7.exe (PID: 3688)
  • Tomcat7.exe (PID: 2652)
  • Tomcat7.exe (PID: 2760)
Changes the autorun value in the registry
  • kkk.exe (PID: 3864)
Loads dropped or rewritten executable
  • kkk.exe (PID: 3864)
Creates files in the Windows directory
  • Tomcat7.exe (PID: 3516)
Creates files in the program directory
  • Tomcat7.exe (PID: 3516)
  • Tomcat7.exe (PID: 3772)
  • Tomcat7.exe (PID: 3556)
  • kkk.exe (PID: 3864)
Creates a software uninstall entry
  • kkk.exe (PID: 3864)
Creates files in the user directory
  • kkk.exe (PID: 3864)
Starts application with an unusual extension
  • kkk.exe (PID: 3864)
Executable content was dropped or overwritten
  • kkk.exe (PID: 3864)

No info indicators.

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Static information

TRiD
.exe
|   Win32 Executable MS Visual C++ (generic) (67.4%)
.dll
|   Win32 Dynamic Link Library (generic) (14.2%)
.exe
|   Win32 Executable (generic) (9.7%)
.exe
|   Generic Win/DOS Executable (4.3%)
.exe
|   DOS Executable Generic (4.3%)
EXIF
EXE
MachineType:
Intel 386 or later, and compatibles
TimeStamp:
2018:01:30 04:57:38+01:00
PEType:
PE32
LinkerVersion:
6
CodeSize:
25088
InitializedDataSize:
118784
UninitializedDataSize:
1024
EntryPoint:
0x3328
OSVersion:
4
ImageVersion:
6
SubsystemVersion:
4
Subsystem:
Windows GUI
FileVersionNumber:
7.0.90.0
ProductVersionNumber:
7.0.90.0
FileFlagsMask:
0x0000
FileFlags:
(none)
FileOS:
Win32
ObjectFileType:
Executable application
FileSubtype:
null
LanguageCode:
English (U.S.)
CharacterSet:
Windows, Latin1
Comments:
tomcat.apache.org
CompanyName:
Apache Software Foundation
FileDescription:
Apache Tomcat Installer
FileVersion:
2
InternalName:
apache-tomcat-7.0.90.exe
LegalCopyright:
Copyright (c) 1999-2018 The Apache Software Foundation
ProductName:
Apache Tomcat
ProductVersion:
7.0.90
Summary
Architecture:
IMAGE_FILE_MACHINE_I386
Subsystem:
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date:
30-Jan-2018 03:57:38
Detected languages
English - United States
Comments:
tomcat.apache.org
CompanyName:
Apache Software Foundation
FileDescription:
Apache Tomcat Installer
FileVersion:
2.0
InternalName:
apache-tomcat-7.0.90.exe
LegalCopyright:
Copyright (c) 1999-2018 The Apache Software Foundation
ProductName:
Apache Tomcat
ProductVersion:
7.0.90
DOS Header
Magic number:
MZ
Bytes on last page of file:
0x0090
Pages in file:
0x0003
Relocations:
0x0000
Size of header:
0x0004
Min extra paragraphs:
0x0000
Max extra paragraphs:
0xFFFF
Initial SS value:
0x0000
Initial SP value:
0x00B8
Checksum:
0x0000
Initial IP value:
0x0000
Initial CS value:
0x0000
Overlay number:
0x0000
OEM identifier:
0x0000
OEM information:
0x0000
Address of NE header:
0x000000D8
PE Headers
Signature:
PE
Machine:
IMAGE_FILE_MACHINE_I386
Number of sections:
5
Time date stamp:
30-Jan-2018 03:57:38
Pointer to Symbol Table:
0x00000000
Number of symbols:
0
Size of Optional Header:
0x00E0
Characteristics
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED
Sections
Name Virtual Address Virtual Size Raw Size Charateristics Entropy
.text 0x00001000 0x00006077 0x00006200 IMAGE_SCN_CNT_CODE,IMAGE_SCN_MEM_EXECUTE,IMAGE_SCN_MEM_READ 6.40397
.rdata 0x00008000 0x00001248 0x00001400 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ 5.04426
.data 0x0000A000 0x0001A838 0x00000400 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 5.22445
.ndata 0x00025000 0x0001E000 0x00000000 IMAGE_SCN_CNT_UNINITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 0
.rsrc 0x00043000 0x00006E68 0x00007000 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ 4.3461
Resources
1

2

3

4

5

6

7

8

9

102

103

104

105

106

107

110

111

Imports
    KERNEL32.dll

    USER32.dll

    GDI32.dll

    SHELL32.dll

    ADVAPI32.dll

    COMCTL32.dll

    ole32.dll

Exports

    No exports.

Screenshots

Processes

Total processes
53
Monitored processes
15
Malicious processes
2
Suspicious processes
0

Behavior graph

+
drop and start drop and start drop and start drop and start drop and start drop and start start kkk.exe no specs kkk.exe nsc01d.tmp no specs tomcat7.exe no specs nsc4e0.tmp no specs tomcat7.exe no specs nsc5cc.tmp no specs tomcat7.exe no specs nsc6a8.tmp no specs tomcat7.exe no specs nsc793.tmp no specs tomcat7.exe no specs tomcat7w.exe no specs notepad.exe no specs tomcat7.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
3364
CMD
"C:\Users\admin\AppData\Local\Temp\kkk.exe"
Path
C:\Users\admin\AppData\Local\Temp\kkk.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
3221226540
Version:
Company
Apache Software Foundation
Description
Apache Tomcat Installer
Version
2.0
Modules
Image
c:\users\admin\appdata\local\temp\kkk.exe
c:\systemroot\system32\ntdll.dll

PID
3864
CMD
"C:\Users\admin\AppData\Local\Temp\kkk.exe"
Path
C:\Users\admin\AppData\Local\Temp\kkk.exe
Indicators
Parent process
––
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Apache Software Foundation
Description
Apache Tomcat Installer
Version
2.0
Modules
Image
c:\users\admin\appdata\local\temp\kkk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\version.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\riched20.dll
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsdialogs.dll
c:\windows\system32\comdlg32.dll
c:\users\admin\appdata\local\temp\nsc9bac.tmp\system.dll
c:\program files\common files\microsoft shared\ink\tiptsf.dll
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsexec.dll
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsc01d.tmp
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsc4e0.tmp
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsc5cc.tmp
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsc6a8.tmp
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsc793.tmp
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\program files\apache software foundation\tomcat 7.0\bin\tomcat7w.exe
c:\users\admin\appdata\local\temp\nsc9bac.tmp\userinfo.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\notepad.exe
c:\windows\system32\netutils.dll

PID
3040
CMD
"C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC01D.tmp" "C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //IS//Tomcat7 --DisplayName "Apache Tomcat 7.0 Tomcat7" --Description "Apache Tomcat 7.0.90 Server - https://tomcat.apache.org/" --LogPath "C:\Program Files\Apache Software Foundation\Tomcat 7.0\logs" --Install "C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" --Jvm "C:\Program Files\Java\jre1.8.0_92\bin\client\jvm.dll" --StartPath "C:\Program Files\Apache Software Foundation\Tomcat 7.0" --StopPath "C:\Program Files\Apache Software Foundation\Tomcat 7.0"
Path
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC01D.tmp
Indicators
No indicators
Parent process
kkk.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsc01d.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\program files\apache software foundation\tomcat 7.0\bin\tomcat7.exe

PID
3556
CMD
"C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //IS//Tomcat7 --DisplayName "Apache Tomcat 7.0 Tomcat7" --Description "Apache Tomcat 7.0.90 Server - https://tomcat.apache.org/" --LogPath "C:\Program Files\Apache Software Foundation\Tomcat 7.0\logs" --Install "C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" --Jvm "C:\Program Files\Java\jre1.8.0_92\bin\client\jvm.dll" --StartPath "C:\Program Files\Apache Software Foundation\Tomcat 7.0" --StopPath "C:\Program Files\Apache Software Foundation\Tomcat 7.0"
Path
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe
Indicators
No indicators
Parent process
nsC01D.tmp
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Apache Software Foundation
Description
Commons Daemon Service Runner
Version
1.1.0.0
Modules
Image
c:\program files\apache software foundation\tomcat 7.0\bin\tomcat7.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
1868
CMD
"C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC4E0.tmp" "C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //US//Tomcat7 --Classpath "C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\bootstrap.jar;C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\tomcat-juli.jar" --StartClass org.apache.catalina.startup.Bootstrap --StopClass org.apache.catalina.startup.Bootstrap --StartParams start --StopParams stop --StartMode jvm --StopMode jvm
Path
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC4E0.tmp
Indicators
No indicators
Parent process
kkk.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsc4e0.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll

PID
2652
CMD
"C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //US//Tomcat7 --Classpath "C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\bootstrap.jar;C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\tomcat-juli.jar" --StartClass org.apache.catalina.startup.Bootstrap --StopClass org.apache.catalina.startup.Bootstrap --StartParams start --StopParams stop --StartMode jvm --StopMode jvm
Path
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe
Indicators
No indicators
Parent process
nsC4E0.tmp
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Apache Software Foundation
Description
Commons Daemon Service Runner
Version
1.1.0.0
Modules
Image
c:\program files\apache software foundation\tomcat 7.0\bin\tomcat7.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
3200
CMD
"C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC5CC.tmp" "C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //US//Tomcat7 --JvmOptions "-Dcatalina.home=C:\Program Files\Apache Software Foundation\Tomcat 7.0#-Dcatalina.base=C:\Program Files\Apache Software Foundation\Tomcat 7.0#-Djava.io.tmpdir=C:\Program Files\Apache Software Foundation\Tomcat 7.0\temp#-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager#-Djava.util.logging.config.file=C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\logging.properties"
Path
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC5CC.tmp
Indicators
No indicators
Parent process
kkk.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsc5cc.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll

PID
3688
CMD
"C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //US//Tomcat7 --JvmOptions "-Dcatalina.home=C:\Program Files\Apache Software Foundation\Tomcat 7.0#-Dcatalina.base=C:\Program Files\Apache Software Foundation\Tomcat 7.0#-Djava.io.tmpdir=C:\Program Files\Apache Software Foundation\Tomcat 7.0\temp#-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager#-Djava.util.logging.config.file=C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\logging.properties"
Path
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe
Indicators
No indicators
Parent process
nsC5CC.tmp
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Apache Software Foundation
Description
Commons Daemon Service Runner
Version
1.1.0.0
Modules
Image
c:\program files\apache software foundation\tomcat 7.0\bin\tomcat7.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
2172
CMD
"C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC6A8.tmp" "C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //US//Tomcat7 --JvmOptions9 "--add-opens=java.base/java.lang=ALL-UNNAMED#--add-opens=java.base/java.io=ALL-UNNAMED#--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
Path
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC6A8.tmp
Indicators
No indicators
Parent process
kkk.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsc6a8.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll

PID
2760
CMD
"C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //US//Tomcat7 --JvmOptions9 "--add-opens=java.base/java.lang=ALL-UNNAMED#--add-opens=java.base/java.io=ALL-UNNAMED#--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
Path
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe
Indicators
No indicators
Parent process
nsC6A8.tmp
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Apache Software Foundation
Description
Commons Daemon Service Runner
Version
1.1.0.0
Modules
Image
c:\program files\apache software foundation\tomcat 7.0\bin\tomcat7.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
3276
CMD
"C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC793.tmp" "C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //US//Tomcat7 --StdOutput auto --StdError auto --JvmMs 128 --JvmMx 256
Path
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC793.tmp
Indicators
No indicators
Parent process
kkk.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Description
Version
Modules
Image
c:\users\admin\appdata\local\temp\nsc9bac.tmp\nsc793.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll

PID
3772
CMD
"C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //US//Tomcat7 --StdOutput auto --StdError auto --JvmMs 128 --JvmMx 256
Path
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe
Indicators
No indicators
Parent process
nsC793.tmp
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Apache Software Foundation
Description
Commons Daemon Service Runner
Version
1.1.0.0
Modules
Image
c:\program files\apache software foundation\tomcat 7.0\bin\tomcat7.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll

PID
4060
CMD
"C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe" //MR//Tomcat7
Path
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe
Indicators
No indicators
Parent process
kkk.exe
User
admin
Integrity Level
HIGH
Version:
Company
Apache Software Foundation
Description
Commons Daemon Service Manager
Version
1.1.0.0
Modules
Image
c:\program files\apache software foundation\tomcat 7.0\bin\tomcat7w.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\logoncli.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\riched32.dll
c:\windows\system32\riched20.dll
c:\windows\system32\ole32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\cryptbase.dll

PID
1576
CMD
"C:\Windows\system32\NOTEPAD.EXE" C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\RELEASE-NOTES.txt
Path
C:\Windows\system32\NOTEPAD.EXE
Indicators
No indicators
Parent process
kkk.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Microsoft Corporation
Description
Notepad
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\notepad.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\uxtheme.dll

PID
3516
CMD
"C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //RS//Tomcat7
Path
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe
Indicators
No indicators
Parent process
––
User
SYSTEM
Integrity Level
SYSTEM
Version:
Company
Apache Software Foundation
Description
Commons Daemon Service Runner
Version
1.1.0.0
Modules
Image
c:\program files\apache software foundation\tomcat 7.0\bin\tomcat7.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\java\jre1.8.0_92\bin\client\jvm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winmm.dll
c:\windows\system32\version.dll
c:\windows\system32\psapi.dll
c:\windows\system32\msvcr100.dll
c:\program files\java\jre1.8.0_92\bin\verify.dll
c:\program files\java\jre1.8.0_92\bin\java.dll
c:\program files\java\jre1.8.0_92\bin\zip.dll
c:\windows\system32\ole32.dll
c:\windows\system32\profapi.dll
c:\program files\java\jre1.8.0_92\bin\management.dll
c:\program files\java\jre1.8.0_92\bin\net.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\program files\java\jre1.8.0_92\bin\nio.dll
c:\program files\java\jre1.8.0_92\bin\sunec.dll
c:\program files\java\jre1.8.0_92\bin\sunmscapi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll

Registry activity

Total events
407
Read events
374
Write events
33
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
3864
kkk.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ApacheTomcatMonitor7.0_Tomcat7
"C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe" //MS//Tomcat7
3864
kkk.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Tomcat\7.0\Tomcat7
InstallPath
C:\Program Files\Apache Software Foundation\Tomcat 7.0
3864
kkk.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Tomcat\7.0\Tomcat7
Version
7.0.90
3864
kkk.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Apache Tomcat 7.0 Tomcat7
DisplayName
Apache Tomcat 7.0 Tomcat7 (remove only)
3864
kkk.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Apache Tomcat 7.0 Tomcat7
DisplayVersion
7.0.90
3864
kkk.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Apache Tomcat 7.0 Tomcat7
DisplayIcon
"C:\Program Files\Apache Software Foundation\Tomcat 7.0\tomcat.ico"
3864
kkk.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Apache Tomcat 7.0 Tomcat7
Publisher
The Apache Software Foundation
3864
kkk.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Apache Tomcat 7.0 Tomcat7
UninstallString
"C:\Program Files\Apache Software Foundation\Tomcat 7.0\Uninstall.exe" -ServiceName="Tomcat7"
3864
kkk.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
3864
kkk.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
3556
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Java
Jvm
C:\Program Files\Java\jre1.8.0_92\bin\client\jvm.dll
3556
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Stop
WorkingPath
C:\Program Files\Apache Software Foundation\Tomcat 7.0
3556
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Start
WorkingPath
C:\Program Files\Apache Software Foundation\Tomcat 7.0
3556
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Log
Path
C:\Program Files\Apache Software Foundation\Tomcat 7.0\logs
2652
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Java
Classpath
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\bootstrap.jar;C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\tomcat-juli.jar
2652
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Stop
Class
org.apache.catalina.startup.Bootstrap
2652
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Stop
Params
stop
2652
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Stop
Mode
jvm
2652
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Start
Class
org.apache.catalina.startup.Bootstrap
2652
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Start
Params
start
2652
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Start
Mode
jvm
3688
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Java
Options
-Dcatalina.home=C:\Program Files\Apache Software Foundation\Tomcat 7.0
2760
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Java
Options9
--add-opens=java.base/java.lang=ALL-UNNAMED
3772
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Java
JvmMs
128
3772
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Java
JvmMx
256
3772
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Log
StdError
auto
3772
Tomcat7.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Procrun 2.0\Tomcat7\Parameters\Log
StdOutput
auto
1576
NOTEPAD.EXE
write
HKEY_CURRENT_USER\Software\Microsoft\Notepad
iWindowPosX
22
1576
NOTEPAD.EXE
write
HKEY_CURRENT_USER\Software\Microsoft\Notepad
iWindowPosY
22
1576
NOTEPAD.EXE
write
HKEY_CURRENT_USER\Software\Microsoft\Notepad
iWindowPosDX
960
1576
NOTEPAD.EXE
write
HKEY_CURRENT_USER\Software\Microsoft\Notepad
iWindowPosDY
501

Files activity

Executable files
10
Suspicious files
23
Text files
190
Unknown types
9

Dropped files

PID
Process
Filename
Type
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\UserInfo.dll
executable
MD5: dada3e1836af78d5b24499da252d01e4
SHA256: 0073337816509851476c2cc154f471a3e3a1a2806b97c363870acc09a30a5ed7
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC4E0.tmp
executable
MD5: e2347a65b30ccc5b2c4230daaeefb897
SHA256: 79fd3041ab85e378839d2e3cf155fc91a2d541304d209f5d1d57ac7d791190ec
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe
executable
MD5: 518aa04e7c0d1f9ceb41cd1830492c7e
SHA256: b5a53d3c6a544d1f8316375f301500e6910928e7a2d9afae84ad71af0fbad1f5
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsExec.dll
executable
MD5: 1f49d8af9be9e915d54b2441c4a79adf
SHA256: b22c8f676dec58be8d25fbad1a37835ffc4029f29aaf79f4dc0337ca73a38782
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe
executable
MD5: 2ca2b1f856f0a92441a88cdbbef6e149
SHA256: 2f4ef1d3e9d7d1f5ba305c102f81120f4bcecc4c48c4b58ce8fac3d2851c4038
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\System.dll
executable
MD5: b0c77267f13b2f87c084fd86ef51ccfc
SHA256: a0cac4cf4852895619bc7743ebeb89f9e4927ccdb9e66b1bcd92a4136d0f9c77
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsDialogs.dll
executable
MD5: eac1c3707970fe7c71b2d760c34763fa
SHA256: 062c75ad650548750564ffd7aef8cd553773b5c26cae7f25a5749b13165194e3
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\Uninstall.exe
executable
MD5: 3e1114ce2bb8c20134f9a2637bfb2b26
SHA256: ced0e3035cb27b1dfe13b4ec80c56e8b5eb3bc3d19dceb8622a2d05e83064029
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\sample\src\mypackage\Hello.java
text
MD5: a2c1f06622db27d9da495e21f0528464
SHA256: 851472df506c83337784326b91c1e39d1dabed366487de985d7580b5eae1d0c8
3864
kkk.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Tomcat Documentation.lnk
lnk
MD5: 521fe3320da7aa36e105d06be8f0e741
SHA256: 6f00797c5d3a330dc6be5c2f68211aaf2ada3653df335afa33cc2f51d216737c
3864
kkk.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Welcome.lnk
lnk
MD5: f7603893f81c250122e45d72c17b6289
SHA256: 46e5e35a1fc8e0675f5109ef08a2d6b8e975ac7ccb6aacb45e78d3ee7bdcedcc
3864
kkk.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Tomcat Home Page.lnk
lnk
MD5: dcbaecd8b5ca93d33a034de88d17f554
SHA256: c0c1741c40d9221779af1205cfb7f21d01e86faeb09dd7a47c5b6538b2d542aa
3864
kkk.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Tomcat Manager.lnk
lnk
MD5: db11fab9316d6bbf726e64d07f63a136
SHA256: a486f660a748438f4d91d483a4000d38dbea089ce0b10fcec1b64dc39a0d3f15
3772
Tomcat7.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\logs\commons-daemon.2019-03-14.log
text
MD5: 53964739ba86447f161e1f8a6e98573a
SHA256: 1eb3b9576a961b45549321ae194201ad608e794b78b5aa58889f76343f5e7bd3
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC793.tmp
––
MD5:  ––
SHA256:  ––
2760
Tomcat7.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\logs\commons-daemon.2019-03-14.log
text
MD5: 12112d157b22779a2279965e86f4fa10
SHA256: 5b25c9fc2a835aad12ffcf5e067e6c58b1d93f2d5742ce20b9463d99642e83cc
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC6A8.tmp
––
MD5:  ––
SHA256:  ––
3688
Tomcat7.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\logs\commons-daemon.2019-03-14.log
text
MD5: 12112d157b22779a2279965e86f4fa10
SHA256: 5b25c9fc2a835aad12ffcf5e067e6c58b1d93f2d5742ce20b9463d99642e83cc
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC5CC.tmp
––
MD5:  ––
SHA256:  ––
2652
Tomcat7.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\logs\commons-daemon.2019-03-14.log
text
MD5: 8822ccd90169caca7346e338e76ccf80
SHA256: aab4987bf04ce993c1e9add65de96523cadf673812f8bd897fa563848af19563
3516
Tomcat7.exe
C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\83aa4cc77f591dfc2374580bbd95f6ba_90059c37-1320-41a4-b58d-2b75a9850d2f
dbf
MD5: c8366ae350e7019aefc9d1e6e6a498c6
SHA256: 11e6aca8e682c046c83b721eeb5c72c5ef03cb5936c60df6f4993511ddc61238
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\images\tomcat.gif
image
MD5: 4e41a821f4efec0737195ca34695a4d5
SHA256: dc5d18af5aebf5ad183db10b5d17d0caabb65a1b5371af6d4c2e1160c16649d6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\images\void.gif
image
MD5: 6d22e4f2d2057c6e8d6fab098e76e80f
SHA256: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\images\update.gif
image
MD5: 3cad58ab869b04f6d0e8c4a24d2944aa
SHA256: 63b93e248018e9520b508c50c9f61fb190bb7ed7c057598111baf79d07c3ad14
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\images\fix.gif
image
MD5: b065215c007b83a52c75c174bda86611
SHA256: b56e19054224482be0aa7b444ab8324ed0b0c25e3abacbd87be29732356c9bb8
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\logs\service-install.log
text
MD5: 26c2edb7b9c5aceb9b2c89b54de5912f
SHA256: 54f7b2bb105580a7a57857f4773a82c1fc87a6ba369d8b4125f63b7304b51094
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\WEB-INF\jsp\sessionsList.jsp
xml
MD5: 73e3e54c3da345b05bc39745d00a21c9
SHA256: 76557156f9722722c64bfd51b23da4639b498c820fb1d4d01334f23630721c75
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\WEB-INF\jsp\403.jsp
html
MD5: f1276750f912cf887f5ef6d51ec77fb2
SHA256: 8e7fc7426f7268db95cc1b928d2f63fefe8de983664258f0e40c726f13bdd970
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\images\design.gif
image
MD5: cd802c4f7c2ad1a5824ddca21687bd27
SHA256: 0410d16b47d3901eee99d0090e19fdb28ab78e3fff49f571c5ece6cca5eaa4ca
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\WEB-INF\jsp\sessionDetail.jsp
xml
MD5: cad98f439bc274a2957bca368dc43233
SHA256: b71765120492ce68a3900eb494db469599ca4971657c7e9e05c8cd46b08d1ff5
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\images\docs.gif
image
MD5: 5137f5a90f2b128fd6031d4289ca3165
SHA256: 83e056ba73609403a3ef0ac82395a4fccae251ecef1878c569a3a5ee2f4e94f2
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\images\add.gif
image
MD5: dea87dfff707ca3724b5d23e37ac717d
SHA256: d52112c36fa422d381aec5ffb57c31912b60ca0e47b56634beaae1a4eb8c826f
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\images\code.gif
image
MD5: e4ef0bb77622e815ebbb3cbc2ee037fb
SHA256: cac0dba2ac0d6abdb2d037f07499a84df7f9a949e5e76a4d89dd3913b96e3ec6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\WEB-INF\jsp\404.jsp
html
MD5: b5052839b0b9404001bb7c095e03a7c9
SHA256: a721cb195ac0b27060d6530594d8e6a43bdf47369f7c637b03563536c05c0c3c
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\images\asf-logo.svg
image
MD5: 5f20cdec46561f7ce4da32019d5edfc0
SHA256: 186d3afbb52e49dc206d01926b64ee06b0ee786d8803cba94b0d7acb5c75c3c4
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\WEB-INF\jsp\401.jsp
html
MD5: 0b8b4522635b3c6cb3b84e6a3be8efe7
SHA256: 4e74ae6b9b91960a205b610df7688dd5bbb503647465470947c6e7716de35b57
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\WEB-INF\web.xml
xml
MD5: 76bde4641cef87a941204180c193bacc
SHA256: e5e84f988907af3a87bdb2c044c8c0fb3910c23fac8b3c2a7268ee77e9122e4d
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\META-INF\context.xml
xml
MD5: c86766013c4a8e0c1a6515437d4a5245
SHA256: 6495320599c21f8a26331a3da029f1b84ee79eab378d5c2f7641c912e9d96536
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\status.xsd
xml
MD5: c24e147ad56317ddce40a25917c0418b
SHA256: 22ef84582b2c4557c980e0c01913e12d1c93c8c9ee31a7a315704b438f0f4700
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\xform.xsl
xml
MD5: 792eb9b517f16ac08c1ab9afb36aa5f3
SHA256: 0e2b5510b289cdf2aa010f3ff86f7ed2401bc0826699d82c16e2ad0be2892574
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\websocketapi\index.html
html
MD5: ca69208811648cecdac62e91861483c5
SHA256: ca7d53a1b4b18889b956ff3a98acecb2e61240cff036523fa02589da3bb05bf6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\index.jsp
text
MD5: c34bf31766080bdb38a5e454e18fafe6
SHA256: 66e9d90d6513a1fe02f2b41c0bcb79c1236c580e60f444c5233528667a02ab18
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\tribes\status.html
html
MD5: cd4062bff7e41c478a39ec66ac657273
SHA256: f32880dce00689d155a0f18a895092a231a0fca882023f960b201b59cda4b950
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\tribes\membership.html
html
MD5: 858095cd4e368079bca5cb7129760942
SHA256: 6b473ac1a19c35abefe338c5607a5e7d9c1633bd91fada12671740805ed149e4
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\tribes\transport.html
html
MD5: 6a00e942fd648544e3bf08331f507e9b
SHA256: d09ebc76a3de12f762b50073e200fe2e8f063b85e57dc1a8bd5b4c45620499f0
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\tribes\introduction.html
html
MD5: 43f5d502921c05a01dc72f35dcd980a7
SHA256: 8adcc5b56a79ba9a7493c0c6a67e4a8e01de5bbdbda58fb268cac40ffcfd1afe
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\tribes\setup.html
html
MD5: c5ce6130441745acadd617cbba8592c8
SHA256: 0c05c3d7cc61fdb121b6046939b6f82602512c71760ad87b4981c885310b528f
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\tribes\interceptors.html
html
MD5: b0887a9ae927b9f54aacb5aa1907fd25
SHA256: 6a9d7f5df8ccb335c16c9f5652e6cc5a047189547cc78915d81586583c88adac
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\tribes\developers.html
html
MD5: de6723b587a91e7d55867ce075e61ce4
SHA256: cddb4e281375cadc935914c84aec86c753de973db2ec1785399d052895e5290c
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\tribes\faq.html
html
MD5: 73e52f5dcdaef6ab594fd3128340472e
SHA256: 24eb098b2685caecacf3024d1c05fa916eaca756a1814af94b121d93fac55cca
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\servletapi\index.html
html
MD5: 7005cb481111afc7006ac6a605de1878
SHA256: 798ad1070f8ea51763ad0ada634b48d35ee1f6c5c1011c5c016344d6ff59418c
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\jspapi\index.html
html
MD5: f8840b430b0efd1c1430fdf2c768745f
SHA256: fe978c58475223b253adc81fd1450db52f64192f9889688ee254586b76d23fc7
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\void.gif
image
MD5: 6d22e4f2d2057c6e8d6fab098e76e80f
SHA256: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\tomcat.png
image
MD5: b1661b22c16b597596a005ab73068c0b
SHA256: 5d4dbfc82ee715a653291fb987dd565b6fc567ffee828d9e4c5f181c75eca0be
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\update.gif
image
MD5: 3cad58ab869b04f6d0e8c4a24d2944aa
SHA256: 63b93e248018e9520b508c50c9f61fb190bb7ed7c057598111baf79d07c3ad14
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\tomcat.svg
image
MD5: df83f9a63d88f4dff833bb662c6fabf0
SHA256: 69d3ad6a08012880461bff365e5e94f6b57f7a8cc3abe96fbe15ccf9233798be
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\tomcat.gif
image
MD5: 4e41a821f4efec0737195ca34695a4d5
SHA256: dc5d18af5aebf5ad183db10b5d17d0caabb65a1b5371af6d4c2e1160c16649d6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\fix.gif
image
MD5: b065215c007b83a52c75c174bda86611
SHA256: b56e19054224482be0aa7b444ab8324ed0b0c25e3abacbd87be29732356c9bb8
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\design.gif
image
MD5: cd802c4f7c2ad1a5824ddca21687bd27
SHA256: 0410d16b47d3901eee99d0090e19fdb28ab78e3fff49f571c5ece6cca5eaa4ca
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\docs.gif
image
MD5: 5137f5a90f2b128fd6031d4289ca3165
SHA256: 83e056ba73609403a3ef0ac82395a4fccae251ecef1878c569a3a5ee2f4e94f2
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\cors-flowchart.png
image
MD5: c9a580ba1d073c9c923a04356cbe35c7
SHA256: 91568f1581537f57b4e62863524bd1511017e7f252f23ac6c125160c39b14a2a
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\printer.gif
image
MD5: 675e23538f0198be29919b1df763d516
SHA256: e3aaa2cb9c451791e47550904c4a3426f15c3629ee5f516410a616b0a1ba6160
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\asf-logo.svg
image
MD5: 5f20cdec46561f7ce4da32019d5edfc0
SHA256: 186d3afbb52e49dc206d01926b64ee06b0ee786d8803cba94b0d7acb5c75c3c4
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\code.gif
image
MD5: e4ef0bb77622e815ebbb3cbc2ee037fb
SHA256: cac0dba2ac0d6abdb2d037f07499a84df7f9a949e5e76a4d89dd3913b96e3ec6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\funcspecs\fs-admin-opers.html
html
MD5: 5f2b14be07b965acdce91fc01992f0f9
SHA256: 565a99d504abb10abce9661671e68ab044b120a225d7ee0f892154275a060d50
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\funcspecs\fs-memory-realm.html
html
MD5: e2ea3ecdfcf618708d59d7b5259a3175
SHA256: c3d77945ddf375c86cd6f9d78a34b2f3557ee908c54b77ce21db91f23db11b8b
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\funcspecs\mbean-names.html
html
MD5: 4924b2e91772fd3ed45ca3f44ee6df55
SHA256: ed09c0cbb599324808a9ed6b7867154d6689b67a0ec0969771d378895b2957ec
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\funcspecs\fs-jdbc-realm.html
html
MD5: b87c5dbc0f62f48920cceb7144ba4cae
SHA256: 4365720cf22eac49db2c0986a9378ae13173d7b3d1f9f22b67443122b7bb5fbd
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\funcspecs\index.html
html
MD5: 7a403d444f8c1bf0158b8c4b1a998e9f
SHA256: 14987640833ff8bcdbd73aa5ecabb266eebf2f855d46cf995f1662b7daac7a70
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\funcspecs\fs-default.html
html
MD5: 7911d18d63ad7e67cfb4bad3414f965d
SHA256: cfc86a2215bdcd3b681582819e14da3cdc7399b432ef98432e686ef16b74e684
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\funcspecs\fs-jndi-realm.html
html
MD5: b4d1493badb6b8c2d326c1ef3f423927
SHA256: 817fe8f2738541ce5d1e2ba0ade3c5ee27334008043967a6c7014e3e933e040e
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\images\add.gif
image
MD5: dea87dfff707ca3724b5d23e37ac717d
SHA256: d52112c36fa422d381aec5ffb57c31912b60ca0e47b56634beaae1a4eb8c826f
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\funcspecs\fs-admin-objects.html
html
MD5: 117ac80d94d8b29e1593718ee126ae06
SHA256: 17ba45527877556e1fdfafd496aa85a97423d6047cdec005756567886ece9948
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\elapi\index.html
html
MD5: c67d137ca870caa3044f319e6219fe82
SHA256: 17b0b9a465c6f6e04cd5d0e55f3c2f35d0e78733914254037f025e7b97a9180a
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\funcspecs\fs-admin-apps.html
html
MD5: e17de8c4bc913becff8eaed77f92543f
SHA256: e04401499c9f62e07a7e7b7fae047436992f2f379d5b32f13cb3b9c5bab51112
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\service.html
html
MD5: fcecd465d28a6c1fb5c00ec64dd6a1e3
SHA256: 80eb6b2b7fe3d945837631fc7b87888c5d12f9675f3d6592c86dcd8cd52d480d
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\server.html
html
MD5: d238ef2d0829be88ac0f1a6a5fe5e042
SHA256: b1f4443acee9f548e793d9557df86daa247765b8077db65d448e1e442cbe7711
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\systemprops.html
html
MD5: f231cd2ac40ab398c3bd6c17af6159dc
SHA256: 2882642ec5910c1d16bdf28000f3b4db013b26b6cbb1a398efe20e386f0ba69e
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\valve.html
html
MD5: 5d6ea28eba600f4a12ed9828513fa369
SHA256: ad451f1c61c5759649ef5c74bea8a461f2fcbe693a1d95e173bed4032249a784
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\sessionidgenerator.html
html
MD5: 9666a0a96369454164523cda01a3fe63
SHA256: ab6c5651ef3b446b54e2b74dc6fc110d4949342a2c112ce3e60bac33229d01d3
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\resources.html
html
MD5: b284db7f91f203665162690cab64ad14
SHA256: dda95cb939988645e3543e7d0ef870893085f2be98eabf492595f1ffc6c10abc
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\listeners.html
html
MD5: 271e718153cb3bf375d0bf3e574e2e12
SHA256: 454073c1a058b832483504db23d3fce54f6f47826c4037e8aef31e7575b2c63c
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\manager.html
html
MD5: 73edf533ee438034d6a47a8e478bfe92
SHA256: 2798a3e2169c43a54139807fe70d227aafd3357738ab5e3af83e59cf630c2de7
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\realm.html
html
MD5: 91b969fb471874900552c04735e5252c
SHA256: b21afeec1014f4a2c0b0c3c2aac237e654d4db4b5325f3de553656dfa55d9fdf
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\loader.html
html
MD5: 8ed88f1852b1d36fe74b831bb8ef0f92
SHA256: 297a757c6b6541383b4e2bcf5c0a01e485c30295ea2665b11958b19206d326e3
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\globalresources.html
html
MD5: 3329e5e5686d8c3291859c125f4c8eb0
SHA256: 8942ab4e1d5b1ec5b7cec559bff3b22a6376a113b2f3ced0152bb3b87b8aba49
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\jar-scanner.html
html
MD5: 3cb39466d161d4236e7e17fe97be537a
SHA256: 4c534927f83371a006d923822a28f293090d66576da043cdb014c6fde9f48c7d
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\http.html
html
MD5: 7e40d12d686724bf3929f6fa239df99a
SHA256: 4bf83710eedaba000c0460d0ffc5e51f29308c7f43a6cd2ddcd3d8b695a86df5
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\host.html
html
MD5: 57b24ca1ef67c203bc753a287646f897
SHA256: af0a3e7409893eea45d9d872c47fdc1a0dc2902760b780a53881d373c4dfeab6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\index.html
html
MD5: 521383d1a38de67497b29baeae61e211
SHA256: f73909dd643e84891029eb428ecc6e56d3bf56ef3f4cb7c29cfa162b2d2b2750
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\cluster.html
html
MD5: db66bb5fe4edb67559680cc33e45bb80
SHA256: 383da441171dfee05192b8b294700b528ec83227111a90358177315043db6f6c
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\filter.html
html
MD5: 21025c0edba23f992bb578a06e69e2ea
SHA256: 3892b4c1f79e806b9ebd99965f66b71c90b422a3429b7d943d37c71ec2acfc69
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\executor.html
html
MD5: 4db04c715c728b228a85075a4859ca7a
SHA256: f9258025239b2e17d8740c0f48d4389d09c4b4c5d720c56abf858b694e4f79f7
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\context.html
html
MD5: 47f196463044d28f43ccb20d87423cb0
SHA256: 49abfecfaaae5f0de2be9d7c6e4492ff155cf3522abab93d868d2fb3c84c0c60
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\engine.html
html
MD5: ae21d93dc6b69e001219966650191d8b
SHA256: 595194e982d87c6577906cb1ba30b878fc7e1bda52678720396efdad66837db6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\cluster-deployer.html
html
MD5: 85e46c108aee62601dcbe25fcc2dc659
SHA256: e859963e93e5dc52d1e5fcf8f7003e8f3985e2acfd205e40ff328f9456d5b781
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\cluster-interceptor.html
html
MD5: 97c56a6c60be375fa57891796d0268be
SHA256: eadeda8444f09aff0166f37fa8d36d0dddd04be7a1e83ba1e96f3f0730e2927f
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\cluster-manager.html
html
MD5: d16bf8266613ec39bc621e7a154611eb
SHA256: 67de581d8f41dcb09df100bed9e89dfb1d667b6bf6d361af412a28e49c742eec
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\cluster-membership.html
html
MD5: f32ceff324a080b683fc11586aeb0811
SHA256: 9482b51ea3ba237c561c99e5883385c19af83b17617e0b2108ff4083ceb57500
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\cluster-sender.html
html
MD5: 85976e8453f3a258fbaae93190ddecfc
SHA256: 0887ddce44f8282f4360fd77dbb50256f0ca248bf202a357e66c6c9724e3642f
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\cluster-valve.html
html
MD5: f07ec3a939a0a2433852af02584832ae
SHA256: 14eb42c2a39c67bf35ae59740da6f2364f3ef35ae772551824e68674d796d54b
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\cluster-receiver.html
html
MD5: 7d263a6b55661886e62491a23e73e5e7
SHA256: 1b6960a21a37fbf3ad86ba4e674645327f63d12f04435e8b15de26ab233d288a
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\cluster-listener.html
html
MD5: 0cb556a43e005192fb52a00ba6825f5b
SHA256: c411bd0dc9170ff819e41c92299b05101747b314128039143c043a73952a392e
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\automatic-deployment.html
html
MD5: 188d634c659e94ee5c93fb3f90eb646e
SHA256: 8685ca534873c0667a61e0c513d5bbe135d6e7766c5b2185d7d3ee4b56e61042
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\cluster-channel.html
html
MD5: 70dddcb03ae094c2e0fa205dab83a53c
SHA256: 85bbd88501ca496ac2216442858785cee4e13081f23f58a88317825a8a3a05ef
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\config\ajp.html
html
MD5: 48012179dfb03e58b55bdeb8f1ccb94e
SHA256: 6af233bc59f89f8611c0d50944c554a5e571e2a6bdc0e228da252789575f8da2
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\architecture\startup\serverStartup.pdf
pdf
MD5: f50ececf48039e0631c6b88fd3e6bbca
SHA256: ba2f4c6806ed4a3e2ca487b25b66d6cdb3f7869a9c724950c2c8a8b9ed1e2b03
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\architecture\startup\serverStartup.txt
text
MD5: 6b60d860752ab00b6a574d673fa6d7dd
SHA256: 935f7e7af719725ccefb6133ef9037508fc9a56cadfebd88c44dfcc4e3350db2
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\architecture\requestProcess\request-process.png
image
MD5: 1581393f3ca4bac439779caa1a85ca10
SHA256: a1f77a86b92cc872ba86a4ac538720debe5a075f56cf6ede6a52c1b1ec91b741
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\architecture\requestProcess\authentication-process.png
image
MD5: 7d8500c5f92ba792006187e93e9f4879
SHA256: db692e24785f79099a558d554c83ca452afbf731dbe3f1d8d8e3d9a6136cf571
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\sample\web\WEB-INF\web.xml
xml
MD5: 66d3950806cc498432ec4d20ca28f3bb
SHA256: 82a0826fe3b10955ec381c8f06d21ddb65d20a46ae43abbb59ff9c419757011b
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\sample\web\images\tomcat.gif
image
MD5: 4e41a821f4efec0737195ca34695a4d5
SHA256: dc5d18af5aebf5ad183db10b5d17d0caabb65a1b5371af6d4c2e1160c16649d6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\architecture\overview.html
html
MD5: 4e6981c6727171d9eb99a4c9ee203b3b
SHA256: d393943fa7d8e64913d0865c66495aaa36f81ef0948b9358c6790b2f8289436f
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\architecture\requestProcess.html
html
MD5: fe224c77c351a8a5ed72242bf7a25d28
SHA256: 7c0cabc82eb5f43845109ab65e4c58e950be499de28f56dea3d4bcbfefa1b8fc
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\architecture\index.html
html
MD5: 6a362c0190937fce2c5a635cd4499162
SHA256: a198577d636537563fe82a857a8dae5c7fbf05743247a927ecc2eb1109bd9738
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\architecture\startup.html
html
MD5: b3cb1f5fee9b1ec94dc91ca4813242e0
SHA256: ffa1a56b9fb2e85f8ed9db27626df69637c7d35dd45918f366d2ccb84755afbc
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\sample\web\index.html
html
MD5: b04c62ac092fd98bcf82bb5e0704bd9a
SHA256: 08afc7fbac0fc8afd54f2c121e4ea9544c3f566cff0dec3a1d15c71d70cf85ae
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\sample\web\hello.jsp
html
MD5: 4012337fe4d5ee264c342a78a009e66a
SHA256: c13ba44492cce85b14b3c27a3725c266adb1097319133c2b6812b88a8f772d05
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\sample\sample.war
java
MD5: 570f196c4a1025a717269d16d11d6f37
SHA256: 89b33caa5bf4cfd235f060c396cb1a5acb2734a1366db325676f48c5f5ed92e5
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\modern-header.bmp
image
MD5: 46f339aa9b187e4b5736dea11883aeb6
SHA256: 82f819b9281f6a7799a3a000f03555b52e6af990e2d9b2f68a5a82045681951a
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\sample\docs\README.txt
text
MD5: 571b3bfd3e1d54c44404083033be5681
SHA256: 36f383adc6b9ef8cdab413442a99fac0606a4d32b9db676322c6eb429f9f4844
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\processes.html
html
MD5: 2c87145227cf33c7a4ae90cce30e81f6
SHA256: a0a2f93c36729b4c7be7ccbc63a883c1bbf7ae6244187e123920749ab4d26836
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\installation.html
html
MD5: c2f05ba99da8324a3181f66e3ecaad9a
SHA256: 01c8e99cb86ac6a138eec9fed2dfb8f38ffdd83d236a348600ab76be431da61e
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\source.html
html
MD5: 92e14a81bbd8fdbb42c419c16da1a530
SHA256: 5e7df540a7139e7d5a1f83516059fee31bf0b20bcc45acfdeec074781ff606fa
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\introduction.html
html
MD5: 670f830f6b35efcb074fab1771a6baf9
SHA256: f15f09b3d812c72c0bfc4b79ebbb26b204bd0e369a1eec2e000b0deb4c1fec09
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\web.xml.txt
xml
MD5: a739f2cc5faface8b0eff5c1d67e59e2
SHA256: 0ce6d745a08ee27884e1f87ef54a4a1b511e8e82b9c7c57ed6bf61345f680e9c
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\sample\build.xml
text
MD5: 58a2285e539b8688162a9d3ff823a33f
SHA256: 6f7f25151598be01e6cc2f3309343dd77487419b5963cf363e0e8de4ed556942
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\sample\index.html
html
MD5: 5c86cfb5cd68158f850b214d7d68fe2c
SHA256: 5e571cfaaafe73e7d3be5f43b54b8e2da631550941546236e32124b4d45e1ef6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\index.html
html
MD5: d5edd87a47cd292ecee8d13040301cd4
SHA256: 3b683b2a61a3533a34248f35f8de6b383aff9938bd37fca1a3fd9e1efa62211f
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\deployment.html
html
MD5: d85ad18cc0d4d58ec55f2a828136ac82
SHA256: b882973d80968d3cd1479f1a1b3693c56bf532669158c10fdb7c98df434f46e6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\api\index.html
html
MD5: 2af509181cd2002148bb9b78f332c963
SHA256: 597d8839fe83b4b7dfddd41d47afbfdf770e8b542680c8d10f253a8374335aa3
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\appdev\build.xml.txt
text
MD5: 58a2285e539b8688162a9d3ff823a33f
SHA256: 6f7f25151598be01e6cc2f3309343dd77487419b5963cf363e0e8de4ed556942
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\web-socket-howto.html
html
MD5: 84409b874ddb3de8f8603e3ed090f2ab
SHA256: a4a308e0b19a1a91fe3096a12404a9cc0e2dbbe7a9258a4f9fcc7ee0beb6179e
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\windows-service-howto.html
html
MD5: 79951921eb604d342a956ae260eb27e7
SHA256: 170b25aaba15a170bec13c1bb1e2f75ce7e771f4d416ea4700f0e6ba59c05e78
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\ssl-howto.html
html
MD5: 85c985b8778ac63a8cc1edb0e01bd9a3
SHA256: ca5882d66cbc7a94d37dfc5d7385c16ff2d9dc5eddc2814070e73fa7b0cbfabb
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\virtual-hosting-howto.html
html
MD5: c6bff10e1701b9cad223322ba252b2e6
SHA256: d2f1dafd201a92ab125f622b585329bd35ed825eb7ca9fe79dd5c70399c38162
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\windows-auth-howto.html
html
MD5: 8b214ddf2ae0d6aacdbe28e33c926ed7
SHA256: 00cc041b0de57f21ead4b4629f5e6683c059a1398fb56239315e1a2f7f98b688
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\WEB-INF\web.xml
xml
MD5: 2e79d3f54d02750026fe37661cc3fd4e
SHA256: 0b093ce2f15265e7ff4ca6acccca8b96df780c1c12ec43343b3ae7296c6fa104
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\ssi-howto.html
html
MD5: faff34a8307840f47c639cd009fe3717
SHA256: 0b2325e140ae199cbb0a7fe75819d416320185333e68375a973743db4f3debf5
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\realm-howto.html
html
MD5: 9d79bcf0bb6a007da439d55fbd71cb84
SHA256: 39f191b4ba6286b675a6f72884c6484855610d35c837ee5623d00a0c785f4524
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\security-howto.html
html
MD5: 222a9f17742813ca2cadd97a612cad2c
SHA256: 65e56df858589f04a9a55ec0f447fdfde73ebe142ac2ae5a6d3b51f8aed05450
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\setup.html
html
MD5: 700a6cb447aee9b2ff5be09ae5d7adf0
SHA256: 042a449344f3dc0830469d53461a92e597f8d9a0fd0cb52e9e0327ef73e0cf21
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\security-manager-howto.html
html
MD5: 3feb76f53e6bbfe104baf87b3375cb4c
SHA256: 0eea92ce1af883f9f1d309b99853c18019a56862dd094823d9dc5cc8c4225d62
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\proxy-howto.html
html
MD5: 5387d3db649aa3772afb4327a616f967
SHA256: a97d9899e1fc5b88ba21ae79ca04d601b69a17f8bdfe1bf54a10ccfc1a4554cf
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\mbeans-descriptors.dtd
xml
MD5: 2f81a75941f82b27176e1237aeb0bf30
SHA256: 2ab0f5c6d33208d85b2e4b25bb73a90eaa36b43ff8e9ac9e7eea8b48edd62d88
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\manager-howto.html
html
MD5: 1f756755b736ebd147a23241734dea3a
SHA256: cd1e7f649884f8cf50d20fcad1dee8a54a69af5ffaaba7e5beb892b05382512c
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\mbeans-descriptors-howto.html
html
MD5: 02a526eba68d75864a6a38ded945fccd
SHA256: ae950e870bc6071ec1a9a94e8c0fcfc4bc54fb52b5354ebd551bf7a3b2ff4068
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\monitoring.html
html
MD5: bce67ba82474bda6e07c0e473abb1bb1
SHA256: 5519cb2f53293f39f2b46e3d3c261ba0853d4992a82a9dbaf6abeeb0e76a4d5d
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\maven-jars.html
html
MD5: a790263ec8d483f6591a79c4b79bb646
SHA256: 23083bd4b7318e1084108d19f7e5fda315cd83877da0f71f8739ebb34cbe2f98
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\jndi-datasource-examples-howto.html
html
MD5: 19255ffa20999cbe1248dc04bb55b92d
SHA256: e4d469286b59fcc2a44e6e6430c1c80fbfa87c4dd48395ce2d6e7f9c3d8dc441
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\logging.html
html
MD5: 51cf8ec4751623deea8d6a92890e6a97
SHA256: 7d291a3660855c5c498bdd581443746c9e70040e838b66ba3497f4da3ba7038e
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\jdbc-pool.html
html
MD5: d823d94b3454e26c6142a34084665e68
SHA256: 595e176fad05d34872f71a2e0e0b747216292602a6542f8916d222f1b1a363db
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\jndi-resources-howto.html
html
MD5: 5cbf587ff0f772c4536a386703ac71d4
SHA256: eafbe78ec634d812da21e66694b4ffdd00d98b6feb88eb96ded7a1e69a9bfed6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\jasper-howto.html
html
MD5: 8c927e4c3c7a97f8d87f9244be7b9fde
SHA256: cb1d628ffd5be2f19348cfc270073e967218a1d298244a546259a96bbf51b782
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\host-manager-howto.html
html
MD5: 8c03bf43a1e9c0eb25d0fa126415fe57
SHA256: 2a14e55bec44f43f5ea3c605277c6aaada3642ba86ec374690da26bb940bfa95
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\introduction.html
html
MD5: 605be2e4b8a5df63f989664ca4b99fe9
SHA256: b085385110fb5918fbe722d72d24bb4b2c9a876a784e1ce5a38e234fb012c4b0
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\index.html
html
MD5: 03309c52ff4e4715e3a892d34a9229fd
SHA256: 4c2eccbd205d31698ef029a873e3ca1b4a8269b7a9f31036dc2d3a13f70deb62
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\html-manager-howto.html
html
MD5: e3893cacc1b745c6c8238d3202df59c8
SHA256: c8dca995dc7b58304295fbd973ce7543c4434da8f41f8eb75fb51ee5442dd76c
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\html-host-manager-howto.html
html
MD5: 40e4984f97515d9c96aa17fd4f078710
SHA256: a657783854391def3a1d9e1d991cb60b76a91ef9d7937254608905ba7588cd93
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\deployer-howto.html
html
MD5: ccac1152d7bde948187da3b9c911932f
SHA256: 35500e3b5497ef4d19c22b513d7e881a7c9b09221ac2e22b0da6082a0c172a1c
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\developers.html
html
MD5: 48797916ad06a44a8596e5c1d33efe97
SHA256: 2d4361fb7b100e3350ffb9ffb92e5034f2c720f3c44205cba281ef704ce9fee4
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\cluster-howto.html
html
MD5: 4551f188425d16d500e20700342628f3
SHA256: 6bd8230932ec048131d3c1bc40555710b9e377d2448b82d3629a3917aa3d4460
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\extras.html
html
MD5: dc796781d743f91409ce2407165a476f
SHA256: b488cd4afd2eddac024e2dc7ad9ac1ac7b4f7359a722fde51e2d3a8efa5daea4
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\comments.html
html
MD5: 132e0110f8aef47f486c9ecc49e79e02
SHA256: dba16d66609ed7bb99c3e97eb87e4a0f540414c107e1a6dae4f52d2156e18e24
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\connectors.html
html
MD5: 600bbd48246f45dc88a886060c0cad9d
SHA256: cd8d6300e4e02fbd129c04852cec3616353b388acc1cd590e27a1a5b4f6e064e
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\class-loader-howto.html
text
MD5: 53f405a899e0b47ff7c1a127ffee6439
SHA256: 92ff8b0d5b44751899e50ab32591c3442a8271577fcff41349033cfbdfbab670
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\default-servlet.html
html
MD5: 240ebf8fe2ac43190dceae85fc439a64
SHA256: a4d427dcb7d534f9045f7b385a3ab5801ba2345bdb8c7bab08af5f9c431c9e05
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\changelog.html
html
MD5: 3973b72a4204feb5f7401a9120f2286e
SHA256: ad9a28ccd7e9cc6159baad089f306bd2c1fbede7f898d307fc780941b5efde54
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\building.html
html
MD5: 93c08d92dfbe814a3b7267f9a62797c0
SHA256: f8b8c918944945ed31f762c315c5f26d7888073913aa0d29bf36097e88726dd1
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\cgi-howto.html
html
MD5: 009ec6f9eb2338ee5da33b0e67996d8a
SHA256: b78790f7ca2e5480f56d532df8537cc32fc51120db9d6d9540f14466ebe40c95
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\RUNNING.txt
text
MD5: c1e11238e462570fd291f494f1da0d3c
SHA256: c93bce881d2a70deab69b8bc81a766367f9fbc340cc545e1ea3e12df10073d4e
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\aio.html
html
MD5: c40e93498ef6876e2793f61549ced347
SHA256: 0d15770a5fe3fbfb25c640b3e84c5768e51ffbf7bcef255af4d0cffa2d2d479f
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\apr.html
html
MD5: 398507c9d7f6ee88902c7d46f0a71636
SHA256: 4949743a1c53e4b880381e616ac2885898ad4dd1ad58cbb1ec9da9ca581600b7
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\balancer-howto.html
html
MD5: 3011bf52545c286e3a9d6d57a78938c2
SHA256: ac84d763f6f2e909c7a2f0f70b3813530317d367ac1eb163d7dcc550519ee4d6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\RELEASE-NOTES.txt
text
MD5: f41b6f213108c24572b361c21af8dad8
SHA256: 8a4ea42eeb7ee50dba2fb3aa81954dbac97426e95d287a5852f9b635d4c7a980
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\docs\BUILDING.txt
text
MD5: f90ea93f667cb3b5539d0de1361b0f21
SHA256: af86e9398f9daf1a3bacc0fb0f3e4d07ef95105e7ecc9139a5e2eecb2a4d5250
3556
Tomcat7.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\logs\commons-daemon.2019-03-14.log
text
MD5: 556ccb28dc9596dbf21235af0dc92978
SHA256: 9c9fed3b1180cc5f22a147f90d23101e353090a18c1211482445ecfd19c26d0f
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\nsC01D.tmp
––
MD5:  ––
SHA256:  ––
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsm9B9B.tmp
––
MD5:  ––
SHA256:  ––
3864
kkk.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Monitor Tomcat.lnk
lnk
MD5: 1c62820cec18b2ae3bb026a27ca46914
SHA256: 60dce319114370cf60c562b8a38f58cd21a092f6955a62038eb967393e7a3fb0
3864
kkk.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Tomcat 7.0 Program Directory.lnk
lnk
MD5: 2c61dc888db03f09fe3c6044cff7f8c1
SHA256: 30444f7a010b4b3f7d89f28dd407e9feca99d1e40843de4cc98b9410a48975f3
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\tomcat-users.xml
xml
MD5: bdacef274266c4e9387474b5c3a13f90
SHA256: 0471e6ffa5e0687ca0a3caaa8d747ef6cbb057a4de0e8c89d38c7b4c53da7d93
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\server.xml
xml
MD5: 404c9c35288baa497ac9f21690f5decb
SHA256: 271c8238c269a9120c590d47c9157036f732b70a869ff12b123778af74c5f6e2
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\tomcat-users_2.xml
––
MD5:  ––
SHA256:  ––
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\tomcat-users_1.xml
––
MD5:  ––
SHA256:  ––
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\server.xml.new
––
MD5:  ––
SHA256:  ––
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\tomcat.svg
image
MD5: df83f9a63d88f4dff833bb662c6fabf0
SHA256: 69d3ad6a08012880461bff365e5e94f6b57f7a8cc3abe96fbe15ccf9233798be
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\WEB-INF\web.xml
xml
MD5: 1d29c30be0dcb737733f3651207b5007
SHA256: 43deb5859cb738da14da504c3c985f20221007951b2d83144e4862f0a851ecad
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\tomcat.png
image
MD5: b1661b22c16b597596a005ab73068c0b
SHA256: 5d4dbfc82ee715a653291fb987dd565b6fc567ffee828d9e4c5f181c75eca0be
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\tomcat.gif
image
MD5: 4e41a821f4efec0737195ca34695a4d5
SHA256: dc5d18af5aebf5ad183db10b5d17d0caabb65a1b5371af6d4c2e1160c16649d6
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\tomcat.css
text
MD5: efbafd7f3b08955243f458d51d93dacb
SHA256: 023798d96a5aabe50ec803667c59465a34f801d7e961d22b8a75f002650053f7
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\favicon.ico
image
MD5: 4644f2d45601037b8423d45e13194c93
SHA256: 64a3170a912786e9eece7e347b58f36471cb9d0bc790697b216c61050e6b1f08
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\bg-nav.png
image
MD5: 7b761b2689b869d6de79aec52a94141a
SHA256: a66793441ab6918ff3abedf7dc5d7f3af1c88160b759afc6801d4083146a9d3c
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\bg-button.png
image
MD5: 743c4028bcf5223910a5f3bb45b6bf64
SHA256: 3c1c7209f4149919826cde2002db38e65edaab67c512ea43f5c89ff25229321f
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\bg-nav-item.png
image
MD5: 6f00b9d3316cd72ca8209f5e832c9f00
SHA256: 51de7432659f09229daf729e4055ca0c7e72db93545debb9dc499a3068f35d29
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\tomcat-power.gif
image
MD5: 0873f58239f849263efa53f2a007e7d0
SHA256: d046f4224929eaedffcd6e4f26c154a24758224667c6fbdf746f27a41c605bc4
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\bg-upper.png
image
MD5: 695c7fb0408de1cd066b81c5513671f6
SHA256: d55804555b409577a64e159c0b248e94d8dec4ce6814382daf5938f2b3671c30
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\bg-middle.png
image
MD5: 86723de8efaed1ed3b12236128b3198b
SHA256: 48f4b63166452d3ea35d9678ec95b75e8c38d6eb2ad59456b1b3445c36a4b1fd
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\index.jsp
html
MD5: a4b78d604d43c6f49e8b81920cacc69d
SHA256: c3e16f577dad9a4db22e2d60d3e5d52f86cb31f643f8bc330ef3032dfd09632a
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\logging.properties
text
MD5: ea6f4318d75aacd49f8d02140e5720ef
SHA256: 831238050470b70e780020312393b0125e4587dc5266478f71c27e3af2b1501e
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\web.xml
xml
MD5: 44ea2fe49051a9fc1988f4a27b39f8e4
SHA256: 861ce3db15f9079325aad0bfeb99b27fee2f8036e1b7a78ec44fab91d294a4de
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\RELEASE-NOTES.txt
text
MD5: f41b6f213108c24572b361c21af8dad8
SHA256: 8a4ea42eeb7ee50dba2fb3aa81954dbac97426e95d287a5852f9b635d4c7a980
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\tomcat-users.xml
xml
MD5: 08a55b84473aa08e6d1928e52354e21f
SHA256: 1ae3e006efbca9d9fad90db7d9d931b6aa08c7ca289740af7cee9155b9966c50
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\ROOT\asf-logo-wide.svg
image
MD5: 9beb75476dbce98a4494f2e39764b9e5
SHA256: 72cc7a62bec113e29ccfc7d9043859b17d210172302e2a5772d5a6031f427cd0
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\catalina.policy
text
MD5: 48eb4fcce21d08195d0640bf2119fbdd
SHA256: cd3671719d7488ced4366e3e11e0dc15c13eb13ae73422ececf4bdb150bb68d5
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\catalina.properties
text
MD5: a377e7c0a0ab6c9cba04ca2ded07cb5f
SHA256: 4ff765985618446014c69bb06c604fc4869ba5fb0529e0e4865e722fc473fa17
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\bootstrap.jar
compressed
MD5: b5a435a033f870682e3cca4c7d0c52eb
SHA256: d04e217ea5c7bb9b4b00aa19b85732d139af1a7d0734b13c4a800e3eec70b3a7
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf\context.xml
xml
MD5: aead2ac859e3a7a0663b9ce9a823d4d3
SHA256: af5704c27ea560586eb9b961f5b23951be1822c299934b78c87b734c35477935
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\tomcat-juli.jar
compressed
MD5: 2661cd49e1b64f57d70da63dbff29c5a
SHA256: 6399449abaf7eedf9135062c46144c1865aaf8301ae3080bcb34803a587e38f7
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\websocket-api.jar
compressed
MD5: 0fb9296d57d9540e0b1d3cff1c96742d
SHA256: 31839cda4436d9f4dd7bdabb5f3cced0e9dc0db18427c0889714e7381a98efe1
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\tomcat7-websocket.jar
compressed
MD5: 30cbadf189398f0c81bf1a651582a539
SHA256: d4f66fedabfe88c6ea25e9360fce35ab29f120652d5ac2afdf2c1889dbfcac34
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\tomcat-util.jar
compressed
MD5: d5526cbf3ec0e2d89485c6380641d12d
SHA256: a3b8a5c7bd33adf6b1317f895b429a8930e3620e5493b3fc7804237b5648b7aa
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\tomcat-jdbc.jar
java
MD5: 7d545169027535a2bb9ed8e0705c51be
SHA256: 20c767c3da7741c9436c751c1d8db596fdff238bb0319b0b982df70492365e44
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\tomcat-i18n-ja.jar
compressed
MD5: 236d32108b37589300b3932031706302
SHA256: cb7051d8993ba503fc7f4c38bacffeb18459ca6a852ec3cfc8977ce6226b6d49
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\tomcat-i18n-fr.jar
compressed
MD5: 0517fba80abfd727c8879f12bb0aa0a5
SHA256: 2b14426a314ab80fb070ac3344afb4968844447cc5e5591910e7554738090478
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\tomcat-i18n-es.jar
compressed
MD5: d180e423f4e94922bd0b7db39be2a244
SHA256: b1654f5b3f4e1fa3c0b20e6d303c920397c284b03da81528c52fa62598e2b8a0
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\tomcat-dbcp.jar
compressed
MD5: 6cbc6c38264243b89e2676d0ffa96c98
SHA256: 76e18743f8fe7ac4b908c818b19987578adcdca17f39d9faeb5856c442fc5394
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\tomcat-coyote.jar
compressed
MD5: b24b9bbd942a64c186171d9f317ca60a
SHA256: a9108b5427f5556fafc6cecca001af363b2272713f98b0cd536c899c5b72e640
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\tomcat-api.jar
compressed
MD5: 715d2384375bfabebdb74e228a600c08
SHA256: 4bf18629cb88d1e816891e121e998662a12a94abbf5c2f343640f245675d1033
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\servlet-api.jar
compressed
MD5: 84dc775a9515a5e32fefee0726e17eb3
SHA256: 304583347b2b526bc756a4314d014484cff828491a77ac135a8df451bde55aa5
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\jsp-api.jar
compressed
MD5: 1803a6ee33e9249ed27eef90ba4772d8
SHA256: 794b2d15eb93471c8444860803187aab52e402b5dd97414e5babe99221ca55d7
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\jasper.jar
compressed
MD5: 9b5bbd94fe9eb9c6bf7030957232f12f
SHA256: c95f29e0178e57b007b2b79f5924a2717797c28ce0d48f3530a06b134eff4804
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\jasper-el.jar
compressed
MD5: b56633789bf5223b5f4527e315cc4f12
SHA256: 1e10ef319739cfb46979f26e96572c347f0342706589e376cf107c0481e4eb03
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\ecj-4.4.2.jar
compressed
MD5: ee97ab38f390547839b950bb51bf5cb5
SHA256: 2d6ee21554bbba012b6b0383be6e6587fa35370104e41c10a3eb47039fa3e6d1
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\el-api.jar
compressed
MD5: dd436e0562dcdad12490ad4078645ae1
SHA256: 6bd8e2d49b912e351bd4f1e1229a6dff71b4a7de9eeabd71bc1d9fbdf486e220
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\catalina.jar
compressed
MD5: 550f29d3d0f09f0327252956c8585507
SHA256: 5350f358546dd9fa2f7b4a2d097eb56a9a757da101750c590a034aa0588c85c9
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\catalina-tribes.jar
compressed
MD5: 1efd071efb45c6bf2498b69eeacfac66
SHA256: 9a063aff0320784920b49bda1339517bc90b9ac3334788db616bb6c7a66a83e5
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\catalina-ha.jar
compressed
MD5: 9dd51b7cee5f81c9cd34ea6627e3b102
SHA256: c4372aff7fcd9b01e4da279285a98fdc5d32a85e0bf4be10e127c6c3870614f3
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\catalina-ant.jar
compressed
MD5: bde6fe7621f19c79a5d5ca7ff02a6e0c
SHA256: 81732f361f6d66cd15c8c30be3095f977fcc04451cb21003a8b6ba9ffb1dbb4d
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\RELEASE-NOTES
text
MD5: f41b6f213108c24572b361c21af8dad8
SHA256: 8a4ea42eeb7ee50dba2fb3aa81954dbac97426e95d287a5852f9b635d4c7a980
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\LICENSE
text
MD5: 77cdeaa98def0e01e61a53d09bfde75d
SHA256: 235d08270681f90e9151773d197d7ebaf52e99d95d1f4630328ef1d70ef8c3a4
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\lib\annotations-api.jar
compressed
MD5: e5d17edaed010b15a58cc4f04853046f
SHA256: 4b7f62717e76c866bc66332a4788fc070a21a669c060cc9ddd4b3a6b58496921
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\NOTICE
text
MD5: 7c690a783eb0fbd1a31ef9ebd8479597
SHA256: 95b54c6460a90a612cb4e4b8c4aa2ff0b14156f72a4713dddd7da6810bccd078
3864
kkk.exe
C:\Program Files\Apache Software Foundation\Tomcat 7.0\tomcat.ico
image
MD5: 4644f2d45601037b8423d45e13194c93
SHA256: 64a3170a912786e9eece7e347b58f36471cb9d0bc790697b216c61050e6b1f08
3864
kkk.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Configure Tomcat.lnk
lnk
MD5: 99767e83f155c174d17879973af9a070
SHA256: aa19e4304b44e085b73836cb23a6b186aee5fb029c59cdc5f64a69e9f443351d
3864
kkk.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Uninstall Tomcat 7.0.lnk
lnk
MD5: 1278c9bbe6fd2e542d423e41e4d879f1
SHA256: 3a85dbb83df7341923fcd1122f9f4149806c42957871bd1c45e5a0f6a003a455
3864
kkk.exe
C:\Users\admin\AppData\Local\Temp\nsc9BAC.tmp\modern-wizard.bmp
image
MD5: 4f7c3fd818ea30571d84fd9d217a60c5
SHA256: dd41483287b5a50deb16fc587fc5654d25f6b5e1680cf400b21cabe86d925f67
3516
Tomcat7.exe
C:\Windows\system32\config\systemprofile\.oracle_jre_usage\90737d32e3abaa4.timestamp
text
MD5: b231027ad8c35b5ff5701c9d4316e9b6
SHA256: 8f0b84cfdf3b7e79e84a2e82476c7723da3d28dc49702c30bcfbced1624d507c

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

No network activity.

Debug output strings

No debug info.