Automated Malware Analysis Management Report for wps_wid.cid-735916525.1730301987.exe

Overview

General Information

Sample name:	wps_wid.cid-735916525.1730301987.exe
Analysis ID:	1545519
MD5:	8d76bb0011099f752d1df93ad3f697f2
SHA1:	467d3da8b2fa7ff0d2958d30c3345c109647e09d
SHA256:	d19fe85036be98b74fff67bb43864b51c0e774085daac2fa09a3182acf08e772
Tags:	exeuser-Fuzzy
Infos:

Detection

Score:	26
Range:	0 - 100
Whitelisted:	false
Confidence:	0%

Compliance

Score:	34
Range:	0 - 100

Signatures

Contains functionality to infect the boot sector

Drops large PE files

Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)

AV process strings found (often used to terminate AV products)

Binary contains a suspicious time stamp

Contains functionality to call native functions

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)

Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)

Contains functionality to communicate with device drivers

Contains functionality to dynamically determine API calls

Contains functionality to query CPU information (cpuid)

Contains functionality to query locales information (e.g. system language)

Contains functionality to read the PEB

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Detected potential crypto function

Drops PE files

Drops certificate files (DER)

EXE planting / hijacking vulnerabilities found

Enables debug privileges

Extensive use of GetProcAddress (often used to hide API calls)

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Found dropped PE file which has not been started or loaded

Found evasive API chain (date check)

Found large amount of non-executed APIs

Found potential string decryption / allocating functions

May sleep (evasive loops) to hinder dynamic analysis

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

PE file contains executable resources (Code or Archives)

PE file contains sections with non-standard names

PE file does not import any functions

Queries disk information (often used to detect virtual machines)

Queries the volume information (name, serial number etc) of a device

Sample execution stops while process was sleeping (likely an evasion)

Sample file is different than original file name gathered from version info

Uses 32bit PE files

Uses Microsoft's Enhanced Cryptographic Provider

Uses code obfuscation techniques (call, push, ret)

Uses the system / local time for branch decision (may execute only at specific dates)

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Signatures

Cryptography

Uses Microsoft's Enhanced Cryptographic Provider

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009CA920 CryptQueryObject,CryptMsgGetParam,CryptMsgGetParam,CertFindCertificateInStore,CertGetNameStringW,CertGetNameStringW,CertGetNameStringW,CertFreeCRLContext,CertCloseStore,CryptMsgClose,CertGetNameStringW,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,PathFileExistsW,GetPrivateProfileIntW,GetPrivateProfileIntW,GetPrivateProfileIntW,GetPrivateProfileIntW,GetPrivateProfileIntW,RegCloseKey,	5_2_009CA920
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00C0F0D0 ?replace@QString@kso_qt@@QAEAAV12@ABV12@0W4CaseSensitivity@Qt@2@@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,?isOverseasVersion@product@krt@@YA_NXZ,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,??4QString@kso_qt@@QAEAAV01@$$QAV01@@Z,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,??YQString@kso_qt@@QAEAAV01@PBD@Z,??0QUrl@kso_qt@@QAE@ABVQString@1@W4ParsingMode@01@@Z,??0QNetworkRequest@kso_qt@@QAE@ABVQUrl@1@@Z,??1QUrl@kso_qt@@QAE@XZ,?toUtf8@QString@kso_qt@@QHAE?AVQByteArray@2@XZ,??0QByteArray@kso_qt@@QAE@PBDH@Z,?setRawHeader@QNetworkRequest@kso_qt@@QAEXABVQByteArray@2@0@Z,??1QByteArray@kso_qt@@QAE@XZ,??1QByteArray@kso_qt@@QAE@XZ,?toUtf8@QString@kso_qt@@QHAE?AVQByteArray@2@XZ,??0QByteArray@kso_qt@@QAE@PBDH@Z,?setRawHeader@QNetworkRequest@kso_qt@@QAEXABVQByteArray@2@0@Z,??1QByteArray@kso_qt@@QAE@XZ,??1QByteArray@kso_qt@@QAE@XZ,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,??0QLocale@kso_qt@@QAE@W4Language@01@W4Country@01@@Z,?currentDateTimeUtc@QDateTime@kso_qt@@SA?AV12@XZ,?toString@QLocale@kso_qt@@QBE?AVQString@2@ABVQDateTime@2@ABV32@@Z,??1QDateTime@kso_qt@@QAE@XZ,??0QChar@kso_qt@@QAE@UQLatin1Char@1@@Z,?arg@QString@kso_qt@@QBE?AV12@ABV12@HVQChar@2@@Z,??1QString@kso_qt@@QAE@XZ,??1QLocale@kso_qt@@QAE@XZ,?hash@QCryptographicHash@kso_qt@@SA?AVQByteArray@2@ABV32@W4Algorithm@12@@Z,?toHex@QByteArray@kso_qt@@QBE?AV12@XZ,?toBase64@QByteArray@kso_qt@@QBE?AV12@XZ,??1QByteArray@kso_qt@@QAE@XZ,??1QByteArray@kso_qt@@QAE@XZ,?toUtf8@QString@kso_qt@@QHAE?AVQByteArray@2@XZ,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,??0QByteArray@kso_qt@@QAE@PBDH@Z,??0QByteArray@kso_qt@@QAE@PBDH@Z,?setRawHeader@QNetworkRequest@kso_qt@@QAEXABVQByteArray@2@0@Z,??1QByteArray@kso_qt@@QAE@XZ,??0QByteArray@kso_qt@@QAE@PBDH@Z,?setRawHeader@QNetworkRequest@kso_qt@@QAEXABVQByteArray@2@0@Z,??1QByteArray@kso_qt@@QAE@XZ,?toUtf8@QString@kso_qt@@QHAE?AVQByteArray@2@XZ,??0QByteArray@kso_qt@@QAE@PBDH@Z,?setRawHeader@QNetworkRequest@kso_qt@@QAEXABVQByteArray@2@0@Z,??1QByteArray@kso_qt@@QAE@XZ,??1QByteArray@kso_qt@@QAE@XZ,?sslConfiguration@QNetworkRequest@kso_qt@@QBE?AVQSslConfiguration@2@XZ,?setPeerVerifyMode@QSslConfiguration@kso_qt@@QAEXW4PeerVerifyMode@QSslSocket@2@@Z,?setSslConfiguration@QNetworkRequest@kso_qt@@QAEXABVQSslConfiguration@2@@Z,??1QSslConfiguration@kso_qt@@QAE@XZ,?post@QNetworkAccessManager@kso_qt@@QAEPAVQNetworkReply@2@ABVQNetworkRequest@2@ABVQByteArray@2@@Z,??0QEventLoop@kso_qt@@QAE@PAVQObject@1@@Z,??0QTimer@kso_qt@@QAE@PAVQObject@1@@Z,?quit@QEventLoop@kso_qt@@QAEXXZ,?finished@QNetworkReply@kso_qt@@QAEXXZ,?staticMetaObject@QNetworkReply@kso_qt@@2UQMetaObject@2@B,?connectImpl@QObject@kso_qt@@CA?AVConnection@QMetaObject@2@PBV12@PAPAX01PAVQSlotObjectBase@QtPrivate@2@W4ConnectionType@Qt@2@PBHPBU42@@Z,??1Connection@QMetaObject@kso_qt@@QAE@XZ,??1Connection@QMetaObject@kso_qt@@QAE@XZ,??1Connection@QMetaObject@kso_qt@@QAE@XZ,??1Connection@QMetaObject@kso_qt@@QAE@XZ,?timeout@QTimer@kso_qt@@QAEXUQPrivateSignal@12@@Z,?staticMetaObje	7_2_00C0F0D0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00C0EB50 ?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,??0QString@kso_qt@@QAE@ABVQByteArray@1@@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,?shared_null@QListData@kso_qt@@2UData@12@B,?realloc@QListData@kso_qt@@QAEXH@Z,?shared_null@QListData@kso_qt@@2UData@12@B,?begin@QListData@kso_qt@@QBEPAPAXXZ,?end@QListData@kso_qt@@QBEPAPAXXZ,?toLower@QString@kso_qt@@QGBE?AV12@XZ,??1QString@kso_qt@@QAE@XZ,?cbegin@QByteArray@kso_qt@@QBEPBDXZ,?QStringList_join@QtPrivate@kso_qt@@YA?AVQString@2@PBVQStringList@2@PBVQChar@2@H@Z,?toUtf8@QString@kso_qt@@QHAE?AVQByteArray@2@XZ,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,?toUtf8@QString@kso_qt@@QHAE?AVQByteArray@2@XZ,?hash@QMessageAuthenticationCode@kso_qt@@SA?AVQByteArray@2@ABV32@0W4Algorithm@QCryptographicHash@2@@Z,?toHex@QByteArray@kso_qt@@QBE?AV12@XZ,?toBase64@QByteArray@kso_qt@@QBE?AV12@XZ,??1QByteArray@kso_qt@@QAE@XZ,??1QByteArray@kso_qt@@QAE@XZ,??1QByteArray@kso_qt@@QAE@XZ,??0QChar@kso_qt@@QAE@UQLatin1Char@1@@Z,?arg@QString@kso_qt@@QBE?AV12@ABV12@HVQChar@2@@Z,?arg@QString@kso_qt@@QBE?AV12@ABV12@HVQChar@2@@Z,?fromUtf8@QString@kso_qt@@SA?AV12@ABVQByteArray@2@@Z,??0QChar@kso_qt@@QAE@UQLatin1Char@1@@Z,?arg@QString@kso_qt@@QBE?AV12@ABV12@HVQChar@2@@Z,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,??1QByteArray@kso_qt@@QAE@XZ,??1QByteArray@kso_qt@@QAE@XZ,	7_2_00C0EB50
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00BA3B70 ??0QVariant@kso_qt@@QAE@ABV?$QMap@VQString@kso_qt@@VQVariant@2@@1@@Z,?fromVariant@QJsonDocument@kso_qt@@SA?AV12@ABVQVariant@2@@Z,??1QVariant@kso_qt@@QAE@XZ,?freeTree@QMapDataBase@kso_qt@@QAEXPAUQMapNodeBase@2@H@Z,?freeData@QMapDataBase@kso_qt@@SAXPAU12@@Z,?toJson@QJsonDocument@kso_qt@@QBE?AVQByteArray@2@W4JsonFormat@12@@Z,??0QString@kso_qt@@QAE@ABVQByteArray@1@@Z,??1QByteArray@kso_qt@@QAE@XZ,??0QUrl@kso_qt@@QAE@XZ,??0QNetworkRequest@kso_qt@@QAE@ABVQUrl@1@@Z,??1QUrl@kso_qt@@QAE@XZ,??1QUrl@kso_qt@@QAE@XZ,??0QUrl@kso_qt@@QAE@ABVQString@1@W4ParsingMode@01@@Z,?setUrl@QNetworkRequest@kso_qt@@QAEXABVQUrl@2@@Z,??1QUrl@kso_qt@@QAE@XZ,??0QByteArray@kso_qt@@QAE@PBDH@Z,??0QByteArray@kso_qt@@QAE@PBDH@Z,??0QByteArray@kso_qt@@QAE@PBDH@Z,?setRawHeader@QNetworkRequest@kso_qt@@QAEXABVQByteArray@2@0@Z,??1QByteArray@kso_qt@@QAE@XZ,??1QByteArray@kso_qt@@QAE@XZ,??0QString@kso_qt@@QAE@XZ,?toUtf8@QString@kso_qt@@QHAE?AVQByteArray@2@XZ,?aesEncrypt@KAesEncrypt@@SA_NABVQByteArray@kso_qt@@00AAVQString@3@@Z,??1QByteArray@kso_qt@@QAE@XZ,?toUtf8@QString@kso_qt@@QHAE?AVQByteArray@2@XZ,?post@QNetworkAccessManager@kso_qt@@QAEPAVQNetworkReply@2@ABVQNetworkRequest@2@ABVQByteArray@2@@Z,??1QByteArray@kso_qt@@QAE@XZ,?connect@QObject@kso_qt@@SA?AVConnection@QMetaObject@2@PBV12@PBD01W4ConnectionType@Qt@2@@Z,??1Connection@QMetaObject@kso_qt@@QAE@XZ,?start@QTime@kso_qt@@QAEXXZ,?shared_null@QHashData@kso_qt@@2U12@B,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,?free_helper@QHashData@kso_qt@@QAEXP6AXPAUNode@12@@Z@Z,??1QString@kso_qt@@QAE@XZ,??1QNetworkRequest@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,??1QJsonArray@kso_qt@@QAE@XZ,	7_2_00BA3B70

Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp

Binary or memory string: -----BEGIN PUBLIC KEY-----

memstr_a9ababca-9

Privilege Escalation

EXE planting / hijacking vulnerabilities found

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe

EXE: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Jump to behavior

Compliance

EXE planting / hijacking vulnerabilities found

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe

EXE: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Jump to behavior

Uses 32bit PE files

Source: wps_wid.cid-735916525.1730301987.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Registry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kingsoft Office

Jump to behavior

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

File created: C:\Users\user\AppData\Roaming\kingsoft\office6\log\setup\wpssetup.log

Jump to behavior

Source: wps_wid.cid-735916525.1730301987.exe

Static PE information: certificate valid

Source: wps_wid.cid-735916525.1730301987.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source:	Binary string: D:\a\_work\1\s\\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3767362095.00000000157B6000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\printsupport\windowsprintersupport.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\printsupport\windowsprintersupport.pdb## source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\platforms\qwindows.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014251000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\pub_bh8f\rc_bug_mas_v12_2409\Build\Release\WPSOffice\office6\addons\yunkitapi\yunkitapi.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\imageformats\qsvg.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4126160918.000000006B153000.00000002.00000001.01000000.00000017.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\iconusers\qsvgicon.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: ?COMCTL32.dllWINHTTP.dllcompiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -FS -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DRMD160_ASM -DAESNI_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASMLoad file into cachecrypto\x509\by_file.cunspecified certificate verification errorunable to get issuer certificateunable to get certificate CRLunable to decrypt certificate's signatureunable to decrypt CRL's signatureunable to decode issuer public keycertificate signature failureCRL signature failurecertificate is not yet validcertificate has expiredCRL is not yet validCRL has expiredformat error in certificate's notBefore fieldformat error in certificate's notAfter fieldformat error in CRL's lastUpdate fieldformat error in CRL's nextUpdate fieldout of memoryself signed certificateself signed certificate in certificate chainunable to get local issuer certificateunable to verify the first certificatecertificate chain too longcertificate revokedinvalid CA certificatepath length constraint exceededunsupported certificate purposecertificate not trustedcertificate rejectedsubject issuer mismatchauthority and subject key identifier mismatchauthority and issuer serial number mismatchkey usage does not include certificate signingunable to get CRL issuer certificateunhandled critical extensionkey usage does not include CRL signingunhandled critical CRL extensioninvalid non-CA certificate (has CA markings)proxy path length constraint exceededkey usage does not include digital signatureproxy certificates not allowed, please set the appropriate flaginvalid or inconsistent certificate extensioninvalid or inconsistent certificate policy extensionno explicit policyDifferent CRL scopeUnsupported extension featureRFC 3779 resource not subset of parent's resourcespermitted subtree violationexcluded subtree violationname constraints minimum and maximum not supportedapplication verification failureunsupported name constraint typeunsupported or invalid name constraint syntaxunsupported or invalid name syntaxCRL path validation errorPath LoopSuite B: certificate version invalidSuite B: invalid public key algorithmSuite B: invalid ECC curveSuite B: invalid signature algorithmSuite B: curve not allowed for this LOSSuite B: cannot sign P-384 with P-256Hostname mismatchEmail address mismatchIP address mismatchNo matching DANE TLSA recordsEE certificate key too weakCA certificate key too weakCA signature digest algorithm too weakInvalid certificate verification contextIssuer certificate lookup errorCertificate Transparency required, but no valid SCTs foundproxy subject name violationOCSP verification neededOCSP verification failedOCSP unknown certCertificate public key has explicit ECC parametersunknown certificate verification errorcrypto\asn1\x_info.ccrypto\pem\pem_info.cRSA P
Source:	Binary string: ucrtbase.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\rc_v12_i18n_202409_branch\Build\Release\WPSOffice\office6\addons\konlinesetup_xa\konlinesetup_xa.pdb source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\styles\qwindowsvistastyle.pdb%% source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\pub_bh8f\rc_bug_mas_v12_2409\Build\Release\WPSOffice\office6\wpsuil.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\platforms\qdirect2d.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000013241000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\pub_bh8f\rc_bug_mas_v12_2409\Build\Release\WPSOffice\office6\wpsupdate_res.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: ucrtbase.pdbUGP source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\a\_work\1\s\\binaries\x86ret\bin\i386\vccorlib140.i386.pdbGCTL source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\styles\qwindowsvistastyle.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: compiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -FS -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DRMD160_ASM -DAESNI_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: H:\pub_bh8f\rc_bug_mas_v12_2409\Build\Release\WPSOffice\office6\wpsofficeicon.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\a\_work\1\s\\binaries\x86ret\bin\i386\vccorlib140.i386.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp

Spreading

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A0C1A0 PathAddBackslashW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,SHGetSpecialFolderPathW,	5_2_00A0C1A0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A1C140 PathAddBackslashW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,	5_2_00A1C140
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009D42F0 FindFirstFileW,PathFileExistsW,lstrcmpW,lstrcmpW,lstrcmpW,lstrcmpW,GetLastError,FindClose,CopyFileW,lstrcmpW,FindNextFileW,	5_2_009D42F0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A34270 SHGetSpecialFolderPathW,CoInitialize,CoCreateInstance,FindFirstFileW,FindNextFileW,FindNextFileW,StrStrIW,StrStrIW,FindNextFileW,FindClose,CoUninitialize,	5_2_00A34270
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009CB6E0 FindFirstFileW,FindNextFileW,FindNextFileW,FindClose,	5_2_009CB6E0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009EFBA0 RegCloseKey,FindFirstFileW,MoveFileExW,MoveFileExW,FindNextFileW,FindClose,MoveFileExW,Concurrency::cancel_current_task,MoveFileExW,MoveFileExW,	5_2_009EFBA0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A37D60 RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey,RegCloseKey,SHGetSpecialFolderPathW,SHGetSpecialFolderPathW,SHGetSpecialFolderPathW,FindFirstFileW,FindNextFileW,FindClose,GetLastError,	5_2_00A37D60
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009EC0D0 FindFirstFileW,FindNextFileW,FindClose,CopyFileW,RegOpenKeyExW,RegSetValueExW,RegCloseKey,	5_2_009EC0D0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00990160 FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpW,FindClose,GetLastError,GetLastError,RemoveDirectoryW,MoveFileExW,GetLastError,FindClose,GetSystemDirectoryW,SetFileAttributesW,DeleteFileW,MoveFileExW,SetFileAttributesW,DeleteFileW,GetTickCount,MoveFileExW,MoveFileExW,lstrcmpW,FindNextFileW,__Init_thread_footer,	5_2_00990160
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A004A0 PathAddBackslashW,FindFirstFileW,FindNextFileW,FindClose,	5_2_00A004A0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A5E890 SHGetSpecialFolderPathW,SHGetSpecialFolderPathW,CoInitialize,CoCreateInstance,FindFirstFileW,StrStrIW,StrStrIW,StrStrIW,StrStrIW,StrStrIW,StrStrIW,DeleteFileW,FindNextFileW,FindClose,CoUninitialize,	5_2_00A5E890
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009D5150 FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpW,FindNextFileW,FindClose,GetLastError,RemoveDirectoryW,GetLastError,MoveFileExW,GetLastError,FindClose,	5_2_009D5150
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A3F6B0 PathFileExistsW,GetFileAttributesW,FindFirstFileW,FindNextFileW,FindClose,WritePrivateProfileStringW,WritePrivateProfileStringW,WritePrivateProfileStringW,WritePrivateProfileStringW,	5_2_00A3F6B0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_0098B710 FindFirstFileW,FindNextFileW,FindClose,	5_2_0098B710
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009C98F0 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,	5_2_009C98F0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A3D8D0 FindFirstFileW,GetLastError,PathFileExistsW,CopyFileW,FindNextFileW,FindClose,PathFileExistsW,CopyFileW,GetLastError,GetLastError,	5_2_00A3D8D0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A39BC0 PathFileExistsW,FindFirstFileW,lstrcmpW,lstrcmpW,CopyFileW,FindNextFileW,FindClose,	5_2_00A39BC0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A33EE0 FindNextFileW,StrStrIW,StrStrIW,CopyFileW,GetSystemDirectoryW,SHGetSpecialFolderPathW,CoInitialize,CoCreateInstance,FindFirstFileW,FindNextFileW,FindNextFileW,StrStrIW,StrStrIW,FindNextFileW,FindClose,CoUninitialize,	5_2_00A33EE0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009C9F70 FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpW,lstrcmpW,FindNextFileW,DeleteFileW,FindClose,	5_2_009C9F70
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A924B0 memset,memset,GetVersionExW,wcscat_s,memset,?fromUtf16@QString@kso_qt@@SA?AV12@PBGH@Z,??1QString@kso_qt@@QAE@XZ,?utf16@QString@kso_qt@@QBEPBGXZ,FindFirstFileW,?fromUtf16@QString@kso_qt@@SA?AV12@PBGH@Z,?fromUtf16@QString@kso_qt@@SA?AV12@PBGH@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,?append@QString@kso_qt@@QAEAAV12@ABV12@@Z,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,?utf16@QString@kso_qt@@QBEPBGXZ,??1QString@kso_qt@@QAE@XZ,FindNextFileW,FindClose,??1QString@kso_qt@@QAE@XZ,	7_2_00A924B0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A89420 memset,wcsncpy,wcsncat,memset,FindFirstFileW,FindNextFileW,FindNextFileW,FindClose,	7_2_00A89420
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A9D6A0 ?shared_null@QListData@kso_qt@@2UData@12@B,memset,??0QByteArray@kso_qt@@QAE@ABV01@@Z,?fromUtf8@QString@kso_qt@@SA?AV12@PBDH@Z,?append@QString@kso_qt@@QAEAAV12@ABV12@@Z,??1QString@kso_qt@@QAE@XZ,?toNativeSeparators@QDir@kso_qt@@SA?AVQString@2@ABV32@@Z,??1QString@kso_qt@@QAE@XZ,?utf16@QString@kso_qt@@QBEPBGXZ,FindFirstFileW,?fromUtf16@QString@kso_qt@@SA?AV12@PBGH@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,?fromUtf8@QString@kso_qt@@SA?AV12@PBDH@Z,?append@QString@kso_qt@@QAEAAV12@ABV12@@Z,??1QString@kso_qt@@QAE@XZ,??0QByteArray@kso_qt@@QAE@ABV01@@Z,?append@QString@kso_qt@@QAEAAV12@ABV12@@Z,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,FindNextFileW,?shared_null@QListData@kso_qt@@2UData@12@B,?shared_null@QListData@kso_qt@@2UData@12@B,FindClose,??1QString@kso_qt@@QAE@XZ,	7_2_00A9D6A0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A9A95C ??0QString@kso_qt@@QAE@PBD@Z,??1QString@kso_qt@@QAE@XZ,memmove,memset,wcscpy_s,_invalid_parameter_noinfo_noreturn,memset,memset,memset,GetVersionExW,memset,FindFirstFileW,??0QString@kso_qt@@QAE@XZ,?isOverseasVersion@product@krt@@YA_NXZ,??4QString@kso_qt@@QAEAAV01@PBD@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,??1QString@kso_qt@@QAE@XZ,DeleteFileW,FindNextFileW,??1QString@kso_qt@@QAE@XZ,FindClose,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,	7_2_00A9A95C
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A9BA70 FindClose,Sleep,memset,FindFirstFileW,FindClose,Sleep,	7_2_00A9BA70
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A92A40 ?translate@QCoreApplication@kso_qt@@SA?AVQString@2@PBD00H@Z,?shared_null@QListData@kso_qt@@2UData@12@B,?isEmpty@QListData@kso_qt@@QBE_NXZ,?toNativeSeparators@QDir@kso_qt@@SA?AVQString@2@ABV32@@Z,??0QChar@kso_qt@@QAE@H@Z,?endsWith@QString@kso_qt@@QBE_NVQChar@2@W4CaseSensitivity@Qt@2@@Z,??YQString@kso_qt@@QAEAAV01@PBD@Z,?utf16@QString@kso_qt@@QBEPBGXZ,FindFirstFileW,FindNextFileW,?translate@QCoreApplication@kso_qt@@SA?AVQString@2@PBD00H@Z,?fromWCharArray@QString@kso_qt@@SA?AV12@PB_WH@Z,?QStringList_contains@QtPrivate@kso_qt@@YA_NPBVQStringList@2@ABVQString@2@W4CaseSensitivity@Qt@2@@Z,??1QString@kso_qt@@QAE@XZ,FindNextFileW,FindClose,??1QString@kso_qt@@QAE@XZ,	7_2_00A92A40
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00B07DB0 FindFirstFileW,_wcsnicmp,FindNextFileW,FindClose,_invalid_parameter_noinfo_noreturn,	7_2_00B07DB0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A97E40 memset,FindFirstFileW,DeleteFileW,FindNextFileW,memmove,FindClose,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,?isSupportRibbonScale@product@krt@@YA_NXZ,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,??1QString@kso_qt@@QAE@XZ,?shared_null@QHashData@kso_qt@@2U12@B,?translate@QCoreApplication@kso_qt@@SA?AVQString@2@PBD00H@Z,??0QChar@kso_qt@@QAE@UQLatin1Char@1@@Z,?arg@QString@kso_qt@@QBE?AV12@ABV12@HVQChar@2@@Z,?utf16@QString@kso_qt@@QBEPBGXZ,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,?shared_null@QHashData@kso_qt@@2U12@B,	7_2_00A97E40
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A8DE50 memset,FindFirstFileW,memset,memset,_wcsicmp,memset,memset,_wcsnicmp,FindNextFileW,FindClose,	7_2_00A8DE50

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_009F75A0 GetTempPathW,PathAddBackslashW,GetLogicalDriveStringsW,GetDriveTypeW,GetDriveTypeW,GetDriveTypeW,GetDriveTypeW,PathAddBackslashW,GetTickCount,

5_2_009F75A0

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\default\html\kappcustomwidget\static\	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\default\	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\default\html\	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\default\html\kappcustomwidget\	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\default\html\kappcustomwidget\static\css\	Jump to behavior

Networking

Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://120.131.9.220
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://120.131.9.220$
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3773294724.000000001558E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp, ksomisc.exe, 00000007.00000003.3795276373.00000000009E3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3772969203.0000000015005000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3772969203.0000000015005000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp, ksomisc.exe, 00000007.00000003.3795276373.00000000009E3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3773294724.000000001558E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp, ksomisc.exe, 00000007.00000003.3795276373.00000000009E3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3772969203.0000000015005000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3772969203.0000000015005000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp, ksomisc.exe, 00000007.00000003.3795276373.00000000009E3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3772969203.0000000015005000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://dw-collect-debug.ksord.com)datesign_eventslocal
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://dw-online.ksosoft.com/api/dynamicParam/v3/app/2.9.0dcsdk_eventv3.dbdcsdk_dpv3.data10C
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://en.ksupdate.com/errorreport/uphttps://en.ksupdate.com/errorreport/up-crashdmp
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://event.4wps.nethttps://event.wps.comcountryCodeFinishTaghttps://www.google-analytics.com/mp/co
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://ic.wps.cn/wpsv6internet/infos.ads?v=D1S1E1&d=kdcsdk_infoc/wps/client/appcountrycodelastupdate
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3772969203.0000000015005000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.di
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3772969203.0000000015005000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp, ksomisc.exe, 00000007.00000003.3795276373.00000000009E3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0A
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3773294724.000000001558E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp, ksomisc.exe, 00000007.00000003.3795276373.00000000009E3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0C
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3772969203.0000000015005000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0X
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3790893433.0000000001550000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://up.wps.kingsoft.com/wpsupdate2009
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4116265647.00000000036B2000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wu005.kuaikuai.cn/wpsupdate
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4116265647.00000000036B2000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wu005.kuaikuai.cn/wpsupdateoad
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3772969203.0000000015005000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766343833.0000000001543000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.digicert.com/CPS0
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	String found in binary or memory: https://account.wps.cn/healthy
Source: ksomisc.exe	String found in binary or memory: https://api.wps.com/pc/special/api/user/remove-data
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxSoftware
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://conf.psvr.wps.cn
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4121012144.0000000014EE6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:51:0
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4116265647.00000000036B2000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:51:0
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	String found in binary or memory: https://curl.se/docs/alt-svc.html
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	String found in binary or memory: https://curl.se/docs/alt-svc.html#
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	String found in binary or memory: https://curl.se/docs/hsts.html
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	String found in binary or memory: https://curl.se/docs/hsts.html#
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	String found in binary or memory: https://curl.se/docs/http-cookies.html
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	String found in binary or memory: https://curl.se/docs/http-cookies.html#
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://deviceapi.wps.cn
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://deviceapi.wps.cnclient_type=%1
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4116265647.00000000036B2000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://en.ksupdate.com/errorreport/up
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://event.wps.comdynamicParamFinishTagt1_app_start_p_st_sv_app_gid_did_hdid3_aid_ut_rid_av_ch_db
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://http_.index.inicert_detailis_cached_fileverify_cert_failedKOnlineSetupImpl::__generateCacheF
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://params.wps.com/api/map/online_params/webparam_mig/onlineParamByFunc?funcName=
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://params.wps.com/api/map/online_params/webparam_mig/onlineParamByFunc?funcName=&version=&chann
Source: ksomisc.exe	String found in binary or memory: https://phapi.wps.cn/api/v2/handle/setting
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4121012144.0000000014EE6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://qing.wps.cn
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4121012144.0000000014EE6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://qing.wps.cne_id_type
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://qr.wps.cn
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://qr.wps.cn/api/v3/channel
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://s%1.vip.wpscdn.cn
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://s%1.vip.wpscdn.cnTTransportException:
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://s.wps.comshortLinkUrlshortlink/short-link/queryshort_link_code=geterr_signAuthorizationdevic
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://sharefolder.wps.cn
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://sharefolder.wps.cn/api/v1/space/notify/ownerspace_owner_id
Source: ksomisc.exe	String found in binary or memory: https://switch.pcfg.cache.wpscdn.cn/wps_cdn_config/hashcalcswitch
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://wdl1.pcfg.cache.wpscdn.com/wpsdl/wpsoffice/onlinesetup/distsrc/.execrashdmppidtidexp1IS_WPSO
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://wdl1.pcfg.cache.wpscdn.com/wpsdl/wpsoffice/onlinesetup/package/SOFTWARE
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://website-prod.cache.wpscdn.com/pkgs/win/setup_XA_mui_Free.exeSOFTWARE
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://wpsplus.com
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://wpsplus.com/3rd/drive/api/v3/mine/team/link/%1with_corp_name=%1
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3772969203.0000000014FDE000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766195637.0000000014FE6000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4116265647.00000000036DB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.google-analytics.com/
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3772969203.0000000014FDE000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3766195637.0000000014FE6000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4121012144.0000000014FE7000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.google-analytics.com/-(Gn
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4116265647.00000000036DB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.google-analytics.com/Th
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4116265647.00000000036DB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.google-analytics.com/mp/collect?firebase_app_id=1:463244832315:android:fe82dee1e0f73e232
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.google-analytics.com/mp/collecthttps://http:///Iphlpapi.dllGetNetworkParamsinternal_proc
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4121012144.0000000014EE6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.google-analytics.com:443/mp/collect?firebase_app_id=1:463244832315:android:fe82dee1e0f73
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4121012144.0000000014EE6000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4122341949.0000000015581000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.wps.com
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.wps.com/eula
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.wps.com/eulaprivacy_policylicense_agreementlabelTitleMsg_Wps_OnlineSetup_TaskMsgMsg_Wps_
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.wps.com/privacy-policy
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4116265647.00000000036B2000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.wps.com8

E-Banking Fraud

Drops certificate files (DER)

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\tmp\PDF\Security\Trustworthy\watl.bin

Jump to dropped file

System Summary

Drops large PE files

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe

File dump: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe.0.dr 252569368

Jump to dropped file

Contains functionality to call native functions

Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E64110 GetFileInformationByHandle,GetLastError,NtCreateSection,GetCurrentProcess,NtMapViewOfSection,NtClose,	7_2_64E64110
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E643B0 GetFileInformationByHandle,GetLastError,GetCurrentProcess,NtAllocateVirtualMemory,GetCurrentProcess,NtFreeVirtualMemory,GetCurrentProcess,NtUnmapViewOfSection,NtClose,GetCurrentProcess,GetCurrentProcess,NtAllocateVirtualMemory,NtCreateSection,GetCurrentProcess,NtFreeVirtualMemory,GetCurrentProcess,NtMapViewOfSection,NtClose,GetCurrentProcess,GetCurrentProcess,NtFreeVirtualMemory,	7_2_64E643B0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E64330 NtClose,GetCurrentProcess,NtUnmapViewOfSection,GetOverlappedResult,GetLastError,	7_2_64E64330
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E64E10 InitializeCriticalSection,NtQuerySystemInformation,GetSystemTimeAsFileTime,Sleep,GetSystemTimeAsFileTime,	7_2_64E64E10

Contains functionality to communicate with device drivers

Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe

Code function: 7_2_64E0B3F0: memset,GetSystemDirectoryW,GetLastError,__acrt_iob_func,_fprintf,CreateFileW,GetLastError,__acrt_iob_func,_fprintf,DeviceIoControl,GetLastError,__acrt_iob_func,_fprintf,CloseHandle,CloseHandle,CreateFileA,DeviceIoControl,DeviceIoControl,memset,DeviceIoControl,strncpy_s,strncpy_s,strncpy_s,memset,CloseHandle,CloseHandle,

7_2_64E0B3F0

Detected potential crypto function

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A14280	5_2_00A14280
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A483A0	5_2_00A483A0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009FA6E0	5_2_009FA6E0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009CA920	5_2_009CA920
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00948C50	5_2_00948C50
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009DEFB0	5_2_009DEFB0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A5DD50	5_2_00A5DD50
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A2BF90	5_2_00A2BF90
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009F2080	5_2_009F2080
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009EC0D0	5_2_009EC0D0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009BA110	5_2_009BA110
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C922AD	5_2_00C922AD
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A46230	5_2_00A46230
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00AB2200	5_2_00AB2200
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C3A3A0	5_2_00C3A3A0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A4A350	5_2_00A4A350
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C924DF	5_2_00C924DF
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C064F0	5_2_00C064F0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C86490	5_2_00C86490
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A60690	5_2_00A60690
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C2C680	5_2_00C2C680
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C14600	5_2_00C14600
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C40840	5_2_00C40840
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00BEA930	5_2_00BEA930
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00CBA918	5_2_00CBA918
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A38AB0	5_2_00A38AB0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00ABCA40	5_2_00ABCA40
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00CBAA38	5_2_00CBAA38
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A3CBB0	5_2_00A3CBB0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00BECBD0	5_2_00BECBD0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C40C40	5_2_00C40C40
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A5F080	5_2_00A5F080
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009810D0	5_2_009810D0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00BF10D0	5_2_00BF10D0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009BF000	5_2_009BF000
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00CB91F2	5_2_00CB91F2
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00BEB140	5_2_00BEB140
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009BB230	5_2_009BB230
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C893C6	5_2_00C893C6
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00985490	5_2_00985490
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A914D0	5_2_00A914D0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009D5450	5_2_009D5450
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A2B580	5_2_00A2B580
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_0099B5B0	5_2_0099B5B0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009F95A0	5_2_009F95A0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A01530	5_2_00A01530
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00ABD660	5_2_00ABD660
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00987780	5_2_00987780
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00983730	5_2_00983730
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A63770	5_2_00A63770
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C9D720	5_2_00C9D720
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_0099D890	5_2_0099D890
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A978D0	5_2_00A978D0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A63820	5_2_00A63820
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009BB850	5_2_009BB850
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00BE7840	5_2_00BE7840
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_0099B9C0	5_2_0099B9C0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C2D910	5_2_00C2D910
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A09AE0	5_2_00A09AE0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009D7A20	5_2_009D7A20
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009BFB00	5_2_009BFB00
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C2DB70	5_2_00C2DB70
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A61B60	5_2_00A61B60
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A89CB0	5_2_00A89CB0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_0099DC60	5_2_0099DC60
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009A3D10	5_2_009A3D10
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00CABEC0	5_2_00CABEC0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009D5FB0	5_2_009D5FB0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009ADF00	5_2_009ADF00
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C2BF60	5_2_00C2BF60
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1725C0	5_2_6B1725C0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B16D34E	5_2_6B16D34E
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B172200	5_2_6B172200
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B16E2BC	5_2_6B16E2BC
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B171970	5_2_6B171970
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B161810	5_2_6B161810
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B169610	5_2_6B169610
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B173570	5_2_6B173570
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1ECB30	5_2_6B1ECB30
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1D3B90	5_2_6B1D3B90
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1A4B80	5_2_6B1A4B80
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1BABF0	5_2_6B1BABF0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1A93E0	5_2_6B1A93E0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1CC220	5_2_6B1CC220
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1B3260	5_2_6B1B3260
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1EC2B0	5_2_6B1EC2B0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B19D940	5_2_6B19D940
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1D6140	5_2_6B1D6140
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1CC9A0	5_2_6B1CC9A0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00BD5130	7_2_00BD5130
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00BD00F0	7_2_00BD00F0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A88000	7_2_00A88000
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A8D190	7_2_00A8D190
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00B952E0	7_2_00B952E0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00ABA580	7_2_00ABA580
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A9C500	7_2_00A9C500
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00BF9630	7_2_00BF9630
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00BE4610	7_2_00BE4610
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00BB3710	7_2_00BB3710
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00B75770	7_2_00B75770
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00BB6850	7_2_00BB6850
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00BE3A50	7_2_00BE3A50
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A9EB40	7_2_00A9EB40
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00ADBCB0	7_2_00ADBCB0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00AC5CD0	7_2_00AC5CD0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00BE4D30	7_2_00BE4D30
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00ADAEA0	7_2_00ADAEA0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00B8CEC0	7_2_00B8CEC0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00BE5E70	7_2_00BE5E70
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A97E40	7_2_00A97E40
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E12790	7_2_64E12790
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E0FC10	7_2_64E0FC10
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E1EFB0	7_2_64E1EFB0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E138B0	7_2_64E138B0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E0F9B0	7_2_64E0F9B0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E654F0	7_2_64E654F0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E55560	7_2_64E55560
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E643B0	7_2_64E643B0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E50310	7_2_64E50310
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E64E10	7_2_64E64E10
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E424A0	7_2_64E424A0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E414B0	7_2_64E414B0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E5C460	7_2_64E5C460
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E5F590	7_2_64E5F590
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E44560	7_2_64E44560
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E4453C	7_2_64E4453C

Found potential string decryption / allocating functions

Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: String function: 00B41EB0 appears 47 times
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: String function: 00B0E750 appears 69 times
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: String function: 00B10190 appears 83 times
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: String function: 00A8BF80 appears 221 times
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: String function: 00BB95A0 appears 71 times
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: String function: 64E451B0 appears 32 times
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: String function: 00B96C30 appears 39 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 00962170 appears 31 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 00C8FF12 appears 31 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 00984BF0 appears 41 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 0099C4B0 appears 205 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 00977830 appears 41 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 0095FAB0 appears 135 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 0099C180 appears 38 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 0095F420 appears 70 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 0097FBF0 appears 70 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 009D0EE0 appears 42 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 0095F7E0 appears 151 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 00C80430 appears 50 times
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: String function: 0095ECB0 appears 48 times

PE file contains executable resources (Code or Archives)

Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: Resource name: ZIPRES type: Zip archive data, at least v1.0 to extract, compression method=store
Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: Resource name: ZIPRES type: Zip archive data, at least v1.0 to extract, compression method=store

PE file does not import any functions

Source: api-ms-win-core-console-l1-2-0.dll.5.dr	Static PE information: No import functions for PE file found
Source: api-ms-win-core-datetime-l1-1-0.dll.5.dr	Static PE information: No import functions for PE file found
Source: api-ms-win-core-console-l1-1-0.dll.5.dr	Static PE information: No import functions for PE file found

Sample file is different than original file name gathered from version info

Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238651595.0000000000B37000.00000002.00000001.01000000.00000003.sdmp

Binary or memory string: OriginalFilenamekonlinesetup_xa.exe6 vs wps_wid.cid-735916525.1730301987.exe

Uses 32bit PE files

Source: wps_wid.cid-735916525.1730301987.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp

Binary or memory string: com.slnishinomiya.hyogo.jpkustanai.rucom.snpassenger-association.aerocom.sotsushima.nagasaki.jpcom.stuy.comx.seisa-geek.comcom.sv

Source: classification engine

Classification label: sus26.evad.winEXE@6/1037@0/3

Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe

Code function: 7_2_64E50310 memset,GetFileInformationByHandle,GetLastError,ReadFile,GetLastError,SleepEx,ReadFile,GetLastError,FormatMessageA,ReadFile,GetLastError,SleepEx,ReadFile,GetLastError,FormatMessageA,FormatMessageA,FormatMessageA,FormatMessageA,

7_2_64E50310

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009994B0 RegOpenKeyExW,RegOpenKeyExW,RegOpenKeyExW,RegEnumKeyExW,RegCloseKey,RegOpenKeyExW,RegOpenKeyExW,RegQueryValueExW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,CloseHandle,ExpandEnvironmentStringsW,GetFileAttributesW,RegUnLoadKeyW,RegUnLoadKeyW,RegLoadKeyW,RegOpenKeyExW,RegCloseKey,RegUnLoadKeyW,RegCloseKey,RegEnumKeyExW,RegCloseKey,		5_2_009994B0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009CB450 GetCurrentProcessId,ProcessIdToSessionId,ProcessIdToSessionId,OpenProcess,OpenProcessToken,CloseHandle,CloseHandle,GetLastError,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,		5_2_009CB450

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_009F1960 GetDiskFreeSpaceExW,GetModuleFileNameW,CreateFileW,GetFileSize,CloseHandle,

5_2_009F1960

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_009CC5B0 CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,

5_2_009CC5B0

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_00A34270 SHGetSpecialFolderPathW,CoInitialize,CoCreateInstance,FindFirstFileW,FindNextFileW,FindNextFileW,StrStrIW,StrStrIW,FindNextFileW,FindClose,CoUninitialize,

5_2_00A34270

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_00A062F0 RegCreateKeyExW,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,FindResourceW,LoadResource,LockResource,SizeofResource,GetTempPathW,GetTickCount,GetTempFileNameW,CreateFileW,CloseHandle,WaitForSingleObject,GetLastError,Concurrency::cancel_current_task,

5_2_00A062F0

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe

File created: C:\Users\user\AppData\Roaming\kingsoft

Jump to behavior

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Mutant created: NULL
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Mutant created: \Sessions\1\BaseNamedObjects\{7B585BD5-8E73-4058-B7DF-F46EE9AB43BC}KDCSDK_SEND_DEVICE_INFO_MUTEX
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Mutant created: \Sessions\1\BaseNamedObjects\6128installer
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Mutant created: \Sessions\1\BaseNamedObjects\2548installer
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Mutant created: \Sessions\1\BaseNamedObjects\_KHDID3MGR_3E67DFEF-DF4E-4CC6-9413-5F71C7C96C04
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Mutant created: \Sessions\1\BaseNamedObjects\{5BE9D8BC-AF60-4b40-A4D0-21F65B4F8788}
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\wpssetup_C42D7A0A-2868-45FF-92EE-9B7AE7124588
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Mutant created: \Sessions\1\BaseNamedObjects\KdcDBGlobalMutexC:_Users_user_AppData_Roaming_kingsoft_wps_dcsdk_cache.db
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Mutant created: \Sessions\1\BaseNamedObjects\_KHDIDMGR_3E67DFEF-DF4E-4CC6-9413-5F71C7C96C04
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Mutant created: \Sessions\1\BaseNamedObjects\KOnlinesetupMutexNew_EF472A88-E1D0-44DF-B44E-FF5186E43ADC
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Mutant created: \Sessions\1\BaseNamedObjects\{7B585BD5-8E73-4058-B7DF-F46EE9AB43BC}KDCSDK_RESTORE_LOCK_MUTEX01a86845241d76e805eba1a3636fc13f
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Mutant created: \Sessions\1\BaseNamedObjects\__#_KCCSDK_WPS_PROCESS_EXIST_KEY_#__
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Mutant created: \Sessions\1\BaseNamedObjects\_#_UPD_LogFile_Z_MutxName_#_

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe

File created: C:\Users\user\AppData\Local\Temp\konlinesetup

Jump to behavior

Source: wps_wid.cid-735916525.1730301987.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

File read: C:\Users\user\AppData\Local\tempinstall.ini

Jump to behavior

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' \|\| %Q \|\| substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
Source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);

Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	String found in binary or memory: Setup/InstallPathUnswitchable
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	String found in binary or memory: Product/LauncherName
Source: ksomisc.exe	String found in binary or memory: :/ksomisc/addinmgr.ico
Source: ksomisc.exe	String found in binary or memory: /comaddin/addinswl
Source: ksomisc.exe	String found in binary or memory: /comaddin/addinsbl
Source: ksomisc.exe	String found in binary or memory: :/ksomisc/loading.gif
Source: ksomisc.exe	String found in binary or memory: invalid page-address %p, offset %zi

Source: unknown	Process created: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe "C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe"
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Process created: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe -installCallByOnlineSetup -defaultOpen -defaultOpenPdf -asso_pic_setup -createIcons -curlangofinstalledproduct=en_GB -D="C:\Users\user\AppData\Local\Kingsoft\WPS Office" -notautostartwps -enableSetupMuiPkg -appdata="C:\Users\user\AppData\Roaming"
Source: unknown	Process created: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe "C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe" -downpower -installCallByOnlineSetup -defaultOpen -defaultOpenPdf -asso_pic_setup -createIcons -curlangofinstalledproduct="en_GB" -D="C:\Users\user\AppData\Local\Kingsoft\WPS Office" -notautostartwps="C:\Users\user\AppData\Local\Kingsoft\WPS Office" -enableSetupMuiPkg="C:\Users\user\AppData\Local\Kingsoft\WPS Office" -appdata="C:\Users\user\AppData\Roaming" -msgwndname=wpssetup_message_48854E -curinstalltemppath=C:\Users\user\AppData\Local\Temp\wps\~4872e0\
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe "C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe" -setlng en_GB
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Process created: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe -installCallByOnlineSetup -defaultOpen -defaultOpenPdf -asso_pic_setup -createIcons -curlangofinstalledproduct=en_GB -D="C:\Users\user\AppData\Local\Kingsoft\WPS Office" -notautostartwps -enableSetupMuiPkg -appdata="C:\Users\user\AppData\Roaming"	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe "C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe" -setlng en_GB	Jump to behavior

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: msimg32.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: msi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: sxs.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: qt5winextraskso.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: qt5svgkso.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: qt5widgetskso.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: qt5guikso.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: qt5corekso.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: msvcp140.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: vcruntime140.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: qt5guikso.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: qt5corekso.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: vcruntime140.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: qt5guikso.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: qt5corekso.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: msvcp140.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: vcruntime140.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: qt5corekso.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: msvcp140.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: vcruntime140.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: msvcp140.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: vcruntime140.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: vcruntime140.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: wtsapi32.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: dataexchange.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: linkinfo.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: msi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: atlthunk.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5networkkso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5winextraskso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: fltlib.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: msi.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5widgetskso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5guikso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5corekso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: kshell.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: ksolite.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: msvcp140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5guikso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5corekso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5corekso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: msvcp140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5guikso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5corekso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: msvcp140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5corekso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: msvcp140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5svgkso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5xmlkso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: libcurl.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5corekso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: kso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: ksouil.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: kbase.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: kprometheus.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: kdownload.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: krt.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: msvcp140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5corekso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: krt.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: kbase.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: msvcp140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: ncrypt.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: mpr.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: netapi32.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: msvcp140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: libssl-kso-1_1.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: libcrypto-kso-1_1.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: kso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5svgkso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: kbase.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: krt.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: krt.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: msvcp140_codecvt_ids.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: libcrypto-kso-1_1.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: qt5svgkso.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: krt.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: ncrypt.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: ntasn1.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: kimalloc.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: rsaenh.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: gpapi.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: wtsapi32.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: dwmapi.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: wbemcomn.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: amsi.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: dpapi.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: dwrite.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: linkinfo.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: webio.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: winnsi.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: schannel.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: mskeyprotect.dll
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Section loaded: ncryptsslp.dll

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32

Jump to behavior

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

File written: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\utility\install.ini

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Registry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kingsoft Office

Jump to behavior

Source: wps_wid.cid-735916525.1730301987.exe

Static PE information: certificate valid

Source: wps_wid.cid-735916525.1730301987.exe

Static PE information: Virtual size of .text is bigger than: 0x100000

Source: wps_wid.cid-735916525.1730301987.exe

Static file information: File size 5806976 > 1048576

Source: wps_wid.cid-735916525.1730301987.exe

Static PE information: Raw size of .text is bigger than: 0x100000 < 0x3e3c00

Source: wps_wid.cid-735916525.1730301987.exe

Static PE information: More than 200 imports for KERNEL32.dll

Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT

Source: wps_wid.cid-735916525.1730301987.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source: wps_wid.cid-735916525.1730301987.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Source:	Binary string: D:\a\_work\1\s\\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3767362095.00000000157B6000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\printsupport\windowsprintersupport.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\printsupport\windowsprintersupport.pdb## source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\platforms\qwindows.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014251000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\pub_bh8f\rc_bug_mas_v12_2409\Build\Release\WPSOffice\office6\addons\yunkitapi\yunkitapi.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3748445348.0000000014990000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\imageformats\qsvg.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4126160918.000000006B153000.00000002.00000001.01000000.00000017.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\iconusers\qsvgicon.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.000000001328C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: ?COMCTL32.dllWINHTTP.dllcompiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -FS -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DRMD160_ASM -DAESNI_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASMLoad file into cachecrypto\x509\by_file.cunspecified certificate verification errorunable to get issuer certificateunable to get certificate CRLunable to decrypt certificate's signatureunable to decrypt CRL's signatureunable to decode issuer public keycertificate signature failureCRL signature failurecertificate is not yet validcertificate has expiredCRL is not yet validCRL has expiredformat error in certificate's notBefore fieldformat error in certificate's notAfter fieldformat error in CRL's lastUpdate fieldformat error in CRL's nextUpdate fieldout of memoryself signed certificateself signed certificate in certificate chainunable to get local issuer certificateunable to verify the first certificatecertificate chain too longcertificate revokedinvalid CA certificatepath length constraint exceededunsupported certificate purposecertificate not trustedcertificate rejectedsubject issuer mismatchauthority and subject key identifier mismatchauthority and issuer serial number mismatchkey usage does not include certificate signingunable to get CRL issuer certificateunhandled critical extensionkey usage does not include CRL signingunhandled critical CRL extensioninvalid non-CA certificate (has CA markings)proxy path length constraint exceededkey usage does not include digital signatureproxy certificates not allowed, please set the appropriate flaginvalid or inconsistent certificate extensioninvalid or inconsistent certificate policy extensionno explicit policyDifferent CRL scopeUnsupported extension featureRFC 3779 resource not subset of parent's resourcespermitted subtree violationexcluded subtree violationname constraints minimum and maximum not supportedapplication verification failureunsupported name constraint typeunsupported or invalid name constraint syntaxunsupported or invalid name syntaxCRL path validation errorPath LoopSuite B: certificate version invalidSuite B: invalid public key algorithmSuite B: invalid ECC curveSuite B: invalid signature algorithmSuite B: curve not allowed for this LOSSuite B: cannot sign P-384 with P-256Hostname mismatchEmail address mismatchIP address mismatchNo matching DANE TLSA recordsEE certificate key too weakCA certificate key too weakCA signature digest algorithm too weakInvalid certificate verification contextIssuer certificate lookup errorCertificate Transparency required, but no valid SCTs foundproxy subject name violationOCSP verification neededOCSP verification failedOCSP unknown certCertificate public key has explicit ECC parametersunknown certificate verification errorcrypto\asn1\x_info.ccrypto\pem\pem_info.cRSA P
Source:	Binary string: ucrtbase.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\rc_v12_i18n_202409_branch\Build\Release\WPSOffice\office6\addons\konlinesetup_xa\konlinesetup_xa.pdb source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\styles\qwindowsvistastyle.pdb%% source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\pub_bh8f\rc_bug_mas_v12_2409\Build\Release\WPSOffice\office6\wpsuil.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\platforms\qdirect2d.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000013241000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\pub_bh8f\rc_bug_mas_v12_2409\Build\Release\WPSOffice\office6\wpsupdate_res.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.0000000016B1B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: ucrtbase.pdbUGP source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\a\_work\1\s\\binaries\x86ret\bin\i386\vccorlib140.i386.pdbGCTL source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\rc_bug_mas_v12_2409\wpsenv\3rd\qt5\build_x86\qtbase\plugins\styles\qwindowsvistastyle.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: compiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -FS -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DRMD160_ASM -DAESNI_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM source: wps_wid.cid-735916525.1730301987.exe, 00000000.00000000.2238530081.0000000000A55000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: H:\pub_bh8f\rc_bug_mas_v12_2409\Build\Release\WPSOffice\office6\wpsofficeicon.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.3752183714.000000001591E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\a\_work\1\s\\binaries\x86ret\bin\i386\vccorlib140.i386.pdb source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668023522.0000000014F80000.00000004.00001000.00020000.00000000.sdmp, 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2668443885.0000000014298000.00000004.00000020.00020000.00000000.sdmp

Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: wps_wid.cid-735916525.1730301987.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata

Data Obfuscation

Binary contains a suspicious time stamp

Source: api-ms-win-core-console-l1-1-0.dll.5.dr

Static PE information: 0xF471666F [Wed Dec 16 02:48:15 2099 UTC]

Contains functionality to dynamically determine API calls

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_0098D6B0 LoadLibraryW,GetProcAddress,FreeLibrary,ExpandEnvironmentStringsW,FreeLibrary,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,Sleep,ExpandEnvironmentStringsW,RegCloseKey,FreeLibrary,FreeLibrary,

5_2_0098D6B0

PE file contains sections with non-standard names

Source: kshell.dll.5.dr	Static PE information: section name: .detourc
Source: kshell.dll.5.dr	Static PE information: section name: .detourd
Source: krpt.dll.5.dr	Static PE information: section name: .detourc
Source: krpt.dll.5.dr	Static PE information: section name: .detourd
Source: ksandbox.dll.5.dr	Static PE information: section name: .detourc
Source: ksandbox.dll.5.dr	Static PE information: section name: .detourd

Uses code obfuscation techniques (call, push, ret)

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00CD2209 push ecx; ret		5_2_00CD221C
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A8B255 push eax; retf		7_2_00A8B256

Persistence and Installation Behavior

Contains functionality to infect the boot sector

Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe

Code function: memset,GetSystemDirectoryW,GetLastError,__acrt_iob_func,_fprintf,CreateFileW,GetLastError,__acrt_iob_func,_fprintf,DeviceIoControl,GetLastError,__acrt_iob_func,_fprintf,CloseHandle,CloseHandle,CreateFileA,DeviceIoControl,DeviceIoControl,memset,DeviceIoControl,strncpy_s,strncpy_s,strncpy_s,memset,CloseHandle,CloseHandle, \\.\PhysicalDrive%d

7_2_64E0B3F0

Drops PE files

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\kqingaccountsdk.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksearchpanel\ksearchpanel.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\api-ms-win-core-console-l1-2-0.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\kshell.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\krpt.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksandbox\ksandbox.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\api-ms-win-core-console-l1-1-0.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kscreengrab\kscreengrab.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksaddndr.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksharedoc_xa\ksharedoc_xa.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\api-ms-win-core-datetime-l1-1-0.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\utility\diffbase\office6\mui\default\templates\printTemplate.pdf_bk (copy)	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingdlg\kqingdlg.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\krecentfile\krecentfile.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File created: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\krt.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	File created: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Jump to dropped file

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009CA920 CryptQueryObject,CryptMsgGetParam,CryptMsgGetParam,CertFindCertificateInStore,CertGetNameStringW,CertGetNameStringW,CertGetNameStringW,CertFreeCRLContext,CertCloseStore,CryptMsgClose,CertGetNameStringW,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,PathFileExistsW,GetPrivateProfileIntW,GetPrivateProfileIntW,GetPrivateProfileIntW,GetPrivateProfileIntW,GetPrivateProfileIntW,RegCloseKey,	5_2_009CA920
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A54D00 GetPrivateProfileStringW,	5_2_00A54D00
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A0AD50 GetPrivateProfileStringW,	5_2_00A0AD50
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00978E30 GetPrivateProfileStringW,GetPrivateProfileStringW,	5_2_00978E30
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009F0F10 RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,GetPrivateProfileStringW,	5_2_009F0F10
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A15D90 SendMessageW,CreateSemaphoreW,ReleaseSemaphore,FindWindowW,GetPrivateProfileStringW,WritePrivateProfileStringW,GetTickCount,SendMessageW,SendMessageW,RegOpenKeyExW,RegDeleteValueW,RegCloseKey,RegOpenKeyExW,RegCloseKey,RegDeleteValueW,RegCloseKey,RegOpenKeyExW,RegCloseKey,RegDeleteValueW,RegCloseKey,SendMessageW,SendMessageW,RegOpenKeyExW,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,RegCloseKey,OpenSCManagerW,OpenServiceW,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,GetLastError,RegCreateKeyExW,RegSetValueExW,RegSetValueExW,RegSetValueExW,RegCloseKey,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCloseKey,RegCloseKey,RegCloseKey,RegSetValueExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,PathQuoteSpacesW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegSetValueExW,RegSetValueExW,RegCloseKey,RegSetValueExW,RegCreateKeyExW,RegSetValueExW,RegSetValueExW,RegCloseKey,WaitForSingleObject,WaitForSingleObject,CloseHandle,CloseHandle,GetTickCount,WaitForSingleObject,	5_2_00A15D90
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A55E60 GetPrivateProfileStringW,	5_2_00A55E60
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A541E0 GetPrivateProfileStringW,	5_2_00A541E0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A46230 PathFileExistsW,GetPrivateProfileIntW,PathFileExistsW,	5_2_00A46230
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A54490 GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,	5_2_00A54490
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A54AA0 GetPrivateProfileStringW,GetPrivateProfileStringW,	5_2_00A54AA0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009BF000 LoadLibraryExW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,PathFileExistsW,	5_2_009BF000
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A574B0 GetPrivateProfileStringW,	5_2_00A574B0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A01530 GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,WritePrivateProfileStringW,WritePrivateProfileStringW,WritePrivateProfileStringW,RegOpenKeyExW,RegCloseKey,RegQueryValueExW,RegQueryValueExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,RegCloseKey,	5_2_00A01530
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009BFB00 GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetCommandLineW,WritePrivateProfileStringW,	5_2_009BFB00
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A61B60 RegOpenKeyExW,RegQueryValueExW,RegOpenKeyExW,RegCloseKey,RegQueryValueExW,RegCloseKey,MultiByteToWideChar,MultiByteToWideChar,RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,SHGetSpecialFolderPathW,GetPrivateProfileStringW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCloseKey,RegCloseKey,RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,	5_2_00A61B60
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_0097FDB0 GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,PathFileExistsW,DeleteFileW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,	5_2_0097FDB0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009FFE10 GetPrivateProfileStringW,SHGetSpecialFolderPathW,SHGetSpecialFolderPathW,	5_2_009FFE10
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00ABF220 _invalid_parameter_noinfo_noreturn,GetPrivateProfileStringW,GetPrivateProfileStringW,_invalid_parameter_noinfo_noreturn,	7_2_00ABF220
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00B03550 _invalid_parameter_noinfo_noreturn,memset,GetPrivateProfileStringW,_invalid_parameter_noinfo_noreturn,	7_2_00B03550
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00AF77F0 memset,memset,GetModuleFileNameW,wcsrchr,wcsncpy,GetPrivateProfileIntW,__Init_thread_footer,	7_2_00AF77F0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00AF39D0 _invalid_parameter_noinfo_noreturn,memset,GetPrivateProfileStringW,_invalid_parameter_noinfo_noreturn,	7_2_00AF39D0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A8D190 _wcsicmp,_wcsicmp,_wcsicmp,_wcsicmp,GetPrivateProfileIntW,memset,memset,memset,memset,GetVersionExW,wcsrchr,??0QString@kso_qt@@QAE@XZ,??0QString@kso_qt@@QAE@XZ,??0QString@kso_qt@@QAE@XZ,??0QString@kso_qt@@QAE@XZ,??0QString@kso_qt@@QAE@XZ,	7_2_00A8D190
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A9F2C0 ?isChecked@QAbstractButton@kso_qt@@QBE_NXZ,?isChecked@QAbstractButton@kso_qt@@QBE_NXZ,?isChecked@QAbstractButton@kso_qt@@QBE_NXZ,?isChecked@QAbstractButton@kso_qt@@QBE_NXZ,GetPrivateProfileIntW,WritePrivateProfileStringW,?tr@QMetaObject@kso_qt@@QBE?AVQString@2@PBD0H@Z,?tr@QMetaObject@kso_qt@@QBE?AVQString@2@PBD0H@Z,?tr@QMetaObject@kso_qt@@QBE?AVQString@2@PBD0H@Z,?information@QMessageBox@kso_qt@@SA?AW4StandardButton@12@PAVQWidget@2@ABVQString@2@1V?$QFlags@W4StandardButton@QMessageBox@kso_qt@@@2@W4312@@Z,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,	7_2_00A9F2C0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A8E3D0 memset,memset,memset,memset,memset,memset,memset,_wcsicmp,_wcsicmp,memset,memset,wcsncpy,wcsncpy,wcsncpy,wcsrchr,memset,GetPrivateProfileStringW,_wcsicmp,wcscat_s,?utf16@QString@kso_qt@@QBEPBGXZ,?utf16@QString@kso_qt@@QBEPBGXZ,?utf16@QString@kso_qt@@QBEPBGXZ,	7_2_00A8E3D0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A8D850 _wcsicmp,_wcsicmp,_wcsicmp,_wcsicmp,GetPrivateProfileIntW,memset,memset,memset,memset,GetVersionExW,wcsrchr,_wcsicmp,_wcsicmp,_wcsicmp,_wcsicmp,_wcsicmp,_wcsicmp,_wcsicmp,_wcsicmp,_wcsicmp,_wcsicmp,_wcsicmp,_wcsicmp,??0QString@kso_qt@@QAE@XZ,?isOverseasVersion@product@krt@@YA_NXZ,??4QString@kso_qt@@QAEAAV01@PBD@Z,??YQString@kso_qt@@QAEAAV01@PBD@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,??1QString@kso_qt@@QAE@XZ,	7_2_00A8D850
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00AA2930 GetPrivateProfileIntW,WritePrivateProfileStringW,GetPrivateProfileIntW,WritePrivateProfileStringW,GetPrivateProfileIntW,WritePrivateProfileStringW,GetPrivateProfileIntW,WritePrivateProfileStringW,GetPrivateProfileIntW,WritePrivateProfileStringW,	7_2_00AA2930
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A8CA20 ?translate@QCoreApplication@kso_qt@@SA?AVQString@2@PBD00H@Z,?translate@QCoreApplication@kso_qt@@SA?AVQString@2@PBD00H@Z,_CxxThrowException,?translate@QCoreApplication@kso_qt@@SA?AVQString@2@PBD00H@Z,memset,memset,memset,GetVersionExW,memset,GetPrivateProfileStringW,??0QString@kso_qt@@QAE@XZ,?isSupportRibbonScale@product@krt@@YA_NXZ,?isSupportRibbonScale@product@krt@@YA_NXZ,memset,?isSupportRibbonScale@product@krt@@YA_NXZ,?translate@QCoreApplication@kso_qt@@SA?AVQString@2@PBD00H@Z,?trimmed@QString@kso_qt@@QHAE?AV12@XZ,??0QString@kso_qt@@QAE@$$QAV01@@Z,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,wcsncpy,?utf16@QString@kso_qt@@QBEPBGXZ,?translate@QCoreApplication@kso_qt@@SA?AVQString@2@PBD00H@Z,?utf16@QString@kso_qt@@QBEPBGXZ,??1QString@kso_qt@@QAE@XZ,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,??1QString@kso_qt@@QAE@XZ,?isSupportRibbonScale@product@krt@@YA_NXZ,wcsrchr,wcsrchr,??1QString@kso_qt@@QAE@XZ,	7_2_00A8CA20
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A92C20 GetPrivateProfileIntW,GetPrivateProfileIntW,GetPrivateProfileIntW,GetPrivateProfileIntW,_invalid_parameter_noinfo_noreturn,	7_2_00A92C20
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00AFAD00 ?endGroup@QSettings@kso_qt@@QAEXXZ,?setValue@QSettings@kso_qt@@QAEXABVQString@2@ABVQVariant@2@@Z,memset,GetPrivateProfileStringW,_invalid_parameter_noinfo_noreturn,?endGroup@QSettings@kso_qt@@QAEXXZ,memset,?endGroup@QSettings@kso_qt@@QAEXXZ,GetModuleFileNameW,?endGroup@QSettings@kso_qt@@QAEXXZ,?isOverseasVersion@product@krt@@YA_NXZ,??0KCommonSettings@krt@@QAE@W4Scope@QSettings@kso_qt@@@Z,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,?beginGroup@QSettings@kso_qt@@QAEXABVQString@2@@Z,?beginGroup@QSettings@kso_qt@@QAEXABVQString@2@@Z,??1QString@kso_qt@@QAE@XZ,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,?beginGroup@QSettings@kso_qt@@QAEXABVQString@2@@Z,??1QString@kso_qt@@QAE@XZ,??0QVariant@kso_qt@@QAE@H@Z,??0QVariant@kso_qt@@QAE@H@Z,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,?setValue@QSettings@kso_qt@@QAEXABVQString@2@ABVQVariant@2@@Z,?setValue@QSettings@kso_qt@@QAEXABVQString@2@ABVQVariant@2@@Z,?setValue@QSettings@kso_qt@@QAEXABVQString@2@ABVQVariant@2@@Z,??1QString@kso_qt@@QAE@XZ,??1QVariant@kso_qt@@QAE@XZ,??1QVariant@kso_qt@@QAE@XZ,??0QVariant@kso_qt@@QAE@H@Z,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,?setValue@QSettings@kso_qt@@QAEXABVQString@2@ABVQVariant@2@@Z,?setValue@QSettings@kso_qt@@QAEXABVQString@2@ABVQVariant@2@@Z,??1QString@kso_qt@@QAE@XZ,??1QVariant@kso_qt@@QAE@XZ,?endGroup@QSettings@kso_qt@@QAEXXZ,?endGroup@QSettings@kso_qt@@QAEXXZ,?endGroup@QSettings@kso_qt@@QAEXXZ,??1KWpsCloudSvrSettings@krt@@UAE@XZ,	7_2_00AFAD00

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

File created: C:\Users\user\AppData\Roaming\kingsoft\office6\log\setup\wpssetup.log

Jump to behavior

Boot Survival

Contains functionality to infect the boot sector

Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe

7_2_64E0B3F0

Hooking and other Techniques for Hiding and Protection

Extensive use of GetProcAddress (often used to hide API calls)

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_009F95A0 SHGetSpecialFolderPathW,RegOpenKeyExW,RegCloseKey,RegCloseKey,GetModuleHandleW,GetProcAddress,RegOpenKeyExW,RegCloseKey,RegCloseKey,GetModuleHandleW,GetProcAddress,RegOpenKeyExW,RegCloseKey,RegDeleteValueW,RegDeleteValueW,RegCloseKey,GetModuleHandleW,GetProcAddress,RegOpenKeyExW,RegCloseKey,RegCloseKey,GetModuleHandleW,GetProcAddress,RegOpenKeyExW,RegCloseKey,RegCloseKey,GetModuleHandleW,GetProcAddress,RegOpenKeyExW,RegCloseKey,RegCloseKey,GetModuleHandleW,GetProcAddress,RegOpenKeyExW,RegCloseKey,RegCloseKey,GetModuleHandleW,GetProcAddress,RegOpenKeyExW,RegCloseKey,RegCloseKey,GetModuleHandleW,GetProcAddress,RegOpenKeyExW,RegCloseKey,RegDeleteValueW,RegCloseKey,GetModuleHandleW,GetProcAddress,RegOpenKeyExW,RegCloseKey,RegCloseKey,GetModuleHandleW,GetProcAddress,RegOpenKeyExW,RegCloseKey,RegCloseKey,RegDeleteValueW,RegCloseKey,RegCloseKey,

5_2_009F95A0

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdate			Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot			Jump to behavior

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Process information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion

Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_DiskDrive
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_DiskDrive
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_DiskDrive
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_DiskDrive
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_DiskDrive

Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_00C2A610 GetLastError,GetCurrentProcessId,ProcessIdToSessionId,CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,ProcessIdToSessionId,OpenProcess,OpenProcessToken,CloseHandle,CloseHandle,RegOpenCurrentUser,RevertToSelf,

5_2_00C2A610

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Window / User API: threadDelayed 630			Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Window / User API: foregroundWindowGot 622			Jump to behavior

Found dropped PE file which has not been started or loaded

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\kqingaccountsdk.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\api-ms-win-core-console-l1-2-0.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksearchpanel\ksearchpanel.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\krpt.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\api-ms-win-core-console-l1-1-0.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksandbox\ksandbox.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kscreengrab\kscreengrab.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksaddndr.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\api-ms-win-core-datetime-l1-1-0.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksharedoc_xa\ksharedoc_xa.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\utility\diffbase\office6\mui\default\templates\printTemplate.pdf_bk (copy)	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingdlg\kqingdlg.dll	Jump to dropped file
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\krecentfile\krecentfile.dll	Jump to dropped file

Found evasive API chain (date check)

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Evasive API call chain: GetLocalTime,DecisionNodes

Found large amount of non-executed APIs

Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe

API coverage: 3.7 %

May sleep (evasive loops) to hinder dynamic analysis

Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe TID: 2036

Thread sleep time: -30000s >= -30000s

Queries disk information (often used to detect virtual machines)

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe

File opened: PhysicalDrive0

Jump to behavior

Sample execution stops while process was sleeping (likely an evasion)

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe

Last function: Thread delayed

Uses the system / local time for branch decision (may execute only at specific dates)

Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe

Code function: 7_2_64E64E10 GetSystemTimeAsFileTime followed by cmp: cmp ebp, 04h and CTI: jbe 64E6530Bh

7_2_64E64E10

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	File Volume queried: C:\Users\user\Desktop FullSizeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File Volume queried: C:\Users\user\Desktop\wps_download FullSizeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File Volume queried: C:\Users\user\Desktop\wps_download FullSizeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File Volume queried: C:\Users\user\Desktop\wps_download FullSizeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	File Volume queried: C:\Users\user\Desktop\wps_download FullSizeInformation

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A0C1A0 PathAddBackslashW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,SHGetSpecialFolderPathW,	5_2_00A0C1A0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A1C140 PathAddBackslashW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,	5_2_00A1C140
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009D42F0 FindFirstFileW,PathFileExistsW,lstrcmpW,lstrcmpW,lstrcmpW,lstrcmpW,GetLastError,FindClose,CopyFileW,lstrcmpW,FindNextFileW,	5_2_009D42F0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A34270 SHGetSpecialFolderPathW,CoInitialize,CoCreateInstance,FindFirstFileW,FindNextFileW,FindNextFileW,StrStrIW,StrStrIW,FindNextFileW,FindClose,CoUninitialize,	5_2_00A34270
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009CB6E0 FindFirstFileW,FindNextFileW,FindNextFileW,FindClose,	5_2_009CB6E0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009EFBA0 RegCloseKey,FindFirstFileW,MoveFileExW,MoveFileExW,FindNextFileW,FindClose,MoveFileExW,Concurrency::cancel_current_task,MoveFileExW,MoveFileExW,	5_2_009EFBA0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A37D60 RegOpenKeyExW,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey,RegOpenKeyExW,RegCloseKey,RegCloseKey,SHGetSpecialFolderPathW,SHGetSpecialFolderPathW,SHGetSpecialFolderPathW,FindFirstFileW,FindNextFileW,FindClose,GetLastError,	5_2_00A37D60
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009EC0D0 FindFirstFileW,FindNextFileW,FindClose,CopyFileW,RegOpenKeyExW,RegSetValueExW,RegCloseKey,	5_2_009EC0D0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00990160 FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpW,FindClose,GetLastError,GetLastError,RemoveDirectoryW,MoveFileExW,GetLastError,FindClose,GetSystemDirectoryW,SetFileAttributesW,DeleteFileW,MoveFileExW,SetFileAttributesW,DeleteFileW,GetTickCount,MoveFileExW,MoveFileExW,lstrcmpW,FindNextFileW,__Init_thread_footer,	5_2_00990160
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A004A0 PathAddBackslashW,FindFirstFileW,FindNextFileW,FindClose,	5_2_00A004A0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A5E890 SHGetSpecialFolderPathW,SHGetSpecialFolderPathW,CoInitialize,CoCreateInstance,FindFirstFileW,StrStrIW,StrStrIW,StrStrIW,StrStrIW,StrStrIW,StrStrIW,DeleteFileW,FindNextFileW,FindClose,CoUninitialize,	5_2_00A5E890
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009D5150 FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpW,FindNextFileW,FindClose,GetLastError,RemoveDirectoryW,GetLastError,MoveFileExW,GetLastError,FindClose,	5_2_009D5150
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A3F6B0 PathFileExistsW,GetFileAttributesW,FindFirstFileW,FindNextFileW,FindClose,WritePrivateProfileStringW,WritePrivateProfileStringW,WritePrivateProfileStringW,WritePrivateProfileStringW,	5_2_00A3F6B0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_0098B710 FindFirstFileW,FindNextFileW,FindClose,	5_2_0098B710
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009C98F0 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,	5_2_009C98F0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A3D8D0 FindFirstFileW,GetLastError,PathFileExistsW,CopyFileW,FindNextFileW,FindClose,PathFileExistsW,CopyFileW,GetLastError,GetLastError,	5_2_00A3D8D0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A39BC0 PathFileExistsW,FindFirstFileW,lstrcmpW,lstrcmpW,CopyFileW,FindNextFileW,FindClose,	5_2_00A39BC0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00A33EE0 FindNextFileW,StrStrIW,StrStrIW,CopyFileW,GetSystemDirectoryW,SHGetSpecialFolderPathW,CoInitialize,CoCreateInstance,FindFirstFileW,FindNextFileW,FindNextFileW,StrStrIW,StrStrIW,FindNextFileW,FindClose,CoUninitialize,	5_2_00A33EE0
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_009C9F70 FindFirstFileW,lstrcmpW,lstrcmpW,lstrcmpW,lstrcmpW,FindNextFileW,DeleteFileW,FindClose,	5_2_009C9F70
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A924B0 memset,memset,GetVersionExW,wcscat_s,memset,?fromUtf16@QString@kso_qt@@SA?AV12@PBGH@Z,??1QString@kso_qt@@QAE@XZ,?utf16@QString@kso_qt@@QBEPBGXZ,FindFirstFileW,?fromUtf16@QString@kso_qt@@SA?AV12@PBGH@Z,?fromUtf16@QString@kso_qt@@SA?AV12@PBGH@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,?append@QString@kso_qt@@QAEAAV12@ABV12@@Z,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,?utf16@QString@kso_qt@@QBEPBGXZ,??1QString@kso_qt@@QAE@XZ,FindNextFileW,FindClose,??1QString@kso_qt@@QAE@XZ,	7_2_00A924B0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A89420 memset,wcsncpy,wcsncat,memset,FindFirstFileW,FindNextFileW,FindNextFileW,FindClose,	7_2_00A89420
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A9D6A0 ?shared_null@QListData@kso_qt@@2UData@12@B,memset,??0QByteArray@kso_qt@@QAE@ABV01@@Z,?fromUtf8@QString@kso_qt@@SA?AV12@PBDH@Z,?append@QString@kso_qt@@QAEAAV12@ABV12@@Z,??1QString@kso_qt@@QAE@XZ,?toNativeSeparators@QDir@kso_qt@@SA?AVQString@2@ABV32@@Z,??1QString@kso_qt@@QAE@XZ,?utf16@QString@kso_qt@@QBEPBGXZ,FindFirstFileW,?fromUtf16@QString@kso_qt@@SA?AV12@PBGH@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,?fromUtf8@QString@kso_qt@@SA?AV12@PBDH@Z,?append@QString@kso_qt@@QAEAAV12@ABV12@@Z,??1QString@kso_qt@@QAE@XZ,??0QByteArray@kso_qt@@QAE@ABV01@@Z,?append@QString@kso_qt@@QAEAAV12@ABV12@@Z,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,FindNextFileW,?shared_null@QListData@kso_qt@@2UData@12@B,?shared_null@QListData@kso_qt@@2UData@12@B,FindClose,??1QString@kso_qt@@QAE@XZ,	7_2_00A9D6A0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A9A95C ??0QString@kso_qt@@QAE@PBD@Z,??1QString@kso_qt@@QAE@XZ,memmove,memset,wcscpy_s,_invalid_parameter_noinfo_noreturn,memset,memset,memset,GetVersionExW,memset,FindFirstFileW,??0QString@kso_qt@@QAE@XZ,?isOverseasVersion@product@krt@@YA_NXZ,??4QString@kso_qt@@QAEAAV01@PBD@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,??0QByteArray@kso_qt@@QAE@ABV01@@Z,??1QString@kso_qt@@QAE@XZ,DeleteFileW,FindNextFileW,??1QString@kso_qt@@QAE@XZ,FindClose,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,	7_2_00A9A95C
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A9BA70 FindClose,Sleep,memset,FindFirstFileW,FindClose,Sleep,	7_2_00A9BA70
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A92A40 ?translate@QCoreApplication@kso_qt@@SA?AVQString@2@PBD00H@Z,?shared_null@QListData@kso_qt@@2UData@12@B,?isEmpty@QListData@kso_qt@@QBE_NXZ,?toNativeSeparators@QDir@kso_qt@@SA?AVQString@2@ABV32@@Z,??0QChar@kso_qt@@QAE@H@Z,?endsWith@QString@kso_qt@@QBE_NVQChar@2@W4CaseSensitivity@Qt@2@@Z,??YQString@kso_qt@@QAEAAV01@PBD@Z,?utf16@QString@kso_qt@@QBEPBGXZ,FindFirstFileW,FindNextFileW,?translate@QCoreApplication@kso_qt@@SA?AVQString@2@PBD00H@Z,?fromWCharArray@QString@kso_qt@@SA?AV12@PB_WH@Z,?QStringList_contains@QtPrivate@kso_qt@@YA_NPBVQStringList@2@ABVQString@2@W4CaseSensitivity@Qt@2@@Z,??1QString@kso_qt@@QAE@XZ,FindNextFileW,FindClose,??1QString@kso_qt@@QAE@XZ,	7_2_00A92A40
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00B07DB0 FindFirstFileW,_wcsnicmp,FindNextFileW,FindClose,_invalid_parameter_noinfo_noreturn,	7_2_00B07DB0
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A97E40 memset,FindFirstFileW,DeleteFileW,FindNextFileW,memmove,FindClose,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,?isSupportRibbonScale@product@krt@@YA_NXZ,?fromAscii_helper@QString@kso_qt@@CAPAU?$QTypedArrayData@G@2@PBDH@Z,??1QString@kso_qt@@QAE@XZ,?shared_null@QHashData@kso_qt@@2U12@B,?translate@QCoreApplication@kso_qt@@SA?AVQString@2@PBD00H@Z,??0QChar@kso_qt@@QAE@UQLatin1Char@1@@Z,?arg@QString@kso_qt@@QBE?AV12@ABV12@HVQChar@2@@Z,?utf16@QString@kso_qt@@QBEPBGXZ,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,??1QString@kso_qt@@QAE@XZ,?shared_null@QHashData@kso_qt@@2U12@B,	7_2_00A97E40
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00A8DE50 memset,FindFirstFileW,memset,memset,_wcsicmp,memset,memset,_wcsnicmp,FindNextFileW,FindClose,	7_2_00A8DE50

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_009F75A0 GetTempPathW,PathAddBackslashW,GetLogicalDriveStringsW,GetDriveTypeW,GetDriveTypeW,GetDriveTypeW,GetDriveTypeW,PathAddBackslashW,GetTickCount,

5_2_009F75A0

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_0096C9C0 GetCurrentProcess,GetProcessAffinityMask,GetSystemInfo,

5_2_0096C9C0

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\default\html\kappcustomwidget\static\	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\default\	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\default\html\	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\default\html\kappcustomwidget\	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	File opened: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\default\html\kappcustomwidget\static\css\	Jump to behavior

Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4121012144.0000000014EE6000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000002.4116265647.00000000036DB000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWen-GBn
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe, 00000005.00000003.2626467328.0000000001376000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe

Process information queried: ProcessInformation

Jump to behavior

Anti Debugging

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_00C8F898 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

5_2_00C8F898

Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_00A63770 OutputDebugStringW,GetSystemWow64DirectoryW,GetLastError,OutputDebugStringW,SHGetSpecialFolderPathW,DeleteFileW,DeleteFileW,DeleteFileW,RegCreateKeyExW,RegQueryValueExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,

5_2_00A63770

Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

5_2_00C2A610

Contains functionality to dynamically determine API calls

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

5_2_0098D6B0

Contains functionality to read the PEB

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00CAE844 mov eax, dword ptr fs:[00000030h]	5_2_00CAE844
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00CAE888 mov eax, dword ptr fs:[00000030h]	5_2_00CAE888
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C8F597 mov eax, dword ptr fs:[00000030h]	5_2_00C8F597

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_00A2BF90 GetNativeSystemInfo,GetNativeSystemInfo,GetProcessHeap,HeapAlloc,SetLastError,GetSystemDirectoryW,GetNativeSystemInfo,PathAppendW,PathAppendW,PathAppendW,PathFileExistsW,PathAppendW,PathRenameExtensionW,PathQuoteSpacesW,Concurrency::cancel_current_task,Concurrency::cancel_current_task,Concurrency::cancel_current_task,Concurrency::cancel_current_task,

5_2_00A2BF90

Enables debug privileges

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Process token adjusted: Debug

Jump to behavior

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C8F898 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	5_2_00C8F898
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_00C7F82B SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	5_2_00C7F82B
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B146A8C IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	5_2_6B146A8C
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B146D8B SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	5_2_6B146D8B
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B152AB4 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	5_2_6B152AB4
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B152917 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	5_2_6B152917
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B1755F4 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	5_2_6B1755F4
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: 5_2_6B17545A IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	5_2_6B17545A
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_00C1509F SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	7_2_00C1509F
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E0E981 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	7_2_64E0E981
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E0EB24 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	7_2_64E0EB24
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E7B502 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	7_2_64E7B502
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Code function: 7_2_64E7B659 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	7_2_64E7B659

HIPS / PFW / Operating System Protection Evasion

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Process created: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe c:\users\user\desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_xa_mui_free.exe.500.2083.exe -installcallbyonlinesetup -defaultopen -defaultopenpdf -asso_pic_setup -createicons -curlangofinstalledproduct=en_gb -d="c:\users\user\appdata\local\kingsoft\wps office" -notautostartwps -enablesetupmuipkg -appdata="c:\users\user\appdata\roaming"
Source: unknown	Process created: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe "c:\users\user\desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_xa_mui_free.exe.500.2083.exe" -downpower -installcallbyonlinesetup -defaultopen -defaultopenpdf -asso_pic_setup -createicons -curlangofinstalledproduct="en_gb" -d="c:\users\user\appdata\local\kingsoft\wps office" -notautostartwps="c:\users\user\appdata\local\kingsoft\wps office" -enablesetupmuipkg="c:\users\user\appdata\local\kingsoft\wps office" -appdata="c:\users\user\appdata\roaming" -msgwndname=wpssetup_message_48854e -curinstalltemppath=c:\users\user\appdata\local\temp\wps\~4872e0\
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Process created: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe c:\users\user\desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_xa_mui_free.exe.500.2083.exe -installcallbyonlinesetup -defaultopen -defaultopenpdf -asso_pic_setup -createicons -curlangofinstalledproduct=en_gb -d="c:\users\user\appdata\local\kingsoft\wps office" -notautostartwps -enablesetupmuipkg -appdata="c:\users\user\appdata\roaming"	Jump to behavior

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_00A29E10 LoadLibraryExW,InitializeSecurityDescriptor,SetSecurityDescriptorDacl,CreateMutexW,CreateMutexW,CreateMutexW,CreateEventW,

5_2_00A29E10

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_009D6950 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,

5_2_009D6950

Language, Device and Operating System Detection

Contains functionality to query CPU information (cpuid)

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_6B1468AB cpuid

5_2_6B1468AB

Contains functionality to query locales information (e.g. system language)

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: EnumSystemLocalesEx,	5_2_00CAF2C2
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: GetLocaleInfoEx,GetLocaleInfoW,	5_2_00CAF46C
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: GetACP,IsValidCodePage,_wcschr,_wcschr,GetLocaleInfoW,	5_2_00CB7AF2
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: GetLocaleInfoW,	5_2_00CB8158
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: GetLocaleInfoEx,	5_2_00C822CA
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP,	5_2_00CB827E
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: GetLocaleInfoW,	5_2_00CB8384
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,	5_2_00CB8453
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: EnumSystemLocalesW,	5_2_00CAEEB3
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: GetLocaleInfoW,	5_2_00CB7CED
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: EnumSystemLocalesW,	5_2_00CB7DDF
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: EnumSystemLocalesW,	5_2_00CB7D94
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: EnumSystemLocalesW,	5_2_00CB7E7A
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,	5_2_00CB7F05

Queries the volume information (name, serial number etc) of a device

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Queries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Queries volume information: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe	Queries volume information: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\qt.conf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\qt.conf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\qt\plugins\platforms\qdirect2d.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\qt\plugins\platforms\qwindows.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\qt\plugins\styles\qwindowsvistastyle.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\en_US\kpacketui.qm VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\qt\plugins\imageformats\qsvg.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\qt\plugins\iconusers\qsvgicon.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\en_GB\kpacketui.qm VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\de_DE\kpacketui.qm VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\en_GB\kpacketui.qm VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Queries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\cfgs\product.dat VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\cfgs\product.dat VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\qt.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\qt.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\qt\plugins\platforms\qdirect2d.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\qt\plugins\platforms\qwindows.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\qt\plugins\styles\qwindowsvistastyle.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\cfgs\setup.cfg VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\cfgs\setup.cfg VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\utility\install.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\utility\install.ini VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en\lang.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en\lang.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_GB\lang.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_GB\lang.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\lang.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\lang.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\lang.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\lang.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\lang.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\lang.conf VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.dat VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.dat VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.dat VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.dat VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.lck VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.lck VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.lck VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.dat VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.dat VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.dat VolumeInformation
Source: C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksomisc.exe	Queries volume information: C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.dat VolumeInformation

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_0099C4B0 RegCloseKey,WaitForSingleObject,GetLocalTime,_strrchr,_strrchr,GetCurrentThreadId,GetCurrentProcessId,EnterCriticalSection,LeaveCriticalSection,SetEvent,

5_2_0099C4B0

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_00CB1DA0 _free,_free,_free,GetTimeZoneInformation,_free,

5_2_00CB1DA0

Source: C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe

Code function: 5_2_009DEFB0 RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,std::locale::_Init,RegCloseKey,GetVersionExW,GetVersionExW,

5_2_009DEFB0

Source: C:\Users\user\Desktop\wps_wid.cid-735916525.1730301987.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Lowering of HIPS / PFW / Operating System Security Settings

AV process strings found (often used to terminate AV products)

Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Binary or memory string: 360Safe.exe
Source: 060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	Binary or memory string: ravmond.exe

Domain

Country

Flag

ASN

ASN Name

Malicious

172.217.16.206

unknown

United States

15169

GOOGLEUS

false

104.16.84.69

unknown

United States

13335

CLOUDFLARENETUS

false

90.84.175.86

unknown

France

5511

OPENTRANSITFR

false

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\advancedexportpdf\advancedexportpdf.data	Qt Binary Resource file	A2503BF64C81C74B0F2960BD3297E247	DEE022D942A3BBE8364F5162DC7940A43B9347EE	F1C52A3973A6CDB068B45ED27B990B9C20E537AF85B04DF871912E74B71D4FFC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\cef\chrome_100_percent.pak	data	E26D7077E90A58913B2CE2AA3B23C6F6	C04D6376B27C5570E15C326C88B235E4ECDED08A	E3102A505E8A56CF79FAA0154F8C57D542FC574D817DAAD46F08CA752E4207BE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\cef\chrome_200_percent.pak	data	A748A8ACFA4239FC7B99062FB8CB6AF9	C0FB55CDDE2131E5B6DBF5D148DE364FFE0FA7ED	3FB5F53E45EB516D1A04CCAF1CB817663B2BDEE15CCA659279BD45DE092CB463
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\cef\icudtl.dat	data	6690F2B2384E1BF8961FDA96A4D07691	111F6DD9833C653908431621FE8FBC87F1135632	CB73D42D36839708013393AD0E4E932FDDA9A1ACDA9275ECDBE74FE89EEA8366
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\cef\locales\en-GB.pak	data	8E601B65320A3E12EF62C5D8716C9E50	0921B2AAFBA4E92A23F593308CE8F3EE05593DB8	7A69DA86E706073FAB3466B1816DFE1D5C34D31FF06DB39D38AB891650C46600
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\cef\locales\en-US.pak	data	B64D628DBA84684B5400AB325214F375	1C3E76F3C8AA63C455F57E7252616A445D6B8544	D6C5212935ED76AECCE38504B9B10B065D877D688C574B77AE7141556952582B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\cef\resources.pak	data	D462C1F11A83F8238932263AD0295871	380C4E99BE230EE8AF2FE5D699F06F51B54E9E13	A952F0EFDA0B98C63913035AB893F850A70E037E5578D8D8C4BF0D02AF058F74
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\cef\snapshot_blob.bin	data	16022C5F08EC6FCB7A59A52BCE177230	4F51B56F1FF50600A7D85007E4D6914F00DBF9E4	902DDA108D4FBFCFD1CC50F34D63FC9250F9B44FCFB1B5EF035060B30AB353C8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\cef\v8_context_snapshot.bin	data	DBA736867E69ED2CF68E4BA256AE3B80	7D4EAFD8F828C4E82C6E3D1127CD569D64E2CB64	7E87D03714EAB570444A6C9C7056EC39B470CFBB2C631BF1BACA197BFD35F760
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\mui\default\icons.data	Qt Binary Resource file	803D8A57BA2DB0C6CB8FBC03707F3A4A	CD1B47F0C4E1957ED7052A2C5CF9E0A197D47BFF	A5630F18C30DD0D52BFB5A273F9717D2D41049C3B9C5AD5CAA78E981B4DD136B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\mui\default\icons_svg.data	Qt Binary Resource file	359A17516324E6F8623128328C782E5C	9BF074CE064585A43614954445968131EE288016	C57CA7DB9FD80D9864A4ED97AFB9B8D8F440A7AA1655665E16DBE50ED7054C0F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\mui\default\icons_svg_xa.data	Qt Binary Resource file	FE5D84610B757AEAE90D944D662AFF46	D8363D3F2BF5DF2DF1432A2CAE7846824A675F51	DBAE7E9FAB4B63017387BCECDC324F061966863795188634C52457DD5A8CA462
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\mui\default\scenebeautify.data	Qt Binary Resource file	85A7A61CDFC0C9CD534FA4D07E2C4DAC	579480570E863300D7737F178DE5F3CCACE2674B	6B3E8907644D4C3CA278552FE5652930080D74AA827B8DC6D99E35877C872AA4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\mui\default\waitingwidgets.data	Qt Binary Resource file	BFD0BA352B244F2A722E2039C52D5CEF	3C063D06BE2C72D6859888E96777B986CF7A4033	2E0695E950470871B3D24FE7C55EE2B79C584951BFF135122AB9BB1F7445AE44
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\mui\default\web_beautifywpp.data	Qt Binary Resource file	6A1A73B7F8D4D43BEEBE15F35CC2A0D0	A0DF78E1C7C04A6831BD3E090B5B3C1C4919AB72	5E3F84156DB696D82A2D9A1F949B6BB18DBEE9902CC172F80E035CB66D712ADC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\changetheme\css\app.css	ASCII text, with very long lines (7226)	CAFF9D6E5BBE3F9DA69B5F637BC90615	2089BA8CA2A21C30D9BA2DAF94343718914B7850	DA26A02769748F13D1F05577906A7E538E343EDA69B35FD427A0DF04262ABD48
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\changetheme\images\loading-24.gif	GIF image data, version 89a, 48 x 48	AF8CA230CB4838B21FB91A3C0A877647	E163EFE2DDA9B5D3D0380329894E1F447B77E371	D2554EBD9993C1226475756B888EE6B48BD85607940ECAA7D4407E965B8E1E79
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\common\img\waiting-64.gif	GIF image data, version 89a, 64 x 64	8B4F1EB73AD33E324CD8279AF5E63384	6C998A2AE19C7117F8FAF48F21BD6C5E98A2E903	B5D98D8529D9BE1DFF580E45E18B83FCCEFB0D740204E585F7149C4948B3EA73
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\common\template_download.html	HTML document, Unicode text, UTF-8 text, with very long lines (357)	0F9FBFB69EE37B7DF8745D7459867D6D	469B98867C3759E55B6BE1557D1C4E5D2FB1EB8D	A5748A35ACFE0318EA8945913200E934A9BD26ACE0B4999FEDBDD95DFC15F57F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\common\theme_replace_template_download.html	HTML document, Unicode text, UTF-8 text, with very long lines (357)	283159F7F63A9EE13FE5BAEF064A0280	54014019D3B0B98DE440366F6A6D9F7DEE75CB07	F8BED69EA56F33FF076342C66977C506C26676B6AFA59AEB4E958625AE4E2134
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\common\theme_template_download.html	HTML document, Unicode text, UTF-8 text, with very long lines (357)	1472F85DE5AA423596BD353CC72FCA6E	E7C8258FD3277035BAF3498696F041F1A9B47DFD	5C9B9718A7F3DA19C69F6810848E0B8DE8CC2076AE7BDA5E60588E872608BE0F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2018white-brand-color.css	ASCII text, with very long lines (1271), with no line terminators	4341F22258C3A215293B4292A1C0EA6B	674D06AFCBD18E5480828B39CB13F9F9FCE904AC	40403B698068A83D0EE2FDC61314D4BABAAA577C4CEBA2B17EB1C69A84985AD9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2018white-dark-brand.css	ASCII text, with very long lines (1328), with no line terminators	BF9B587736778844EEB45E43E73ADCAD	9D27FCC9EF985DF2B835EC9C0A353753D57E1867	45D33BACBCA974BE498BEAF99E2530DD289F958B6F5BA29533D8048CF390FB99
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2018white-dark-theme-dark.css	ASCII text, with very long lines (9479), with no line terminators	9FB8C3631E150DA7538D814AE3396953	46EC3D329ED1F46791DCC79ACB2D04C25C3F170F	37FEC597D91093F6471335448C8A74F2BE2303B7E8EBDBAAA6E50DFB8ABF574F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2018white-dark-wps2kd.css	ASCII text, with very long lines (7840), with no line terminators	CBA51C979EDA6204DB4B68444AA0906E	9B35589F21EB7643933F4DBBE4FA4A00C42ED237	617236332F28DAB7FE421FA259C785F8408AF81FFCC6B329A178D19706B20039
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2018white-dark.css	ASCII text, with very long lines (575), with no line terminators	F4DFD34A20EA8DD712AC8B5EBAEC0F05	1E1241677295A115CA5DD84077E1E329AD384600	6B22D6C410C2FD001B386966E1EA6F50236CE95B6D814BF5A539935A91F45B96
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2018white-default.css	Unicode text, UTF-8 text, with very long lines (12853), with no line terminators	788B5E7C1C00C594D187B189C1AFA67E	BD98D1EC4BC84E055EC8DF0CFDFADBF649771C51	5FF7E940713EFA3852849D2E40DC241F70A611FAC3AA9A437D5A3E35213C5826
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2018white-white.css	ASCII text, with very long lines (508), with no line terminators	860437EE6F02B712B716C12C0D906EF5	B9102617D2C69F0F2D0CBDC0EC94CDEE26E45A31	21546FA973A8BABE0E062371AD1C10FC275374C93C2A0BE301549C644ABBBFB6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2019dark-comfort-brand.css	ASCII text, with very long lines (1367), with no line terminators	91CE6A4B37B1E5DC9A925F44D01309FA	FF6523DF0340743D16424A6678071B050F146332	65B5DA5A1D10562EDE4953D327D378BC702AF3F179FF5C0C86E0E54B0D358018
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2019dark-comfort.css	ASCII text, with very long lines (753), with no line terminators	B05157B2280F10F62B0D367A48A272EA	9ACEA1A4562FACF5FF242E649B5F4E55DF96939D	14C8F04164AB45DC055EA75E880726FDF6DAD4527CA856A54CA92338683A0397
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2019dark-comfortable.css	ASCII text, with very long lines (9704), with no line terminators	0763D4362A16D8294E003D67EF11A0BC	7BD2773E4E26C52A59D4E8C6098E8EEDA773E45D	E266618C044DB0B9E327D480AEFDF451F97CF97F5DDF4C490ED3F55387BAE4C2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2019dark-wps2kd.css	ASCII text, with very long lines (7226), with no line terminators	D8D4EF700FA521CE01C63ADBBE308AFB	EC48B9ED2E07AEDB168C5B0EE768422E42B0798C	7D4FE6573A7E9A21061D0A2B1F5B586DCF990A41D1BB69B0EC96BF75CE96DB7D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2019greeny-green-brand.css	ASCII text, with very long lines (447), with no line terminators	97BC301837F73A4230FFADEC1F30823D	D905EC524BEA4E22834220772593FB08B519B0F8	983E3BDABE0FF1CED5CD9B3BD5682F4EA61D5DAF184F0A5692A57B34D41FC3C1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2019greeny-green.css	ASCII text, with very long lines (746), with no line terminators	E025E0D36BD663C7A918AAED247F753E	AD0A65B6EFD1DD574923FEBC7CB83A6A082D77D3	6CF49FF1EDC4219CC1A632C2666896887274B926412D2E7AEC238B8E23343144
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2019greeny-theme-green.css	ASCII text, with very long lines (9681), with no line terminators	D9276279BD9A5CD5E47178BC7229515E	C50AED608EF3E2E970AB5A9609216758458CF186	96A088660FF61E4C448DF4B577F614D86603C9BB3F06BE8B112CAB00056CE181
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2020platinum-svip-brand.css	ASCII text, with very long lines (1317), with no line terminators	767146E390BC78857D4D0E61C48D5A3C	68462FA36549B471554B1A8EDBE84C244331E9B8	40FE700B84B8275872C7E238E759B0D1E6F2E3F594A59EE77E7D4A3C362EFAB9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2020platinum-svip.css	ASCII text, with very long lines (742), with no line terminators	49DED35DD8AF338F03603490F05B8853	55C8E63683F6751D27B20D592CFA8244A0F75F07	9FFACCB76DFF05C25FB092ABC3BED4F8B8B4279EFB6A3A8F3E6BB04AF32FB4BA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2020platinum-vip.css	ASCII text, with very long lines (9670), with no line terminators	769088C645093317948A18862510AC32	1F430FE9AACFC87A88B8DE6D62764E1BA244AD36	6797149E410F594FF49976CD5A7D2DBDBE9F62D6815976350BD5EE334F4950C0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2023white-nostalgia-classic-brand.css	ASCII text, with very long lines (1351), with no line terminators	DDDD15D1353520A00D8FF40DDC954044	9846E0C846B78E0F47E9F10CC459F187216B60E5	FBD47B7568EBE08E120F721EACD633ABE448C6A050223E3DB2D856A9994AA36D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2023white-nostalgia-classic.css	ASCII text, with very long lines (745), with no line terminators	F9294FE2BEE73421D18F675AC73AF88A	DC30623A41E9C6F722AE02B9FB8708D37D9CB3AC	394B579FD0942A0ED280F18F3A8CD9B51D36DDE2D83D702F9EDC45D0C4D975B7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\2023white-nostalgia-theme-classic.css	ASCII text, with very long lines (9704), with no line terminators	BEA25C60CF88DD59F024FBA088714C34	BDA8FB408B5775067DC5D369B7F155C0F9901951	9F6FFB54E892F47825B3DE0999A7BC1805252F85381208ED78D6803B01E1FEBA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\DialogPreview.css	ASCII text, with very long lines (4915), with no line terminators	72A6ACEC3D9D5D35E4F070CA3002000A	6EF0B49B93C23F9E6715548977BAE07561776969	A1703AFCF9387FB93395892ECD1BCC73E499F85F68EBF42338E589E3373B8E1D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\app.css	ASCII text, with very long lines (18649), with no line terminators	D09BE2BAC6FAC3BCE3CBB475A04B0254	4BCFA60FF48CE36D210FB1B048FA683B1FECA00C	D00C4AE010DF092F78459E47DC74773D380050A3148935723FBB859853509557
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\chunk-vendors.css	ASCII text, with very long lines (22098), with no line terminators	6BA93295BF3B1508A9876C347792BF9D	CF7F9A03C35A2D2A865ED9913E58170B5C231617	4CFA664117ABC28DE260629EC320C56AC6F1221805463CFAD3738410434EDA4C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\css\docer-npm.css	Unicode text, UTF-8 text, with very long lines (61084), with no line terminators	CF10DC65B1FC2627E752FF2EC68E025E	BAE6EB32585699E908C73AE722D6A5904A611B29	89361855E842F0DE9B94AD1670179883AC8B2922D3C1D61BA6D75BCF19FBE9F6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\newslide\version	ASCII text, with no line terminators	FF74A61CA2475A23A69814422EED6FA8	6D91CD868F6DBDA556E9C4E527B063C5915D9B4E	862BBE4E8F48BBCDFFF3AB791DABF00F0B328262301FBE30328C3C4DF4B2255B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\preview\css\app.css	Unicode text, UTF-8 text, with very long lines (65528), with no line terminators	4ABA9CA8612DC7AC9D980CF03DA615B6	B315CA20AB9FD12E7108DEF3F2ADDB1CADA5AA8C	F41C3DFB726C788FD032B5010E586030B212EA17D75ABF8C38298AFB6E8BAC39
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\smartdiagram\css\change-diagram.css	ASCII text, with very long lines (789), with no line terminators	4D728CC2273D9C28FC2A9E045C3D7240	CDA7C4082EBD3C2EF72D865A9EB0A23C2C1C1588	39084C749A7C88FEA18BF0C325879AA6ED09C07046BF4EE006A7D2012191F8E8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\smartdiagram\css\chunk-vendors.css	Unicode text, UTF-8 text, with very long lines (65528), with no line terminators	B2951722CE6CFAB732A4CBC97ACA1DF5	1B324DB9C99F773FB0E2126FB85E1663E8938281	11719EE0FAB1D97DF57D0E096DBBE2436EB3670A04220E147350F6592FA41C0E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\smartdiagram\css\color.css	ASCII text, with no line terminators	F8567A6ACD5A5C04FE321B2334A560EC	6B84FCD082B1451C3BE92C608824E21A63A7AFBF	E2CE262F7B0C239FD6E7FA6582D7CC59FA41FBE66118FAAE522A6F9C73A31AE4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\smartdiagram\css\feature.css	ASCII text, with very long lines (8256), with no line terminators	F5037E5F9FE87F04D7B429A0B4B772F1	2A7C990D8BC0D829AFA3B691C71FA20BDEBB5A45	9B62FF06BB9FBFB146A563B0F00022FD336D63A3436F8AB1D0F763F4A968C17E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\smartdiagram\css\index.css	ASCII text, with very long lines (38179), with no line terminators	C5532045E885F4E36FBB10B082D7DED0	1BEA4A2D8BA2EFBC92FCE61B93CE51E5E1134EFD	3DCA7A07C34B2864197C409B65A54DF5341CE0CD17CCABBAD2E576AD5E20A533
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\smartdiagram\css\pocketShape.css	ASCII text, with no line terminators	656AF49201C6EF46F90A8EC469181C3C	0062247A39641A47663D349C86411DCAA22C3AE4	4F13B715FB0B79847A76A68AEA3C1010C70D6009A6A29C6E8C657A07B9380210
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\smartdiagram\css\shortcut.css	ASCII text, with no line terminators	3F8A54D7BE6EEF07EC7C534262EC1280	BE434F0114F03E11A167C684959554AFEC46FCC6	BCA2C87408734670DB326173551575438F0B1A5C5F77DFA0136A5CD1FBFE20DC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\smartdiagram\css\wps-shortcut.css	ASCII text, with very long lines (1952), with no line terminators	E437509B33645B7AFD236CF466EA79F8	D803D7EA2915D3B17034D2AEC65521F327658027	2EBA3A110585257D3E2B444E2A0A6EBFF4BEA82D8536C56DEA8A85438521B148
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\smartdiagram\img\img-loading.gif	GIF image data, version 89a, 30 x 30	75B9DAFE347FFFA407DAD9977635E79F	EAE714809E6E1319C40A47D2004209D446277E4E	419DC1CFDA17D796EDDB9EC08221BA69C8BF992C40C2E74F957962500663DBF4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\smartdiagram\img\render-loading.gif	GIF image data, version 89a, 48 x 48	5A0DB1F22285D3CD007D346A825E8D89	4E2459789C393678C8A427C48F6831591A9FF79D	1A799B7B0AE1F423D0E7A6CCFD03EAB10B63F8A5204EC7B3ED7FACAB780F752D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kaiwpp\res\smartdiagram\version	ASCII text, with no line terminators	7CF00F84E0AF4A39D37D5ABCB6DB8AC3	081F58BE59DE9D5CB708BE0F918C48BD22095E0A	FCAD1DCA7A384995AC0850FA7761B2D40FAE4FA3370E7A7F135DA915143A7126
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kappessframework\mui\default\kappframework.data	Qt Binary Resource file	33AFE244E5DF0D2D286523095DF86EE8	5875827E43677824CCFE5B2B3A057D59E7CE83EC	04B3B0E0962E41A39A6D9D87EE1C60F5B285B7044C3FCC9718771B79653C04DC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kappessframework\mui\default\theme\res\2018white_dark\2018white_dark.data	Qt Binary Resource file	E1A3CBB6E321D1A7BCB35DB1C54D2367	6A3401E030394315EFC41EE62E7849936BF4C1ED	11B5A99DB8AE0B20B03E9244AA54DC77F38EE0A3AD5C97345C10EB548FE298CC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kapplist\mui\default\html\kappcustomwidget\static\css\app.css	ASCII text, with very long lines (6551), with no line terminators	FC1FE1D1A8AF24EFE5EDBDF3C6DB9258	451EA7B538403B5293C03AF1D55D6C5A5C5C5D70	8DC3CB23B56C0D0597EEA38FDE10E31487C5DC43CA8C9010BAB42DB5E595CF33
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kassistpdf\mui\default\html\css\app.css	ASCII text, with very long lines (4229), with no line terminators	D7CC374844FD14252CF8697D49691F58	E01647E8181C22B20D37F14D881333E2F1674BC7	555B26C51F170A20C24C32B904262ED4B8E951A77A6E6F18EDF47631837A501B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kassistpdf\mui\default\html\img\clear.svg	SVG Scalable Vector Graphics image	F59DE100B0E3B8EB7CFAADE46B95A4C7	9F4EF4FAE08A1AB8F43B1403E568D845961C4A81	87219E926C4A7DF1422AE47802CC0E36C80E47949304EA8812AEF3321BC20CD1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kassistpdf\mui\default\html\img\close.svg	SVG Scalable Vector Graphics image	AC767E57B7A8BD0CED6CA87CEEB539E6	5B718459E9F86654A81109103B58AC054E4A7612	E876EBF320233109C033EA12A3FD3CFD8118F3CA4679A698BD078B236169C3E3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kassistpdf\mui\default\html\img\feedback.svg	SVG Scalable Vector Graphics image	0D435C174E482A4ACB0FDA14F7456680	B004ECFE301B1F85114A8800BE696818248E2354	A08BDC5CF5B168440816E3529247D9AA0AADA15529BA4AC495B8D6AC5FB11F92
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcloudfiledialog\mui\default\icons_svg.data	Qt Binary Resource file	9CCE21738F27A709944E8C85227E9435	B6E49E6011DC7FFFF8EB8E73C54B73A91DDE8D39	D12A12E66890F2A2DD8F99B0B68B74E513F15A722AC023F4123880CF571C61BD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcloudfiledialog\mui\default\theme\res\2018white_dark\2018white_dark.data	Qt Binary Resource file	D75CEBFF06192CE78D74A48CE980CAF9	A670BDFFF5409BD3605E901EC1C91A6789A83C38	B6EBE81253C1321EA721C56B1AB22BC31207394BCC0018932A19105E43B25469
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcloudfiledialog\mui\ja_JP\kcloudfiledialog.qm	Qt Translation file	81ACE9FD6E1816B9636CD06D83BF56A3	4422B669B4948B41FA8E23AD4269460D0B55F2F5	25EEA0FA9AD2E348728014B50566BA7B96A2270DB0A69490B810D4F7CCAEED39
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcloudfiledialog\mui\pt_BR\kcloudfiledialog.qm	Qt Translation file	B6359F1AEBEB0BA9270AAB22EAAD5928	71BF35417C0C54C449D03F8A470E8B7A52A8FC06	E1888BA3A2FD7AF31B767A85E44FBA2E95B9094C30CA06770BCDF1D26DF71792
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcloudfiledialog\mui\pt_PT\kcloudfiledialog.qm	Qt Translation file	0A9F5E2ED1BDC022FFB98FA33B1BE274	941F67DB4EC8DCC4797140B9A1854510C134E767	EA80C12D5BC7548EB2C79B765C2C162460A8FE8CAEFD649E0AB37CAB54E6C800
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcloudfiledialog\mui\ru_RU\kcloudfiledialog.qm	Qt Translation file	2D3B21BFDF7FD6091B58DED0EE4A6803	36588C3BF29B6E4BC7CB7B5933A1DEB6391A6448	92CEEC9637D3BBAA1E0083841A6B920EA08803CAFDC59CA84A6F1F745128CB0B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcloudfiledialog\mui\th_TH\kcloudfiledialog.qm	Qt Translation file	B8F5C1ED408A85A61FE0FF647CEA6BBC	865C814FB8B6E0C5373E22FF42D953CBEE2EC475	149F9773BFF3543E423EC1C172BFDBC580A39AA708B4FED77E83CD4C2CFB7D63
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentry\mui\default\cfgs_xa.data	Qt Binary Resource file	C39CFA72A2499C79FC612F59D7421B39	716E7FCE7CF5AEA08B30C77B669456166EB8A8AF	FCEA7AF5845BA00FF97ED627BF7E323743ED39D05B2F8DD3A35D9B25E5E12101
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentry\mui\default\icons.data	Qt Binary Resource file	1B85B9FA1F8727035D81F81EE5D1AF97	17DEB6D03765F86CBD7C74BD157B20898224F12E	6621FB8A0E441B585DA85775DBC76CD05CC62CC11F2B51B8CC96A5C4AAF3E644
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentry\mui\zh_CN\kcopilotentry.qm	Qt Translation file	7D269CCB13264C0E66AA82AC8519A0BB	8566D405811DA0AB4652237B85DFDF655FC72428	785082C1707E430A729511A5DC69722BDCD0C0EF2B38936181032D56EEB87233
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentrylite\mui\default\icons_svg.data	Qt Binary Resource file	5A8D0F74234071EB336C2CE144B2CEE5	8C8668FC88205C3527679A611D1FC1A1037592F6	3C2EF44A98455E1953932CE05D50D0D8582A06B293D50F92A2351BE453DD5CB0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentrylite\mui\en_US\kcopilotentrylite.qm	Qt Translation file	E3637CDB4FAC235C24253887F31C4F15	6FF48C63C7BF51271812664C3720831327888190	2A4552131E932EE7ED49A929BA0A145E6BE207D2191C3F0051242A8FBA835439
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentrylite\mui\es_ES\kcopilotentrylite.qm	Qt Translation file	241E4316637E88B175F5740BDEF2F957	7C75844DB735B77B1D0FF927FAC6D3DFBAFC7136	2C57A575525102D850BBFA077B34D7803FA45754F9F28A19A8E778860BA54CAC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentrylite\mui\id_ID\kcopilotentrylite.qm	Qt Translation file	6CEA0532964550B19C1169C16EF82AEB	74864B18CF40DB2F5F62A32E30781944002D5AB2	FCB395E59DD2A0B28C882CC577FBA29787D86F8CBF05DA825F12842CA9C9CF4F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentrylite\mui\ja_JP\kcopilotentrylite.qm	Qt Translation file	19B5CFA01EE744EF18F1B5182E5A4889	DFCF500E449D13013664B9A9691C645BE4EE375E	740B449C18715448A0D09B75DB72F7C299865F317BFDCFB534E78961CB2345B7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentrylite\mui\pt_BR\kcopilotentrylite.qm	Qt Translation file	2B42BE10DDDE43A0B6C2E461BEAE293A	53888C4798BC04FDFC5A266587B8DC1C4E0103F3	984EBEEF80F6F50907AFB92E5B5AE72DF49FCE045552C118A77A8887CC98E19B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentrylite\mui\pt_PT\kcopilotentrylite.qm	Qt Translation file	EF980E763E4122571C1E8746CB3549D7	0A3870857B4F5DF4DC182ED48A7572537E5CE875	92DE46BBBEF83C0885948B781B600DB71A762AEA57A89D2CB6729C0EB7524537
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentrylite\mui\ru_RU\kcopilotentrylite.qm	Qt Translation file	CD37A43FEB59AB79BCE7D1131C72AEE8	8E371639A0CBA498924C06CF1439650713A2141C	7B54453098AA1925D08868503D34C7D5B60E77B6C5C507731C9CE46925275287
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kcopilotentrylite\mui\th_TH\kcopilotentrylite.qm	Qt Translation file	A1D818D8B70DBD2E31CB09692B1763AB	9EB2974E0D7CCE97EDE5CB33BBB0138443AC8406	ABEBFABDB2E9AF6EB19CE0188632405AE803908B39482AC211A100FD38209399
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kdcsdk\white_list.data	JSON data	C2DF74F1DC43A474B54BA90AACA7DFA4	83EF90323B92619CDB3F1580F2874A4C07DA8AD5	3BE77F021985843E36FB8D9422610191B67F14CD2F6AA61D8B245C494B445470
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kdns\cfg\gipl.dat	ASCII text, with CRLF line terminators	BBCFABBD9894A90E776EC47F8624CBC9	3F5C8FAF3D44413FF8640ABC3F316187F89854E7	C966EDBA84D6E9E41DC48B100D9E5564F858AF0FA4A30E5A086D4CBD023D82AB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kextensionmgr\black_list.data	data	BF11A3BFDD7DCA02C3298D5F904F5BF6	EA063672193690451F1BA65B1936E3E3733651C6	D57033FB1216E082B8D23F6AB2E3FE3BE590B9E521A002EBBDC085C964574A8E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kfeedback\mui\default\resource\kfeedback.data	Qt Binary Resource file	B4408D67519FEF04DC81449486B46E04	04174F99E60A41E627A82BE19CA0F1D060FE4C5C	919AE98381FADDD3600002013276E5FD6FE35720CB850F144D9912FD5C511F92
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kfeedback\mui\html\css\dlgclient.css	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	6BE2267298FE2F815977E73D22E88CB3	F8C53E6E654E0AF708F5CEACB01A9B5CDD673B04	630C8F9C871CE81F46D03C5CCD2F36A134C0C34FC4F3BA2F292EA4E18518DA18
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kfeedback\mui\html\icon\loading-gif.gif	GIF image data, version 89a, 36 x 24	E88D39A1C7A65784A3E3C794C2BE74CE	7E5069338E4209C5E1B0B365413BCBCB4B4EB983	2BD3242477B3CB3EAF5CE87A5E8C83624C08F1B17DAC116E6B79BAF9B18F5B3E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kfeedback\mui\pt_BR\kfeedback.qm	Qt Translation file	52998978A941DFE5F71E06FFD83DBEC3	6EDB3F16DA918499B739AECFA3B55AF64767515E	7B1E3F406EBF4F0999B85CB0C28F9422CBB7D2D916662C0CDB054BCC8696884F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kfeedback\mui\pt_PT\kfeedback.qm	Qt Translation file	52998978A941DFE5F71E06FFD83DBEC3	6EDB3F16DA918499B739AECFA3B55AF64767515E	7B1E3F406EBF4F0999B85CB0C28F9422CBB7D2D916662C0CDB054BCC8696884F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kfileassociateguide\mui\default\icons_svg.data	Qt Binary Resource file	5A1EC2D91807505655F959DF84C58E0F	A3E06FF9857851428B6B0D4284EA2930A75F7266	B8C593CD2573CF7E4BCF90373A83EE18B40C301843C3ABF0940FBFF66B781717
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidegopremium_xa\mui\default\icons_svg.data	Qt Binary Resource file	5A1EC2D91807505655F959DF84C58E0F	A3E06FF9857851428B6B0D4284EA2930A75F7266	B8C593CD2573CF7E4BCF90373A83EE18B40C301843C3ABF0940FBFF66B781717
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\css\app.css	ASCII text, with very long lines (440), with no line terminators	82ED3803FE588612414785FEEE1CB679	6AAAD59F8333972C0542722DA918C1921EFEAC2B	72BE8BC995AB7BA18A0D06EFB7B796D6106C2C75AB2FBA6FA936D3346C9AA239
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\css\chunk-6f3fa244.css	ASCII text, with very long lines (3931), with no line terminators	5DC22477D55658FFD971858A095053AE	5D8A5C178795ED464978EB1BEEC7F2E67EB441EF	DEF95FF18D6D836FBDA7285C8E588EE81C944DF784E287A0CFDC315D347CA800
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\css\guidePay.css	ASCII text, with very long lines (7193), with no line terminators	E319F8D7B0085DF9AC206041CFB85395	766306B38053AE35001DD436E1514E5DC04782DD	151DEA83117A05D033293ECA9B441FD729886B4ACEB74FDE01354C5877A49E77
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\ai_parallel_translate.png	PNG image data, 1080 x 624, 8-bit colormap, non-interlaced	A4B1DAE7E9FE6775B7C69CD3F9220DEA	E7145177046A4D896A6DEEEDD1DBCEEDB7F6CD95	3108B2F18368B7A06D64E66DD0C965124FC987A4F05D10FB8C098C020D2C743B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\ai_photos.png	PNG image data, 1080 x 624, 8-bit colormap, non-interlaced	A6BD9D24A4F1EA14FD16EB8EB2AEBDF1	D55A3DE9D1E87E01D207E7DDACE3C7D2AB821EEC	AC21061881346EE9866C9659369CFF246E667BF1F8D2D8FDC82AD2E0BE96149C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\ai_slides_premium.png	PNG image data, 1080 x 624, 8-bit colormap, non-interlaced	485CD0724AABE000088E92BBDE3C457D	B94DE1186B69E5E190500564B069726045AE1D35	3C760C00F0345ED954E5BE0A0DD2B50E964A7372768FB0748401A6D2893608FE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-ai.svg	SVG Scalable Vector Graphics image	FAD436DBF1A52BE40F0E2BBE724BD62D	F9F205DE8B48FC8AF42F373A4645DB591EC9B3F2	54D0A1935E7498FCF29C58383AB4EDEABA8E6239A106DE9F7C721FAD24AED497
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-close.svg	SVG Scalable Vector Graphics image	B9E3DB8EFDAFD746A07B119FB66B93D0	C1DD8DDB41DC14CF61E1C52A12519297B79F0C99	3FA9BD1F34E40BC64A77362A0F01A310A426C0F0DC96EDC25A0D5214224C666F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-cloud.svg	SVG Scalable Vector Graphics image	7BB158F65E574DB12A8091F2FD5661E0	6508D44F99DFCF1F0FCD1397CFFE1145CBF98737	B818513DA694A08E11C899933D505FD02FCE08D3CDB642DEC808B0FE2D29A985
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-costs.svg	SVG Scalable Vector Graphics image	AB6697EFEDF50B60A7C9E288F0A8C054	2DC46F7014BAD2214E3EB5607A680367D4A44D6F	5F887505E1800CA7508A36929D249DFE849753D603A06DB92E5FB0017AD166AB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-discount.svg	SVG Scalable Vector Graphics image	0387D7F4EA6B8F101F982196F2EFD60D	744FA3A44D1FBF1FB4B0FED8C373FB36DF2069AF	46522D41F35378D45D547BABC6B9D5E7BF54409FB4E67550E949DDA6570BDDB3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-down.svg	SVG Scalable Vector Graphics image	1C27F3859B8381D7B2765464844804CF	E428E17B8E0B55050D691CDD91E3BB56B383562E	7D73E10BF5A9AAD71E337D2FF23BD5E74662C3B10872BABD89D21A5F405A24CB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-flash.svg	SVG Scalable Vector Graphics image	BE0142FBF6DD07F0C3C342E924B0308E	58DAE85D15B7342D8A249F605FBBF76D986D69E9	659D3BE5C74215437BF7921A89FD5E677E65BAC8795E4F1B274083B1ED082A14
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-multi.svg	SVG Scalable Vector Graphics image	8BDAF5F69E8844F35A6342E3FF777A11	28DCDFCB65B485E33D59F6ABB324261A5ABDAEA8	E651803FD734E42921ACDFB87FD99DB41306AE8E1D736BBF751C09A725B706AB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-new.svg	SVG Scalable Vector Graphics image	D4E5D01B288ADF98EF054B328EE6CD07	5A07DF28F29D881B4D2FB6C74392A02CB6581981	CCC09AE726256C127CD020D1AB3182F3C42D6EC740BD96ABE222F12DB67CBAE2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-next.svg	SVG Scalable Vector Graphics image	4D58FED3BA17E2497BE73C060000A0EB	FF0A9D6B652C3074EC47BD15E3088E8B87900C59	3E2039AF642EE8AEFA9AEA8E345E39F76655D82AFE05600307639DB2431AC070
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-ocr.svg	SVG Scalable Vector Graphics image	C9CE8124491AC0C62D08EE60620656FB	A001E2FB7F417130198447F7B9E3FF971F37831D	0D1FDA1FE751BA37D7F61A6CB64D9FC59AA3E348FDB8C48DAC0667C260213DD2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-pdf-conver.svg	SVG Scalable Vector Graphics image	B168C2D4B36E6D28EDB899CD46720779	517253A2116D1F6654E2739EC9C8A3C3CBCF67F4	97FFB3BB9AA963C2CD6BE1FCD82B15D972B6337F50A5F9B4D279D96DA65B4F2C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-pdf-edit.svg	SVG Scalable Vector Graphics image	901A158ED37FC35ED90DA7A0879CE0CE	B70BF91E16D55848935ABC8864CA711A51800402	AA15A9F17D0BE73CE3A14265A903B60EBBADC6C4C1272D22019210B33CB5A23D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-screen.svg	SVG Scalable Vector Graphics image	18A08AF3C897C963A1B5F65BE94D0F0D	0917609DCDD25099BF092D325600E4702CDB7836	E820A4BDC5FAF54FD7A57DD8D9800F8CE734D2AA487739008879BEE13A440523
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-setting.svg	SVG Scalable Vector Graphics image	5DB6041EDD9AA8ADE03E710EE18005D3	8AD81A0010B3E85A8B23E62A67915EE7E0558BF6	F1957B76AF90F8AE1BBE68169BC24884A1CEC0CA3979D55C389950CADE1FA9B9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-stable.svg	SVG Scalable Vector Graphics image	FBDF8048BDCFA06F1748120CA970FF3F	D32A66E6CC89D1FF92F4C68F0147E437E7519A2B	3A09F4F60FCB8D7E50AF21BA7160BF970DD83C3FC5966C92929B96CD05038712
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\icon-template.svg	SVG Scalable Vector Graphics image	96AE40448F5AE73CF286FEED838F2D31	4FACB2AACCD8666C87BCCAC943CF0E01F07451CE	75739606F55E365759D4B11BECB8DEB68F32C694650D40E03C12B63ECAD5F80F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\html\img\loading.svg	SVG Scalable Vector Graphics image	544223E85768FD134633A1AF9D5BF536	5536A0023DDBFB2AB67E9AD8CA4D38C60F413B9A	A3DF9710C7E09FD8CFFC14BFE45F5A1576DEB1846CED44E5050B34CAF5527049
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\icons_svg.data	Qt Binary Resource file	5A1EC2D91807505655F959DF84C58E0F	A3E06FF9857851428B6B0D4284EA2930A75F7266	B8C593CD2573CF7E4BCF90373A83EE18B40C301843C3ABF0940FBFF66B781717
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\shortlink\css\app.css	ASCII text, with very long lines (1029), with no line terminators	83A68C2C85C5F145ECAA9413C88691B6	D1A020800BEF51B4D43C676C0E88EBAFEB9C8D1B	A8C3BD7978E4A42EF7D926C3CAF2365847E92ABB091E7C11ED36614138C5730C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\shortlink\css\homePage.css	ASCII text, with very long lines (580), with no line terminators	E2C45FCD2C69DF9F496B2BBB22C6D48E	84AFCC60B11CEA137A017AD0AE114E9E32527619	BA665F18D5D56CD4F1D8019A7DE6C5EAEA80536A42F94CF3446FEF497BA30069
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\shortlink\css\multiPage.css	ASCII text, with very long lines (2462), with no line terminators	C7740E680AE5B57982D15AB38E10AFDB	526AB869FEA8E88FF8231C2B866A0C73DC7D0E38	961AB1402D1A5746B2394B7E032C6BA9A3DB6C7BCF531DCBB5202A37A8F0E2F9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\shortlink\img\icon-close.svg	SVG Scalable Vector Graphics image	443AD49F8D1FA9E366534B547C321CC1	0D6BE081CA866642FC0807D1C1F661FDEAA7A580	C4BCD8B8845597087720FD45EC897B059C14D7D334D6AC2E24D896FD74C39EC1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kguidestartuppane_xa\mui\default\shortlink\img\loading.gif	GIF image data, version 89a, 720 x 562	C1F84A35BAB3B188F418AC182A4C1925	1CFED637D9B8C29AAF283C4CC9C3A7AD5C473D54	82D8414B3B6CC2EEC424BB3467A0E2D5C7B29BD98051E2ADC4C86B071C2059B2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kheaderupgradenotice\res\static\css\app.css	ASCII text, with very long lines (8994), with no line terminators	6DD627056AB7C6538468942102F2ED76	C92107B689689A9186F4B12FA9D362F636F64F28	BCA331AC236EBEB6923E5F5A5FF71BED6428C8C4EB44EECAA871A7210FA97245
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\khelp\mui\default\khelp.data	Qt Binary Resource file	D0D4CDF42B240BB0CD2CD68EBB7E5693	F51AF020293472D50CB9D304472CE06C7E3F51FB	D8C730118482F9385B2902A84A1797844DE80FB1786DE3F12C78092A319E366F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\khyperion\mui\default\khyperion.data	Qt Binary Resource file	0BB9F030C02B0848A721CF9E255264F4	C20B6CF827828C203DA7E323AC58B11EBC96C400	66A61A9667D70B79EDEE1A2761C54E02562DB7945F77D5DAD450F02468FC21B5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\khyperion\mui\default\subtheme\res\2018white_dark\2018white_dark.data	Qt Binary Resource file	CC0565921ADE4897D56DD19DB103B97F	161DA191621A975DE553EA156A14BBF4509A7A5D	9939FDD73A4FCE783F5C2C8F2D96D15411102EE2A1B9DE25A5060636C460B318
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\khyperion\mui\default\subtheme\res\2020platinum\2020platinum.data	Qt Binary Resource file	72EE47859C13321B88CA58D13C9EC5F6	F6CAD4B7C33210D92B37FD71C4A3E0DA982EDC57	B14872E177BE71E07ED0FFA68D4DDB7992D2BE764DFBF5726DB6F07B3E94325F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knetwork\rpclimit.cfg	Generic INItialization configuration [getUserInfo]	1FC0A30A18FC9E0EEA5B36356F633A1C	4ECE92F2EBF8B1F68F1E838D3E24EE2AE0B4F1D2	C9B61843D2A685A9E70CB5569768A7D7AA1278A03D50009444A003DED87A46B3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\mui\default\icons_svg.data	Qt Binary Resource file	98B45802B12AFEFA01335FEAFDD2D621	C40259CD8DF1124953001B76F743D68541B3BE69	15CEA5575B61AE0D5FE1BF22702575F5BEC188F82ECD1AAD454159FE5B590371
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\css\app.css	ASCII text, with very long lines (38859), with no line terminators	A092BBCCEAA75338B349C357CF456692	B3011843F394ABFF5DACA98E90E39002D5AE3DB3	63920F396A55D8E4367D04554D1EE19BBC8B6C33C017162CB47202063C3BA44E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\clear.svg	SVG Scalable Vector Graphics image	A4942B621D041F346D37927A0391F4F7	E196509FFE921890A0774F1B24BBE87C240FD8DC	D26DD251F42CE3A2A4D076CAA8FB9D5B9B2F6DB2FAC019E799CD42CACBFC7517
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\clear_hover.svg	SVG Scalable Vector Graphics image	1B48F81507D181318DFFD67E7EA045B4	6BEC8007438387028B28C347A312BBCBC26748CF	9FE6C864DB05F8A5377C01F9A11FB1223AC6F1C967636555CA9831823671F8D9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\clear_press.svg	SVG Scalable Vector Graphics image	1B48F81507D181318DFFD67E7EA045B4	6BEC8007438387028B28C347A312BBCBC26748CF	9FE6C864DB05F8A5377C01F9A11FB1223AC6F1C967636555CA9831823671F8D9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\close.svg	SVG Scalable Vector Graphics image	841FA1F1704D011FBBBFECEAB77B1CF4	F78C14C02528AAFF6EBB0A3D37E9A75401DEAA6F	7B7CF3863688D213933C17A42A12DBF1F39ED11C38B87B6981308069CF39E473
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\create_blank.svg	SVG Scalable Vector Graphics image	7BF6783F95D16BFD110E4134193EC0EB	7DBEC5322D631BD1606709CCA8D61B9DA001F5D5	C2A0F377E5D65D3CECB20470D96C4BC81002402B9499998B68649A2B0C319A42
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\create_file.svg	SVG Scalable Vector Graphics image	3E12A5473674059D130FEE6CEC80C65C	38AFD99AC831A00626AEB3CD51FF1D49DA24617B	EF017A8DB5B76C123B636BFB400144E3BE1401BB7FED48FB8BEFA974B8866FCD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\create_images.svg	SVG Scalable Vector Graphics image	30AA11FEA48215BF7BD95F89BE437BC1	C233310091394D743A79801B5AD3481BA5D663CA	D12BF41A10DE914CB065CB0C7E6461ACEAE54DBA2168FC4BFF63F598B22DB423
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\create_open.svg	SVG Scalable Vector Graphics image	EBDA2D9D672479EC53CF93096A8A11D3	7A1D3BF054E5F074812EF59B2EC927F135BE465B	D27900D6556A04BBBF29716A2502E4948032220A4C63C4BB789FE0C81C7A81FB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\cry.svg	SVG Scalable Vector Graphics image	BCC80F2F52AA30145DC3227DB7EC1727	D14C6247AF30FA3C0599EC6C15B75AF73ACCEE43	7E0A9C25246115CE3D7D66F43ACF89411FC72E39E96B9953B85F3FF7A345B132
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\docs.svg	SVG Scalable Vector Graphics image	EA2BBB57D7774C3B8269770F17876BFA	55C6946E9B1993936CCFBC3D50102B87977EEFE2	2EA96A649A6BDE1EE99C11409FAE4942F84D4E0D6FFFC7F7D609639393209328
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\download.svg	SVG Scalable Vector Graphics image	E5938A82AB6657DBEA601FA286373AE0	DE706BA8660485B79F5B03EB90BC1CC5C83A2D9C	A7B39AEB45406CF985AC7418A8661FB6C3C2B9A48EEB75760E80B27EA3C2D15C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\favor_active.svg	SVG Scalable Vector Graphics image	869E7972D2404441DF8ACA3455972AAC	B023863F27E516E71162DF19FD1589358C8F88FE	1E7DC395C7C9224FF20BDBD0F3913BCBDFC4ACF10398A3766603DED7ACE55070
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\favor_normal.svg	SVG Scalable Vector Graphics image	CD7028914227205AA8D1E6C394C2E8D3	72BC8B826EC41039E9AE0D8BDE8C71379EABB933	524899DD07B8754997AB3F9E46D7D1B3BA9AE2DE1E95E32EEA6EC77FD0783B0A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_batch_creat_pdf.svg	SVG Scalable Vector Graphics image	17BA16210F7E053F4388AE6F904163A2	BDAA127CDF5F144804C5E9B2253DC16C0BD38AA2	5C10957468B06F5A0621F7269AAB856B89490F14BD0FAE652D1556520ACC90A3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_batch_extract_images.svg	SVG Scalable Vector Graphics image	91AB7B30870D7B4AA1408284748C0F07	C22874EB9C1CE1E3418945CB9C537B1ECA0370DA	CDA8D3A339E2D1B2489675D1BC7734A717343E9620967DC5ADAEFCEE9BD8CFE3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_batch_pdf_convert.svg	SVG Scalable Vector Graphics image	C62AC6AAFDF49596930E5BB66747B312	828AFF86BB72E8D275064A2AED1ED0F60ABDD1F5	ACC845118B6CBB8551586EC1359CB786109E743DECEC643BEA4F0725D195D837
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_batchprint_24.svg	SVG Scalable Vector Graphics image	DBAD4B05E1E1E333D43BE942CD64F939	F3E5FEC95A0B08BD6E9F3700138D21AEBF87EAE2	C73A0B21BE9C6897718C8F1AA2F5C6B1D7CD8C0A264C336B3F3BA0ED85F57358
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_cad2pdf.svg	SVG Scalable Vector Graphics image	7419C017A88026932B1229089C3ABFA0	9F3F08004459EAE0CA38BB83DC748E5255D56080	477650C8482EA6808EEC1705C76F09773CB8AD5723FB266DA572A97384A3E6FD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_compress.svg	SVG Scalable Vector Graphics image	861F2A46D489A3D61D578EC6B1AF9ED9	FC860B6640C733864B97EDDE3FD42E364DC9E94B	A2D1EFDCB760C4583A5D52551D3CCF05A959CEE10D183903AC5127E7BA38DB90
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_fillSign.svg	SVG Scalable Vector Graphics image	B3F681FA4FCA26E00D7D681B2C411173	9D498DFAD10F48866BAB28DC239B86107BBD45C2	E2111759EBDBF39D62C0BB97DCFED08ABAA4164F7D7AD0E3F0A85BCA607E8F5B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_fulledit.svg	SVG Scalable Vector Graphics image	BF2BA952EFA9CF87FD228F64D1B58312	9037FD36335E2E1B050451AF8E64374BFBC823BD	9FAB261448F1B005AD096D42BB783E1979380C4405E4CBAEF23FC51FE5FB8D4B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_image2pdf.svg	SVG Scalable Vector Graphics image	56FD909B6D4F9CA24A95F5B5B523DEC7	ADD8AF79F76745F8DA2E48FC429B0E12D377F5FF	684F052E882FD63A4D54A2592138F59D5F38C158AFB7ED03C7119DDC15B652D8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_pdf2cad.svg	SVG Scalable Vector Graphics image	D8668CE7D2A3B41C2BB26D0BF940BBF4	D5E70C00A955C15E02A9A54A3F73001C7305E57A	213FFFD0097DE29ABC0232EE4DEF6F031B0F98B964DE716D88617D47D00D77D8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_pdf2excel.svg	SVG Scalable Vector Graphics image	E0EB90E199F5FB59E2E27CC5C39537AA	0462AB10791158036560E5C8FFB5107E2CC9F7FF	3A0669C2033CD270C121D607DC0BBAD6814053EA414047DA5220FB0ABF7CEB05
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_pdf2image.svg	SVG Scalable Vector Graphics image	0F6926C42D948A918F2AC635FC4F279D	067E98FA01D56B9E9442FB8F9BCF168382B39290	3C0AB3D4D3F5177E864D48713CDC648DB6AED6D25B7A46EA34CBD44B03336034
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_pdf2ppt.svg	SVG Scalable Vector Graphics image	4054394327F4447C9E1178FD9C66A7DA	2D64F6E782D8B90BDA4863E257252199A9E63D85	7DDED1833603972D35786A40BFA9DE6980808C3833CD155277A4EEB7438CC90B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_pdf2word.svg	SVG Scalable Vector Graphics image	16088A86E47D143867A933E2369979A0	6FFDAF669B0F492F805619D959645D58F8273D11	A92C7D4EF8CE1C522FD3D7478D9B3636541D3DA52E91F59433197452E6A6ABD9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_pdfMerge.svg	SVG Scalable Vector Graphics image	977DCCF060E2ECA1536E92451B900163	24E6664FB5F9BF8D67BC27F9B6F0D83C895D4DB0	FCC230326B5B125C260109861944AEF77D66BC24FA4646B09D3E209312E548B4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_pdfSplit.svg	SVG Scalable Vector Graphics image	09B60EDFC28AFD70869D484AA2B7DECB	F19F85A0BCE5017631FB292CD0E1C785EE476B11	D1F35B8BB4374C228168FF9BDAAAD90BF13ACCC618F03707C146AC0648AE2751
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\ic_signature.svg	SVG Scalable Vector Graphics image	3308BF32D2E812AFBECDF39443305C08	382BEACE9F4772B25B59AF664416EEC0E780991B	8626A6BC3E56DA44E856E3988811EE0AB8977C6C9F2C33667F53AB8647AF0530
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\loading_l.svg	SVG Scalable Vector Graphics image	DA9B7F3833D4C4275F4D1B317432935F	A363A0DDF59E683FD5AEBF5DEE7017AE7B090028	21DDB77A5E94798FA00224363EAAA7FB70AC947D1A6E17EB522A609DDFF6C79C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\loading_s.svg	SVG Scalable Vector Graphics image	74CD32D5C2F19496E05F2FA04F9E06A0	8EC0F865A0588BA463421A096B2D09CD03493758	384C1B8F60E8E9C60A2E992439C64E7141BC1DD8E767170BB8B748BDC31C6554
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\more.svg	SVG Scalable Vector Graphics image	5C5A8B95DF871A2839B6D1698073DBC9	09DFC0EBE8B32A80107A920BAF677111090AC81F	A510D27E821C695A211350A0BDAA8F5EB566106BE664E5A7F62BCD0F6B59B067
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\noresult.svg	SVG Scalable Vector Graphics image	EDB5EF41EC86706E6170C1F3603AB040	AF15A66A520787A51CE1886E09A5FE13CA14C712	718B6BFBCCED0EEFC441E3E5682BDCCC8A5746E67B105CADBFC3641E40AC9D26
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\premium.svg	SVG Scalable Vector Graphics image	3F7D24629A0CD0A32BF66D6F434B0FD6	4D35AA1DE5A205FAF3AAD2B1D1F88192F64816D5	E06E916546EE439F887FA3119F6576A29B16C46C4F7844ADCD47CC306873DEBF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\pro_hexagon.svg	SVG Scalable Vector Graphics image	C0C8CFEDD0C825EE41E014390C35D2A3	176B9E0E7E2BB4F6A5E79CAA1FB11AEBF4EF8859	E3EFDFE0F2EEC3C8EFF447B8536265B53E2DCCA3BA3673B4B2030E8156C298D7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\pro_rectangle.svg	SVG Scalable Vector Graphics image	ED05497E2B44DA98D5BF5B1CE0CF2E3E	C318DEB2569D6AE2282987289367D42822EF47DE	B3FF3953E32949778515DDB7AC60C489337D961863A62608DFD303236B2B67E5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\retry.svg	SVG Scalable Vector Graphics image	94CC687E1D6A11F6066B7BC73A56DA62	B85A49466FD3B70102A2A023B0DDD0DDF9B8C294	AD52A340192893EB807494291D212574E287BA2F317D057462617DC4F6F76481
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\search.svg	SVG Scalable Vector Graphics image	E42FEBA60268DD5F90D7AD878A0532A3	361460B58BF7434C0E178389F0C7A3D17E7CF33F	834FB40144DDCCCD5711CE10D340D1CF75CF56204EAA1141A91AFF0BDB7B7122
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\search_close.svg	SVG Scalable Vector Graphics image	116277BFA0448DFCE2228DF42EC950F1	34BF70C64DDBEEF46BDE4277C34124A6461CC57F	57F937A5B1418F4474FBDED1F8E3A06A0672CA9AFF31A86B667BAE07D8B53A1C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\see_more_template.svg	SVG Scalable Vector Graphics image	89A61A0939035EE9A307A9DDA537AE00	ECDFA57586086A44A6B9C35F6EF1E8DDB0371B99	43B2CCD873B8394B03EF734E4D257821D62F9A995923855D913987466CE6915A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\select.svg	SVG Scalable Vector Graphics image	24F7330CD64A1498AF898506C6A3E25F	D255EE71C3C0EEB9AE52A42AB194BE549162CC55	CD5ABC74D01909086A416DFE561B145855761AA3147A33A537A6E203AB96CE13
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\sheets.svg	SVG Scalable Vector Graphics image	D1D229F761A57DAD3B82759E6EDEACC9	03D376D5B995AE711C6D9C5F3A9E5D36A230836A	1BBEB056B6D95855621B728AB51B4D681909DFAC6B9D116B1E8E014ADA37493C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\shining.svg	SVG Scalable Vector Graphics image	9167CFF0EE41F719E089BD91FE1602C3	D683DAF13B0219311B91B82BD10498637181FABA	C81CDC9F6AF95B119B66A048B2F9A45985A76542A3A484ABCC3C1BDA0FEFF6D7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\slides.svg	SVG Scalable Vector Graphics image	1857E5EF44DAA6FA5C92B94A100C57F3	5DCC5FE50684C9403F84CDFF42154D8E936BFDC9	5B41CB78BB19146580AD74C7E88EF2C3C8A88849E984ABCAFB76071D893B9B40
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\smile.svg	SVG Scalable Vector Graphics image	81E039320ACB99AFBCB19460D7CC40FF	D4C17901A8D1E1F05A12E3066069A823FBED47B6	87005C76B3FDB05BFD5C064004DD21EC316AB6DB8BBD029F202420EA964B966F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\trash.svg	SVG Scalable Vector Graphics image	63C6C38A34685E69B169D11A713BEA34	651202466F9D061730D6C8AD5089A684BDFFC790	B37CC49AB7BD2F69F0394179299C39F9DFE533AD258CAF6CD0BC8796D150EB5D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\type_all.svg	SVG Scalable Vector Graphics image	538C69CC45C637222AB3BB932E884FFD	0F79121CBE6E69BA3A82B109CA80BB49B58F041D	9B6EB01CDC958AFFC89627CE76C2F344A612E50A988B6370016FB9FE1ED90C03
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\type_docs.svg	SVG Scalable Vector Graphics image	834AF3C26B87D860464AFBE9C73D2663	2179F21B8E669982839AF8D8B3F9729B0314D826	2B3967B33E0912F0CCB5D27379057627012BD2C08FC32206905F9037DD5509C4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\type_pdf.svg	SVG Scalable Vector Graphics image	1835336AF9FB2E88DED06346BAAC0873	36E536700B5DA9D70BD09B2DE95C985F399BB9B9	82A1C8382CECC1BF073275ABF19A07A006AB0DD89A582BA383E022ED12D9790B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\type_sheets.svg	SVG Scalable Vector Graphics image	B3D7DA20048FBEF044CC50005E3B541F	6477F9FC9A2AF1FA331CA80576C899C85C667B78	CDE70619E1BF3CA553D8C81444B6D5D78EA2508EAD395BF0FDB4E6E390C94A9A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\knewdocs\res\default\img\type_slides.svg	SVG Scalable Vector Graphics image	791CF5ED9483772959F3BA5FD970CB58	FE38150B995B209D7792E4612654F497D4F4D391	CA4E3B0FC2F717622488184F2CD2500004F7FCB36030EA1F99530A4FA03B7F32
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\koptioncenter\mui\default_xa\html\static\css\app.css	ASCII text, with very long lines (54672), with no line terminators	F3BF0D711F7E7A56CFB3C6A925607B42	CDAA57236ABE9A113B09BEE8C83F5593BAB0032A	BED2B95C0E48227286ADA4A78409F52D559D88626526BA325402C58AE777D719
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kpromeworkarea\mui\default_xa\html\static\css\app.css	ASCII text, with very long lines (65536), with no line terminators	77E5B18785DAA7130F738564B8F09168	C7106C6FC37298B24A5E85D2E491A88564335BA4	D7A1635A2818D3E68BF750DE0A44D70CDE7076CDAD69D580BE4287D42A7174ED
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\premiumcode\app.css	ASCII text, with very long lines (40245)	85FB63B155342B98A28E7B84468A7920	3986FEE1C8F1F58AE81D2E70C335F81627C856BE	99D08E7A86A79B01E5A1E28DBD8B54074A3AA0A75E413801ADC1DBCA358AD484
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\premiumcode\element-icons.ttf	TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh,	732389DED34CB9C52DD88271F1345AF9	8058FC55EF8432832D0B3033680C73702562DE0F	A30F5B3BA6A48822EAE041E0CA5412A289125E4BA661D047DAE565AC43B4A6B2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\qrscan\libs\img\scan_login\guide.svg	SVG Scalable Vector Graphics image	7415DFC67B4716FFC98199D08B872252	F63324C20E4C658E1F1A35064229C55AA9B27001	9C2BCDC61BB2D3C21CD2B1D300652E032444B5506B10749E3EF41A351816689B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\assist\loading.gif	GIF image data, version 89a, 72 x 72	A0A1A4631AA04ED6FBA64A083E239476	241892834D80DB16B78E0F9EDC926B5DC217D0B4	9A437409D5A4393137AAA5E4152E4737E0DF91354BD574AFA13CFA9C2940D6D6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\assist\loading.html	HTML document, ASCII text, with very long lines (32065)	75747FB811A4C0FF9CB24C2263E57F20	DD55907844F2F75D0DBE5255EEEA650FD4FBBA0B	9AA4789494A061D3E4128E55EDFC250C7C0C6E25B700FBA6AB3CF9494395C46E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\10.css	ASCII text, with very long lines (1304), with no line terminators	A6F7CF0200182C07B08CC7BDE0599C16	B58338CAE8E01DA5DE695F03A00FC9A6257EEA99	D928029DFAC434111973B3FD2B79633DC880138D0424059589EC86D53AE24480
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\11.css	ASCII text, with very long lines (6768), with no line terminators	51B9E0790FA96D6A1F405DF121F47C82	D4F67EA13F21ED573CA17D48D8A6CB87B472B915	D01DF184AFF2CD348AE692F386A14EAA9FE5E4A55DF8CD74441113BC94C71F32
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\12.css	ASCII text, with no line terminators	0A1172B4A6C24C04979C055DFD72FD9A	88B7C949B2F465DDE720FAB6E3B90C3A5ED2A5CF	3DC2829E7B4C35CBC37DFA982F0A91289348CD1E40395526072644AD0339889B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\13.css	ASCII text, with very long lines (810), with no line terminators	FDA516528DA38805F6F088A6ABA6E3DA	A151E3B9A0BD688CAE942CED26085657A508F3A0	5C9FA560C69ED88C25C2C7165CF0591DFA6924E2CA0A6B162B29D2DDC8469030
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\14.css	ASCII text, with very long lines (407), with no line terminators	7D86C3648F33007D4E928C9A1350C290	3C5B5621B6DBBA9D55DAB17FD41BFA7ABCB6CFEF	37A0B44050EF94AEB562AF6CE9F827BA836E65E13D008ECB08F664794A447F16
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\15.css	ASCII text, with very long lines (1852), with no line terminators	CF262E9A2480FBBD3DAF00C3B663D73E	5636946C755BBE3F96FD02C9147A8F3BFFB02A93	CCB6F5A312F57B416CB1A3C373C73589A4A10F31556B1835CF83029FC3712B5A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\3.css	ASCII text, with very long lines (13201), with no line terminators	BAA5DDF82693E7DFA7467A314C303EF5	39CA46C9011D7250E0CC74487E8820CB1C12804F	120DD1B63467FE90B776D948A2C27113483DB23AF8C8CCB79AB3C72B03E96AE3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\6.css	ASCII text, with very long lines (65536), with no line terminators	D2F977E3E7DA2D76C054782A0341C38A	4D63365518CD4DAED00F15B2B56BE41697255AB1	8F85A9FC1A75A4B72AD7977CA28F48206E48A6887417CD238FEBF3C22C07BC54
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\7.css	ASCII text, with very long lines (52167), with no line terminators	7CD5D015A1722C4C40256936E7FCB492	F04414F6E37D44A7DBC491F6AF0AC9B732DFA08A	888A4F7D55575951FB8B9CAF904D861F40E8398A70E92498FFE6665942FF2E42
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\8.css	ASCII text, with very long lines (5091), with no line terminators	BEBBEBFEA1C7A4B292A3603829BB3F61	881DDC6642658EF97BD1BD329E28EFD495CC113A	CBA99FD85A1D469E2370678433B51C4FF0EEA9404B7B6236F3DCFF0C8EDC1464
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\9.css	ASCII text, with very long lines (4287), with no line terminators	B616202D7B6AC465D7C778029A773B47	81A3A46F14A0BF9D8C5DA0D5F34B163DD7DC2E45	A98CD70E1736B49E441F656620E62D78B14467FB6976B43C352F25061AF7A3ED
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\app.css	ASCII text, with very long lines (33901), with no line terminators	6CB5B48B8A9B599561619E10A52E425B	5301363F65A6D5252DB5DA0E34AA24F3471B4C52	2494453464BF47478BD85A935158CF3CE5F498E87500B3E1CE9A9CBA59908016
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\css\chunk-vendors.css	ASCII text, with very long lines (40628), with no line terminators	87CA3F9F14003300D746655E42B8BB1C	5503F407BF0EA0596EFA8F356507E5801FD7028D	8A73918B2A0376A41829B8C82AD8B6F485D70EF551D42E6F4EF54EC44BA44950
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\fonts\element-icons.ttf	TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh,	732389DED34CB9C52DD88271F1345AF9	8058FC55EF8432832D0B3033680C73702562DE0F	A30F5B3BA6A48822EAE041E0CA5412A289125E4BA661D047DAE565AC43B4A6B2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\Star.svg	SVG Scalable Vector Graphics image	9F0CA1CBDFD9BB3630087A21A69B3E1D	ACB119612CAD0CF19982B30844DFC7C80E4CC0D1	BDA3BCF44AA2D674956AF956200C74785C06DF1786E2C2382F287DD11FDACFAE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\Stripe_2.gif	GIF image data, version 89a, 484 x 246	C9F9004A2B0351E59476FC2B30EA1B05	9D0B68CFE68A1079BFE85E49E1CDFC4B15588444	4FD93CFF1B33520581AF040415C33CB5A1AC8D520F4B0CD23C63A394CA48F7C3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\Yes.svg	SVG Scalable Vector Graphics image	D0F700F193ACF57EBE09D553D0620519	D6B1B175977ED5772A71C9D1FE7BB3B2085885DC	544A695B3845E583BB01DF2F56D0D10108860E660299F6D34B0084554C628EAC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\card.svg	SVG Scalable Vector Graphics image	28C9780077485ECD75356843DF21EB06	0E707EC39397E319A09C40BD8AC17E57178A0179	F1ACB7FE220790A24D0BB50F50956F60FE0DC9DD5279D3C8B2FB75D0D5F6EE61
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\checked-box.svg	SVG Scalable Vector Graphics image	910E5CFBD4C1DD0B88B49D1B1CF8B4CE	AD3FB3CEFF8D5A1F69B8DBA115A39B30495E15EF	FDB6AFDCB3CF65BFA06536D3C5EB4E0E3CD2ABA76552338E6D737B810DC02D82
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\close-normal.svg	SVG Scalable Vector Graphics image	F0EA5B6F910A53C6470BAE5AC2BC2259	334E7D66BC612491DF8C44E000DE9FDBD5178CC2	1A68696C2D6A9E768F029110FC34960FAE684A1FC0F0F69BEB240858469CFFD0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\comma_down.svg	SVG Scalable Vector Graphics image	2D20F104070147D3C794EDCE91F66CF0	E0DA2E2BF7444CDA4D5AB00C1C24ECC06DFD25E4	B3733721F0CE2FB7C9F1B30493B2E712B3CACECBC93E1363C52F9B0703CACB1E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\comma_up.svg	SVG Scalable Vector Graphics image	E1FB4B4D04D09B0702B41AD2318FEDB4	94D4BA40EB2E0F866105BEF820537D8E5F5883DD	89E9B96F6029A5EDF6E3B2B4D4F5C398449D4E6E961ED35425C9CE156BA3E2CB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\custom-loading.svg	SVG Scalable Vector Graphics image	741F05818D30809CF886483C1E27EF6F	215DD2E02C5DF95F516702D7ACAE13EF1A7B1B4F	C6E73E50CE296C6B2C907CEC018DF7995923B981441F383230076234019A9DAB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\cvc.svg	SVG Scalable Vector Graphics image	A286AE17280D481FD992822C60A0B187	F776D3738F4BC15CFCA8ABF9C87A397019CC7D22	FBED7E39F123779F6F65857C4C3D3B586C0A26A238175A56DE68B662DEDF2DE9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\desc-family.svg	SVG Scalable Vector Graphics image	458D50BF37034DBF84F7FD26214FEA1D	128712E60D8404EC1820370559598CC7694CE9EE	6D395C0CABC987E2F18DEAB5DEA36D2B30C93044E8430F9DD0C5C810C7BA096F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\desc-personal.svg	SVG Scalable Vector Graphics image	D3933EE006B936BB757194AD63479E67	22129DC999AA28D5CB7BAA2C9206C2373E89E03B	E7CF8004895D3929ACD97F3AEC8E14C78A81947DD231A4B417DA4CC2CF07791E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\down.svg	SVG Scalable Vector Graphics image	45009FE67AB8A0CE78F83C5E8E5D5DEE	4131132979C6287EE348D20619DAC5B469280EB6	C95A06EEC9BF8B68A2254EF8A620009CF1AFEDDFA75473CA574844673D26EF61
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\ebanx-localcard.svg	SVG Scalable Vector Graphics image	5BBF09A582D6C28DF7F04258607D82B3	4EE72380AE2D530218C68BAA2E5EA2561C9DF3A6	FF09646CFB842637926627731045D971E18B977ECAED40A000058F721983E20D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\exclamation_point_fill_shape.svg	SVG Scalable Vector Graphics image	739B063645511EE728E2F67FE8E95DA4	4F222989D7F674F1866846C55A30F58E161A207A	D414E75E2B9849A2BECB668A8379E484B3D2C9C15CD3DAFAB69D7942B1BA8AB2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\fail.svg	SVG Scalable Vector Graphics image	85DA59B7F1B7255F725FA0AA2C080E51	52B70A841991E104917EF692EFC6C393D0BA4C75	2448CCFA81643B605550A3B8ED5AD4D4EDB41964EE2A34DF83881016E6C841DB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\flag-triangle.svg	SVG Scalable Vector Graphics image	C394E6C8B1E4B6D952A6427D4097F7AC	722CCBDDCB8A4F5C69F8C9995E79321C299B89A5	CD8163EACFA210C0B4576056E73550FA8D3C2095D24A9488E02CC419A2661F9C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\flag.svg	SVG Scalable Vector Graphics image	85B6E89797AFD474F9BDCE790D6A42E5	3D3ECCA1B6C328B01F10484551FC334A0F1C3EC9	CDC5AA8C6C7270A09C687278C63644DE08A3C75346F099C1DC704D11ACBF30EB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\icon-check.svg	SVG Scalable Vector Graphics image	A7A97F1A7AF2C6A6E7A1981075377424	992834E043F14E190B3FADAAB1FA2E73D1737367	CB2CC4E3087653BC0379B985CBB0D067811581DBB696EA9AA3D250928892ACC4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\loading-icon.gif	GIF image data, version 89a, 32 x 32	FA5D785A470C025E6E07515BDB3445B3	9931AF29A88D62C9449F517239B6CAD59E916628	26C3A6602ED8E3B2D81F5B47F23B5781C3E5A7AEDA9BFAFAB82B0451DBBD2F66
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\loading.svg	SVG Scalable Vector Graphics image	544223E85768FD134633A1AF9D5BF536	5536A0023DDBFB2AB67E9AD8CA4D38C60F413B9A	A3DF9710C7E09FD8CFFC14BFE45F5A1576DEB1846CED44E5050B34CAF5527049
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\loading_gray.svg	SVG Scalable Vector Graphics image	6713430942E046897A4AAAD8EB46E6A9	211850E6ACC9D4F18836EFEDD6C7A86A87AB94B3	4C77B572715060F63DE00B0E097C6BCE85766BF5686290377D14BB7481B9CD3E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\pub_menubar_more.svg	SVG Scalable Vector Graphics image	6737BDFDE782BA132F0238A4253FE11C	851577801DB32D9986D4E65BF0414EAA7D084F4C	5F070D82E095C09C9139B319B14A040FEAE0D37495497664AC107F144842F932
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\rectangle.svg	SVG Scalable Vector Graphics image	DAAD4E672C9777D8587A6D1091D9D097	03B975FDCED104DE737A09DE536DBA0449EBFF05	750319E5FF4A279E1E678BD4B3E183B237BF2F13322147FF946B828B66AAB7A1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\selected_green.svg	SVG Scalable Vector Graphics image	56F4FF1F18FFE7D4A645AE6A98234606	BB6AC245185C9491507C633E9F4F3EE114203337	E964F6C3C756EF47E1608DBB531DB7434152B867EF211EE6862C53AB1710D04E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\success-icon.svg	SVG Scalable Vector Graphics image	1D5187491CF1153E715F2F6F3961F19B	3432D27982555885A73F4D39F65C14E937DBF0C1	F1EE9D922F0F5CB941BA92524AEA6E9DEC5E7A646ED3C5F885D5726BF8966D81
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\successful.svg	SVG Scalable Vector Graphics image	10EF3585D9649927430741BCA39A1B0D	6707B74F2FE89B59607B2711B13771A2DBC9AC55	0991E2824025CEE268F395035C3A5D6D339AE885AA14BB80545FFFE028F3A09F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\triangle.svg	SVG Scalable Vector Graphics image	B395EAF17964CA313B2514257AD3D873	F9F49BC95ADC63F6385F87B80A472CBF5AE2F644	A2DF5D28D55EE5D6C78FFF4348E8C3A0435374792C81B0B2F053158E40455023
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\up.svg	SVG Scalable Vector Graphics image	3A2EC212EECA969F59EC05AB56908D51	A1CDBDC8850CE8A1B9F6E4A8509D90319BECE2AA	2C758F261F8CFD01688327BF86601BB333F345F885D2FF985D97A2FE00E1C992
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\img\warning.svg	SVG Scalable Vector Graphics image	B9C0AA394131B05B67DDD4841C7560C2	D4BA3773531B546356FE4F99361E87A7FD9AD08F	4C9C6CB0ACBFD3CB6B130253CB8364FCF9DFA88C81BA5B43A0DB35B7F78F7451
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\js\0.js	ASCII text, with very long lines (10534), with no line terminators	6E3B410D5FEEC79C3D80842B7B58CA21	5A9EE51F83DB000690F1266986ACDFFCD0D13025	D8016861D7A86B0F25B2AAF9C94AE8D83F707F29C67291FB825578FA40EA7424
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingaccountsdk_xa\resource\vippayment\main\static\skeleton.gif	GIF image data, version 89a, 830 x 600	D625F38BF7EAFC93C6E51A5C8E2E789B	10038E3012A05FA08F1069F63802CB8D2C8AB1D8	DBD7710C03325F96C02E4738377514952AA779661002FCBC3BB31C876B7DC344
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingdlg\kqingdlg.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	3C173F74F7380F3FDDD560FD7FD45EA4	74AE502FEA531025C8D4909781B67C6C095A6483	1D79520F9D9D836E70C600B6B51BD6CB4BFA2CC2B079886EA95887E86C0D9A5E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kqingdlg\mui\default\icons_svg.data	Qt Binary Resource file	017A2793A9B73D278D815DEAED6B7DAB	D3C2AC7BE86120145139FDC0691A7A8847F48622	8F81E39D333C6FB0461A1C95982EE5AAA48CB4D3152EDCD1992CA6E526B07F68
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\krecentfile\krecentfile.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	254D3026E1B4C201C973A17756415965	AB1A304DB98E898D2235C1F7FFF57EAD8B1CF53D	B594BE0E09DF871E30C6E9C1CFAADB32441925175A329BD58462DF804B2185F0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksandbox\ksandbox.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	53E75BB62077E66C64B006B2F28449B1	250C58192447838436B26A6584BDCB293E20C87D	1E1A133EB90BB27059A70C177342DCAD0528B6ABC7C26ADBB506E52B7A6EEA31
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kscreengrab\kscreengrab.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	3BF6E01E5DC600064F0258C928B51D53	485A4E3BD315F421688F414C0DD7E0D5FE3025CE	99DCB2C55B0015354B5E2AE8BFFDB1A33879217C0B71C27AE58B24D89D8EF2D0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kscreengrab\mui\default\icons_svg.data	Qt Binary Resource file	9F77D10A81776BC1BB9328D0D68CCBCC	4E7F236F83F52906061E030492540ABB14D54C29	EAE53576BF4E7A03CB2E9126FD073D40C377367B7F13EF70B1ACF6F3392D76FC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksearchpanel\ksearchpanel.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	EC7DC6F27AFE6971D61AFD753B30EEC3	440CB08F14F895AAB8E28903B798C21A1F279362	7ADC6523CABEF96925ACFE041235F2A80E14E47D7E0FC50AEAF4D8B32541B6E0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksearchpanel\mui\default\html\css\main.css	Unicode text, UTF-8 text, with very long lines (1472)	A03F46ED03E807FB010A94ADD97C7782	36118D6761793603DF4BD1D73F6BE3B6EE83C4D2	D02E7A1DC1A0EECBC730150F55B42AA1905A5D7FB9339B40C141AC2FC8ECB926
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksearchpanel\mui\default\icons_svg.data	Qt Binary Resource file	49E7147C4936685AB1D36CFA9AB20F73	A9A902CA74294911CAA380CCC930C6FF8C0263A0	7486D125A085B93DE53888DEE73E5F1444FEEBDEF273E1A29744696CAE0D57E8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksharedoc_xa\ksharedoc_xa.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	A2989DBEE6B963ACE74E981BD36411BC	38E68F266D38EE838FC9BAD136B51DD9F4DB0905	08C49A15F5766BA6A3AEDDDF38992831E514477CCE8020AE7A742085CAB29885
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kskincenter\mui\default\html\static\css\app.css	ASCII text, with very long lines (65536), with no line terminators	4156BBDAB86B558B277E46057F779C32	309CDDC6A3EABCC530CAAE8CB2D7EAD971037F39	B49989C192FC013A5B1C9F782C0C870EF1FF574F0311680765BFCE16341C4182
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kskincenter\mui\default\html\static\css\img\empty.svg	SVG Scalable Vector Graphics image	CA83A2D7A03179B3448339CB41A2401E	1592D92C2518BE830E534E2CC6CC6A4388F45A61	05FA08CCBF3AE1829A9BF2A2087648F3E52BE33097582A36C6A1846D2ADA469E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kskincenter\mui\default\html\static\css\img\error.svg	SVG Scalable Vector Graphics image	837A359A0E8632EBD9DFBD7C21E77725	56E3D0A3616E91767039C1CD9AABD08622C8FD43	FAAE1FA52D9BD618D02191C47FD3D9A1402DBCC11C1CCB24139A1BFED0BD19B4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kskincenter\mui\default\html\static\img\system-cover.gif	GIF image data, version 89a, 200 x 112	5BB9BCD7ED6609B527511ED9414916BD	41D840088DAEE2421F405469C3F07449DE36DE8C	20B63104B9969FE3DF4DF9B217B4416373E00FE45FD01E90D1E5A29EBD8B70C4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\css\374.css	ASCII text, with very long lines (65536), with no line terminators	36D51F66380F4344D679BF30A580D102	B7F9B430FF87600D546F24E42BEAC68008F3946D	2E4CCDD5230D4499A05EC4C3E98E621E983790A1719BAF11CA22FE6E4A472D63
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\css\entry.css	ASCII text, with very long lines (14372), with no line terminators	63BF630D2FF0FE658E8B864582E9CD59	8C7AC1CF8CBAB353A739F8736F8DE2B8CAFE5819	38235C4D8D6B95D136C8E3EA778B46DEB330F387F6C7D8D0730EC8011C3C86BC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\add-score.gif	GIF image data, version 89a, 64 x 64	AA25BAFF2C2AD0254FCC4143AA1DFBF9	660A4CF161667978EF3A9648DEFBF27D8EE63DE1	27423A3D4872F1AC30A5E61FFE74107DCE062D8F2373D4D5D4C75FC965D98E80
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\changeLanguage2.svg	SVG Scalable Vector Graphics image	B892B6984C38FE2B295C2CAEE9096007	9FDF0AF2C4B815974670DE80B236CBFCDDE9410D	09AC112987F5D28431EECC20F3970F54F67BA1BF83D9197FC0A5C4ECD62985DB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\clarity.svg	SVG Scalable Vector Graphics image	60D6295263205458151A009AA6F146EB	DAE30842346E7E3BA9304173FCC2AB7863A36143	5AED23A0646DB5A8ED032DD62AF9781854B118EB6319004234FBABA31B7B18D3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\close.svg	SVG Scalable Vector Graphics image	AC767E57B7A8BD0CED6CA87CEEB539E6	5B718459E9F86654A81109103B58AC054E4A7612	E876EBF320233109C033EA12A3FD3CFD8118F3CA4679A698BD078B236169C3E3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\correctness-arrowDown.svg	SVG Scalable Vector Graphics image	26C5E03F96D70A1D42D5FDD21F75A8E6	093FE43EC82895C42832BA8D906C6D36728CF2A6	5317A4B2EFFC2BB1ED16C2E21455A64196957201C3CA467677F8697372019637
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\correctness.svg	SVG Scalable Vector Graphics image	6000B2FF6546BD9E5B027A127CFB7469	B0E280ABA352F756E5BA66D272A6B83794FBFCF2	DA0936175DDC3A83117A35F21CB377A1D4A85672D5BBCE00A10CEF69D549E481
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\delivery.svg	SVG Scalable Vector Graphics image	2DF33344EFBEF5B6C60C7DB6A0ACDA38	893187C316E049C1C192AC795B34AFE510A3A81A	94CA9480AC2F2B42EC93DF6350C72CDCB1E05C9D1B02370017E8A64F6F764CB3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\devide_point.svg	SVG Scalable Vector Graphics image	4960D663DB4AE88A63737100D8DFB3E5	9F742F8500402D5B68A34FFC4D090FDABF721826	2FFF083A987244C48C0424BEB9EE5BBB94953BF2DB2330D3D0DB749C1E3FC16C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\dict-check-arrow.svg	SVG Scalable Vector Graphics image	696E4682CAC6D998F0D91DA52B01BC47	8103E1B8E3F69C19D21158218BA9A4C1A3C706F5	058570EAD631B59F7A76EEA59DE4B877BB16BA7365143A8315EA353D3DCC179A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\dict-check-btn-add-dark.svg	SVG Scalable Vector Graphics image	6BC60F04C8AA7A420EE8D4F5B5B37115	71BF50A5F5D5DE074F015D2935BC41E38B472D0F	7FEE709290FDB8648E16431E425758CB4D08735130057B9D21F3F8A946524391
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\dict-check-btn-add.svg	SVG Scalable Vector Graphics image	8C2E00EFA893C116E4A10EDDB47C16AA	313B1C4CB75CBFB323E0222CE725D4BBB0B22469	39E3C39F3FBCD89680A7DA9D0D9CE69CDE0DEDB5ABC794F596326D68C13D6CC3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\dict-check-btn-ignore-dark.svg	SVG Scalable Vector Graphics image	FD3C5B2F774CD70E42613AA1209E78AF	4937C77CAADE9ECD112FDA37C86C68777B8A4484	D76CCEC0E8A70D7706F3B9F15387B11799EBF320C12A25201A8F1172D8F1DF28
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\dict-check-btn-ignore.svg	SVG Scalable Vector Graphics image	5BB6F66C8E1FFE0B9890A17B19AA6A5D	2273FA7DC65AD3E2F479FA90E5A7BAA516D7B6DA	F29AC5B4E3B4C11E3834BE146DFA1D98CF9A81BE8629FD20B1089444E5623D5F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\dict-check-checkbox-checked.svg	SVG Scalable Vector Graphics image	D2C4B60E895556AC9A3696C70552CB14	E00A9312E3FF3C7B59D6A464A687B3340B3747DB	DC48D1DE1126C5A3282C7571A4CD4AD7DDE13739A5203761C782A8B5FB5E6128
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\dict-check-checkbox-unchecked-dark.svg	SVG Scalable Vector Graphics image	91FC886429BB62F71EF2B777249CB2AA	3705DD56206F637435308090E5ABCD3A7377A621	A4D4D59FAF1C49DDDD95410E5DF16E075AE54AFB5E98B26E8401106AD5AB9307
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\dict-check-checkbox-unchecked.svg	SVG Scalable Vector Graphics image	2B3B3725A0B30D55B647BF586175D0B0	B033F1AA1E3097BB849F6D47A7DE763BEC2EF1A1	34A48986E44D0E40D678C668AA19785682D9E18E0D6B07F0E154D9F4EC934055
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\down-icon2.svg	SVG Scalable Vector Graphics image	C844BFF206CB367684F778204F16A2BC	33CFC7BF61B35E137241C2C40F51080D318BBE2F	ECCA939F3A4C7B83B2D4B2CCBFB4640D1DB27E7B6BA7F27ED1E521DC42A3F85C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\engagement.svg	SVG Scalable Vector Graphics image	20F88463E72FAE0197DD0E48E9E414A2	5702B11AF9F4B8F58564600AC14BC062982C9E80	B1FD4FEA17BF7B00C8210423A7E000CC9F322EB43EFF979B682C4C527ED9E4A4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\ic_info.svg	SVG Scalable Vector Graphics image	3AA44432DBADBE96C4C431E53D155E81	2DEA56D8FB0210A55B4B0B5E9D3FAC1C3ABDDF5D	7F07E8011C28F0E47A1C289BE9E1EAFB9A0667B5A382728C4421F77E9D492886
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\ic_retry.svg	SVG Scalable Vector Graphics image	F78FF681FD3CD28417BF83AED3965EC4	5DD01EF347BC9401055DBA6084C19097F6A2653E	A03FDFA95BCFA432B4C0A7713B1C108187AD03F065EB55DCD6153C573DC1AF10
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\icon-checked.svg	SVG Scalable Vector Graphics image	3A5269D1A30EE1B969C452408818B15E	7D0EC30D5108A6DBC78FFF1A0AAADF35131C95DB	59CEB1D8418CAF57C37251EE873997A18FCA68DB8021CA145F07C50590526CA7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\icon-feedback-dark.svg	SVG Scalable Vector Graphics image	55D12D541868F3CE095E777C8BC436FF	74C110155796C7EEBB247431D8EA67DB60872CE0	8455C056D37EBC62E179E6912D026048A9EC412F0848A4842ACBB6CF8279262E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\icon-feedbck.svg	SVG Scalable Vector Graphics image	EAE18150CDD04CECA45C11653C5AD7D7	C2FFEAF70ED6909528EB2FCED72EA4BD3FD7FC6E	4FC62C212D276EDEF44706D26DD9B1A2D2604360AB61C172AF6ED7E77C6B49BF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\language-dark.svg	SVG Scalable Vector Graphics image	A6B4FA0B3559922215461B6BDCEDA1DE	9E052FB477E1A796395C03CA4F26D121E7FD0E94	9E8E3430FA90478D13D199FFC9250A1EC08F6C6E93489F54425A8F8512C813B0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\language.svg	SVG Scalable Vector Graphics image	5F6E4E8DFFE98660DEB6F650931F18B1	1AF1C545541323C172DAC3375A5273CD9A6B5C66	B603DF0D9917B2FED6090EE12BC23EF755BAF130FD573A5E80824E1DA279FA28
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\loading.gif	GIF image data, version 89a, 96 x 96	BDD9E5C342B24F9F83288441BED594FC	BB4DB16C75F15FC8B4497209AAD509455430E8DC	0FE6D1F2178646E8F49AAAA573353EBFA4C07AF722DB75E0F1C28299F9097DE3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\lock.svg	SVG Scalable Vector Graphics image	05D67968B6C90A81A8CE4A47BFB66147	5A08AE4D1D35EFA5138D028627C3DD5E416B3063	6C7D99C114017F50D64DA0028A4F7B916B95BFD6D5C8E7171F00B4DA761F9286
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\lucency.svg	Unicode text, UTF-8 text, with very long lines (321), with no line terminators	BDB016F5A18DA7BA4ACF82349B987111	C82953C222C6B57E8D855897355AFF20B5C52E9A	B4DFD7BF6CB964BA60DD1BEA260D2EA4C7C182D9A7FB1E7056D21F96895E936A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\rocket.svg	SVG Scalable Vector Graphics image	1326D49531C611C181B26904E0A31581	3B754FCA4356C6B9539913B19F01476880C21C9C	4F0FDC43A9CA06359EACBE530778BC31D084DC14C1B86F02ED095F8EBFF50267
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\set_arrow.svg	SVG Scalable Vector Graphics image	CB04709E3A2F6D50A25F15BFAB0D944B	634B7E94D3B58E95DEE8558AB5BA065CB2DD87BB	26DB284A7C7F78EDD7A3D55E68515ECC43C97DBD89937BE44BCEB3938DC0045D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\setting2-dark.svg	SVG Scalable Vector Graphics image	C7D45EFB03AE7A85B5E853A8F2E55066	02E095A986213EB70312377272B63712502B9262	09BA49B72F30926F99F77A37B8CBA270F87491AAB9080101F39760EC359FB9BB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\setting2.svg	SVG Scalable Vector Graphics image	D3B0797D64FE9C539365D218B1FF202E	F63EB76ED082B66495BF9BB601704492737698AA	8B43B7FF222118CF1631B98369CE7AEA38CDE13EE99AA006066C57B7990E164D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\setting3-dark.svg	SVG Scalable Vector Graphics image	D62743ACCE966BCB34206588712A73B2	88F6DDD048570E6A5F5C68A50764409AF70854B3	A36AD4A412844A6D413CBECAAABA78260A4D638BC69EBA850220F1D7B75320E8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\setting3.svg	SVG Scalable Vector Graphics image	ABEFC8EA85A7E417ACBCC8781A6CEC26	6013C8D0DD83CCE20FF13555A01E96718925E014	F9139797D86BE0C37A9ACDB62185297D1E01452EAF1AC3F58159D256AEA1C92D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\success_blue.svg	SVG Scalable Vector Graphics image	FA0C133DE0EA31ED4F210F80AAA5B033	CE2A2423D699AB269C94147C097578ACAF7E81A8	FC15C8CC1D02C2A9C9EF0A16F615F2758C92E2A0983CC8E084E586E35AD1A1B3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\success_green.svg	SVG Scalable Vector Graphics image	DFC72C3D245FFDEBF2DB027AADCB71E9	1A1EECA3EA109C251647DD536052935FAB80084B	3F8B4FD044E65C757D3EFECA9853EA46BC50F4918133A77952F8A4B5789E7ED3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\success_pink.svg	SVG Scalable Vector Graphics image	C9BFE05AB43A8E866EB3CC1DC299DE2B	EF25F987022D697B27E50755AA4C9B5BDC82A355	AC9C0F2022A382B467FB4E801730DE2AAA01287C9618643C9682690C7FF89582
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\success_yellow.svg	SVG Scalable Vector Graphics image	6AD2548864F560B4CB04128FABC6DF16	60C7391293FE72FD43EF84260C3247C805788898	FCBC6BD5A9282176295051EBAD4648E6D12475B0176426A1CC20598C77CF5D81
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\support.svg	SVG Scalable Vector Graphics image	8960878DF61EA86F2E96FFC0688EA0D3	62FFB6DD6023305FD7CC2E4540595072DAA594A2	E4745ACDBB24A12FD30DBEB58710B76837DA4D7A2C9177D96A67291E3F9E72B1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\toast-icon-succ-1.svg	SVG Scalable Vector Graphics image	C2F5553832701DFC07EE6052DE2F7076	C1C2344E9D84DAF8A6C56EE49657352C5BDD32CA	4EDA6A017DB615D162071F14B81F4131F6A9510CEEA61A70EF05CD5CF1BFFBC3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\toast-icon-succ-2.svg	SVG Scalable Vector Graphics image	AE5D3446AD11C9D2C016ED7E89E9BA4E	A5783E01F4E932E0396E09B58C2B3118005248B6	A28EBD86EA3ECB1D1FD3810E3F5C5607DE2DEB74FF360587593C1AA3303C433C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\unFoldClarityIcon.svg	SVG Scalable Vector Graphics image	7C28CF1F86E969D927BC57A92A447491	6167FB0DB420BD68EA6EEDFF18612CB8D6196F71	801A2DE0174768A014CCC96DCB2CFA0A29284F292162E6A43E1861ECFF7B1F10
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\unFoldDeliveryIcon.svg	SVG Scalable Vector Graphics image	EACEEF550E18AF1B2458F944DDAAA934	55692F51BC1BCD734301350DE3BC0729543A610B	9B376D3EAB8041244F655BE40083365FA949857441E72E69CF2ACE7453A64E48
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\unFoldEngagementIcon.svg	SVG Scalable Vector Graphics image	C02E384B7B44F5352FE83AD5E1AB288A	3FE8F186D742B5D4518A038BF35FC6A2EF7AFA73	A9B5C5EF0EE86A2524074A649DAB5052713EAC4898B05BC770DEC01DBA540E9C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\updateStatusClose-dark.svg	SVG Scalable Vector Graphics image	F2E1F9E97A29F4BBC81E8240382E3D68	ACDD2EE1630789EB0FEE1B1271D405B4BE0BC9E8	49A4CDA0E5577EF6AF5C05E7B5EEDC9FFAB9AF36BED8DB8A326F8886EB5F13BE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\updateStatusClose.svg	SVG Scalable Vector Graphics image	D7FD5334C39A02C107865FB04208BBAA	2975B9440E9AF64608C75ED1647DA1A85AB8B22F	9A14A67665FC7F2B01442988C6125E8B421B59721E0F18EC50A23EEDB360B6C7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\ksmartspellcheck\mui\default\kwebwpsaiassist\static\img\warning.svg	SVG Scalable Vector Graphics image	5CDBD1178C7F45423EA186CE8A9AAF12	2CE8D939A86CEB558DA2719323785F4F30C60A26	0CF2213D6019DB4F89DD5AC99B23E8E0044744228A1F37D0539689C18D8661C7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpage\mui\default\htmlappstore_xa\static\css\app.css	ASCII text, with very long lines (65536), with no line terminators	83ABF33F0495952A1AFE9B5226624E08	423919F9961660B545E6A609B0CB1CA5D36D9064	3AB81496B059B15DA13A6D6240B1539D145C8C9AC0DB33DD3B79F777447CFF76
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpage\mui\default\icons_svg.data	Qt Binary Resource file	4D81F9FE07D999FCC8C265D57EBF142D	5A9B483D6BD019BC2F8E63DC68EF9DB5328DA8DF	9841C85541D83260639D7E054029D9E5265A7E6C5C59422B603CBFA96D0DEF43
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpage\mui\default\productkey\html\css\app.css	ASCII text, with very long lines (13330), with no line terminators	84634BED3ED6C65A670405D4BB049847	5117A6FF0DF58EEC6B6218648FBF7D92254D03D0	F8BCBEED29229B892E71CDDA27ED4FF12F4BE8196FF3A17FFA34BBDD3CCC1D4C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\css\app.css	ASCII text, with very long lines (4429), with no line terminators	014D4FD67D37A1E8E34918BCAE9E8F8F	26E2F42DDB1A4225EB6E444C08B76A1F2B33C8B7	87E788FC4877A35D9D397D8D7C8FF474FB4133030AA6DB58AA8DCFF789FAC1BD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\css\banner.css	ASCII text, with very long lines (3664), with no line terminators	55A3521DE910A73E479DB86FBFAC32CE	520D6770B15D6DEB146FD1BBF3E382A88DA831DD	A62703387811DD24AD82F303A619CBF9C5DD22B5514D82B255590EB6C4BF114B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\css\dailyVotePopup.css	ASCII text, with very long lines (4887), with no line terminators	7FD05F1F6818AE10A93EE4E1C6D10CBD	29540FC8D02B7AE2761C6512E2605A2DE9ECA2DF	F203452D6DC3C18A35573CED2064BF93A221706E15872E970CD9049867270DBD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\css\dailyVotePopup~rightPanel.css	ASCII text, with very long lines (6522), with no line terminators	CA0F1B6F76B42DD853953A4EB30E3E83	498D3F0FAD5BE53935161A69193E1E9FCA66A613	AF1C9B13F1DAA93C73C7F0C769B09B14AF6DA95CD1833877B363B4CBDDF07FFB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\css\rightPanel.css	ASCII text, with very long lines (1394), with no line terminators	52151FEAC47D6F4873B1AE982101421E	EFA65E5FC84F7E47602164409A34D39A212325D7	216A64A6342C364911B07B0D782C9FDF7C956030587C8A4E04ADF1AA833E6357
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\css\rightPanel~rightPanelApp.css	ASCII text, with very long lines (2784), with no line terminators	9CB3DF9F2DA9A52F23B287BF29BBD4E2	348E099C28A03061648CCE6B98186E08B0042DA3	93EAB1D5480A8524B977D02237E1D2091EE9F5D06859364BB17F56A41927AE0F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon-arrow.svg	SVG Scalable Vector Graphics image	AA23F9134808F186C128E64847A3E5E7	8AC1198739BE3430B1FD1E564AF019E7B525CE4A	E65B224527878C0095B53D65CB07D79B7B2DDCAFE285596160367D822EC68914
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon-close-hover.svg	SVG Scalable Vector Graphics image	2BA5639AF3D54E842950DD70111494F8	F893FF8E9EA8E7DF7512CA51640B3535B8D36603	34BDE4A261024C7F1765684836CA58DF2928D35069B9E35913A79274B22F60E6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon-close.svg	SVG Scalable Vector Graphics image	638AFC2355D020561133690E6EF849BD	1014CD4CC2B7647EF82044DBACAF0D6926AACE7B	3B315EFB51C084C848EE511DC462ECA1B28A6B1C149AA4BEFE3B98D26281DB4B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon-exlarge.svg	SVG Scalable Vector Graphics image	675E0D800456BB06A01A15A57988C384	5BECF129F59E99B16A262585D43631F5D98BB301	041B398D946ABFA5C1B4626AC65945A17970488A465B871A63EC33336F31C933
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon-flash.svg	SVG Scalable Vector Graphics image	836B13380AEAD91F11D1D270D1512B00	C6521C1CE980664F17B42DDC07FEE4B6E563E1F6	994B8735024B797920CC2CCA3FA6F8A5E5AA12137076101A5C35790F55FB8FD7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon-help.svg	SVG Scalable Vector Graphics image	EB76C2A7821A14767651BA41E9855978	22521BF32AB06E2A2F7E0A96D703596613F5150D	F9413ABA200DD8BB2195A0C1A9E05DCED5BB0763F082FA5D4D0C222434BD970F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon-pause.svg	SVG Scalable Vector Graphics image	A824F34F40AA416C36794E2CD4277668	D73F4214DA19804FE021DB8CBF6AD9AA93F2A5C5	38F66C15981ABC02211595D8747FC9DCF37C51CAC7C17C34A513AC169A3E5636
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon-timer.svg	SVG Scalable Vector Graphics image	A1AD304A354161BF022711525BAAB760	2B77FD9B6083D16ED0DC8C3D78AEEF1DFD64A283	92631C5DD14D40251971A1E0B5F71AFE16556E04B11C1F3FF6F6BE6F00906AC6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon_btn_blue.svg	SVG Scalable Vector Graphics image	A37F56AA7AC67CD60ACDE65627CE5F7A	AEEFF797B0A1D9C253B5409C53D15C530C512706	D0D680C1BB995F21B92E670BE064D58BB2305A0DB319ECDEC6814037814EA017
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon_btn_yellow.svg	SVG Scalable Vector Graphics image	D24D3ADB2AA8E3EA39C1F80E8F9A3E8A	A5B79EF0864D028E6479610F48DEF71106AE42A8	D8DAC14909AA5306E9285FFDBE6BD439CAD1F239608056F39C8EE0E90D1759F4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon_future.svg	SVG Scalable Vector Graphics image	CC3FBB2206B22FFEA92B62396469B5A2	9EC7E57435ACF5C10C0F29F1CA35F8D2821E6014	F727B2D369BDF8C9614056BD7A0C21677F4A81F5D666017CE11ED68029265D25
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon_not_voted.svg	SVG Scalable Vector Graphics image	C2B61FC3B74DB54A37AC619361400980	8B9A184E6DF2770ED869D9EF0003F03AE0DA6587	72DD2251F71E3DF4C520EA69F0FBCCD5F26ACA509C0232F38B8304C943C6E293
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon_ratio_blue.svg	SVG Scalable Vector Graphics image	621430AE5E5BECB8C02B4379E5DB96C2	046A3D89FE3A4611091B6383106E51D06E1310F3	2C283D02B170CB94F0B34BCA4E02A2693BF96C63ADC4421998B0E239589CEABE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon_ratio_yellow.svg	SVG Scalable Vector Graphics image	50EDDCDAD043778F2C1404E24DF3E827	F972E98B4F419300DC5E005C9BCC088EB32DA55B	FC514114AB37ACBBAA643C14FEC0C9D639ADB62D7E234BBC299D4C65E9359852
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon_today_no.svg	SVG Scalable Vector Graphics image	0D13B1E4FB1C3CC4D33A5300DADC4791	37C3C7CBA0FB5E06538CF85755FF49147C478A28	6BAC9266CE19E7EB16DB8DF235AC92BE3AC615F17DF0B013C8BD976DBE7E413E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\img\icon_voted.svg	SVG Scalable Vector Graphics image	9EBD8046A73632E40D8B1493E562E82B	FEE7D3031BDBB923683060C3538302D90D0A25B3	2D37DF341B9B7F481B8EBCE822B7A896C459932245C2C2CE6F8F484DD17F849E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\popupVideo\css\app.css	ASCII text, with very long lines (1029), with no line terminators	83A68C2C85C5F145ECAA9413C88691B6	D1A020800BEF51B4D43C676C0E88EBAFEB9C8D1B	A8C3BD7978E4A42EF7D926C3CAF2365847E92ABB091E7C11ED36614138C5730C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\popupVideo\css\homePage.css	ASCII text, with very long lines (580), with no line terminators	E2C45FCD2C69DF9F496B2BBB22C6D48E	84AFCC60B11CEA137A017AD0AE114E9E32527619	BA665F18D5D56CD4F1D8019A7DE6C5EAEA80536A42F94CF3446FEF497BA30069
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\popupVideo\css\multiPage.css	ASCII text, with very long lines (2462), with no line terminators	C7740E680AE5B57982D15AB38E10AFDB	526AB869FEA8E88FF8231C2B866A0C73DC7D0E38	961AB1402D1A5746B2394B7E032C6BA9A3DB6C7BCF531DCBB5202A37A8F0E2F9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\popupVideo\img\icon-close.svg	SVG Scalable Vector Graphics image	443AD49F8D1FA9E366534B547C321CC1	0D6BE081CA866642FC0807D1C1F661FDEAA7A580	C4BCD8B8845597087720FD45EC897B059C14D7D334D6AC2E24D896FD74C39EC1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kstartpagebanner\res\popupVideo\img\loading.gif	GIF image data, version 89a, 720 x 562	C1F84A35BAB3B188F418AC182A4C1925	1CFED637D9B8C29AAF283C4CC9C3A7AD5C473D54	82D8414B3B6CC2EEC424BB3467A0E2D5C7B29BD98051E2ADC4C86B071C2059B2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kuninstallui\mui\default\html\css\app.css	ASCII text, with very long lines (11239), with no line terminators	699F8B2F3C06B62BD53ECCD83A7EE6EC	C581DCB9BAC6023E230EBF88DE7E7D8EE493F000	2CC900E48824A32064778BDFE1708E06969E32C3706EFC60C7B4F09A6AF994E1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kuninstallui\mui\default\html\img\close.svg	SVG Scalable Vector Graphics image	B314773F52D02F9D5FC88081D1AD082E	218D84F3537A6D8C0AF7F98C7D14AD79BEEA08C9	E6C90003C6DAA8A0E837FA43C73C1D125859C3C3417F72ABE031C396B6B063E6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kuninstallui\mui\default\html\img\facebook.svg	SVG Scalable Vector Graphics image	BE32DC2B5B2C4BBDEC36E33C8F96FB35	A55424710B6A05DF1E4F4558023E2FEDAEF8808C	1324EF27575AADAFF13A49AE1DAAC21CE3100F11335002308E680A6A93C746E7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kuninstallui\mui\default\html\img\info.svg	SVG Scalable Vector Graphics image	8B06529245638EFAD0E808511D287873	FB6D25489728672EC653CA4423C39CA77D292A50	28D0925A5E9378653A227A40F193FF1B350061B3B17194DAFCCD3E9A13896DE1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kuninstallui\mui\default\html\img\logo.svg	SVG Scalable Vector Graphics image	CCCC7BAFBA28458D6B56038CF14C97BD	28CFCCB2D86E4A026A8A112F99C5D67CC64CF623	0255EBF317B1FF0BEB79AEBBA463B078A7D5039FB8FD071ABD75A628E026F341
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kuninstallui\mui\default\html\img\minimize.svg	SVG Scalable Vector Graphics image	B85A81242334FC239A0CA0CD82D2BB24	E4C1CFF1DDCC5FC17D446A973FDFD54F2FE1A023	8E82EF41D255DF5A7FBDDA0EED15AA65AC8846096A12FB83F449E2554E0E698E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kuninstallui\mui\default\html\img\success.svg	SVG Scalable Vector Graphics image	66A9F989358061E95524945114CB3272	2E50D65AF4CD9075C05819AE97725FF643C724DF	6FCDC20C6E03B2FCF6F61D74CD53CCF69F0A20296057083C6C2FEF23AD751762
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kuninstallui\mui\default\html\img\warning.svg	SVG Scalable Vector Graphics image	2120157D9E069513CE72461FAC384282	64255E38516FAD0DED77C46F58479AB2EB018EE3	8163F575D169467AAA68C8EA96330CB328C52D3E627001342283FB89991736A1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kupdatefeaturenotice\res\static\css\app.css	ASCII text, with very long lines (6733), with no line terminators	C9A9943F63BCA40F5DEBBCE48826AE01	C15B84DFDA9F5FBF813AFAB71896DA54A96994C9	8B0F22B7BC08CDE48472D40283FC91CC839069AC51710FD366489FA73D683D93
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kuserinfomenu\mui\default\html\static\css\app.css	ASCII text, with very long lines (11480), with no line terminators	ADD88330C13DAC07AAEA044940DD416F	1F7AD24589719F6F125866B799AE52292AE5CF84	B8151CEDA4BF28E9C291BF5CA76311B971E11C28367355AC07509379CDC4DA60
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kuserinfomenu\mui\default\icons_svg.data	Qt Binary Resource file	5A1EC2D91807505655F959DF84C58E0F	A3E06FF9857851428B6B0D4284EA2930A75F7266	B8C593CD2573CF7E4BCF90373A83EE18B40C301843C3ABF0940FBFF66B781717
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwebfissionactivity\css\app.css	ASCII text, with very long lines (484), with no line terminators	686DABFABA685362F2B3AF155358E00F	5E51C85C54DFD2E8D3E34E82142708765C3AF397	5D3B9555FCC086071C7780B47F36697F7E897FEC674BD164C5B878F0A6F1319A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwebfissionactivity\index.html	HTML document, ASCII text, with very long lines (910), with no line terminators	2C25EA0069E941AD0A82FCB8D20876B8	5B66607217C9F8C1E64EC1306541F85C22B09BDA	3159690A25CE29C9AFEE64F8FD6C1028EBDE9DBC727F8A8BBA1A9275015A227D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwebwhatsnew\assets\index.css	Unicode text, UTF-8 text, with very long lines (55782)	065BAC9765EB56E1C36D02AA26574C1D	8D8A323CC00E554DFCEED364FD660FBF08918DCB	DC52DED33357B2643D787A106353F0E24403C22841D2E36372B4139807A1D5AF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwebwhatsnew\assets\start-logo.svg	SVG Scalable Vector Graphics image	599B1F55E3F0C24D296F3F8A3F36F40F	6A20C990511CABDC934BDE010352AE4B36D35832	49552A952985172A2AFDD26C9966D9AA1D6319BD998D5B089B17587815C4DE8B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwebwhatsnew\assets\start_title.svg	SVG Scalable Vector Graphics image	6FE872F72E49BE91044C52C5CAA39849	79E1BD2F7269F65F3A7EA631081C96202E04FE62	E22893EC13061EF0C37A9FB971F5C2A3A527077E56BBDC2DDAB2D0238EB835CC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwebwhatsnew\entry\index.html	HTML document, ASCII text, with very long lines (366)	881C6CA19E45C5DFD2BC193BA4E7F535	777E68503CFA1E76A34910999D1B1A28D2778846	5AA73962EE0F83E7A316CD0E36A36459D0F5064A4ACB3BA27264A1877097E85B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwebwhatsnew\logo.svg	SVG Scalable Vector Graphics image	08F8184119A8F5E584C2255DE70F3942	A64535910E5858F6C9A8DDA95500A5CF316439DE	B9310C0736C302794B9FEB1BFC12B45915DD743079655454F1BAF79D71793CF8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwppcopilot\res\icons.data	Qt Binary Resource file	ABF45C432675B1CB4E380C559C521340	B2A4A404691C71ADC71B923666D4CAA77C573DDA	D24E627E6B1C9CE01C057C4131BE17907BBC5B77006647D7265A0A32B719300C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwppcopilot\resxa\kwppcopilot_xa.data	Qt Binary Resource file	0B7918EAFCC503058A10613515C0108A	8AE13FE0B362EE4CEC2A927FDABC0D8AE8395D38	06A2291C08A9138542317C81517F552DC360D28FDBB24F93E46B7136CD092ABE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwppcopilot\resxa\kwppcopilotcfg_xa.data	Qt Binary Resource file	E4C9BDDACD03A1F4AF7CE956B993126B	FED233C8920D8B8B6A85DF25D9EFA6268E4B6C5C	AA51D76520E6B87938F88B7963A92560403473150225C422CF45A465CD006F4B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwpsaigc\mui\default\html\assets\chat-waitting-3410bd9c.gif	RIFF (little-endian) data, Web/P image	8D73EDEEB72500CF2EC54D0E7E0A1379	A1CD6242B7A5A4D8C48FAAF099C192DE1E595F0C	3410BD9C66B17EE4DD8D08599BF78703CF6929D2D692C6B5D957869B25C00EBF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwpsaigc\mui\default\html\assets\index-0cf762f6.css	ASCII text, with very long lines (29773)	0BCD8E5FFF72C08200D885FC6A2B8EF9	31259E69383475F423FC5DD2AC31BB48E9B90CB4	0CF762F6FCB77BC2AE0D7DC8297D7FF53F82FE4AF6D2DFFF328D8DDBA313213B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwpsaigc\res\cfgs_xa.data	Qt Binary Resource file	516662F5232C1209B7B619C4670500D2	216DC08C2F77A75C4E298EE43E645A974330F228	650675EF1CF8FAAD8D460FECC9C57FAD1A43E27A4BD3CE10E439B0DD0646BE9B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwpsaigc\res\icons.data	Qt Binary Resource file	CEED019CDD5CA8BBF467342578401BB4	1C37FFDCCC8AA1AD164925D9096DC3BBE2F9B5EF	24107710B81F29BFC1F3F418A700CD64B988D3B9FAC2F2E25C0F53456ACF1CA4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwpsartstyleborder\resource\kwpsartstyleborder.data	Qt Binary Resource file	725679091F6FB4DC8D109DBA838E9506	A018477743F199078B96E08C5DF4EDEF19A922CF	68B3750A61FFB147545451D5E9ADF8CF37B208DCB8CD0211F1F356DBD612BEDF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\kwpscloudskin\mui\default\kwpscloudskin.data	Qt Binary Resource file	0D966F91308468EA683E0CBD24B571ED	A97939E028C8C3B1A20D14205BB0BA09EE4B4E1C	CA1FF7037B18234DD493BB5F8764D04CC04B7905F100AF653F673F9A3CA44E76
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\photo\mui\default\picture\compress.jpg	JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1001x667, components 3	48194B36769EB0D5B29F0C8E7158930F	AB8115B19558297F58592694D4BFA721F53C2E4D	19A8D362F72CD3888A1B16D7F2EE008C2EAA0334E693C6766347E2E4A0C58A0D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\photo\mui\html\static\css\app.css	Unicode text, UTF-8 text, with very long lines (65528), with no line terminators	9C6964B9AB731C2DCC3C44A09B3B0522	69830DA03A98DD61C53AAF0A7BD5F6969FEEDCFB	3A9DC32245C8806469F8494E990498957B459A3B57C2EF93DF2165F007C80F26
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\photo\mui\html\static\css\chunk-vendors.css	ASCII text, with very long lines (4554), with no line terminators	32D8934F95A18BFD200814162B8995B8	9E01BCBB18F2223EE54CC483F921C13E5AF5791D	3C96E5059CCB4000D437C52E73C08A30FEE7FD0A15EFB7282CEFB95CEA53E736
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\photo\mui\html_loginmenu\static\css\app.css	ASCII text, with very long lines (7441), with no line terminators	02FC3AF1B2E7A7D44E594A741EDEB522	9B652DB270E13EFC42D5A243AF42160FDA9BC403	7DFA0975D8137A173861289A881BFA34247B0B655969198EE31C7540D142AAB6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\qing\mui\default\qing.data	Qt Binary Resource file	0109E6648EFFA931B554C85A560BDD8F	A6E585A98927E6B62EA47C86C7F2D8EDCDF95B5C	7AE27283ED0C4F3C8B52C6F935F1AF115D885862C00FEFABB7B860408AAE742F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\qing\mui\default\res\airightsidepanel\static\css\doc-classification.css	ASCII text, with very long lines (43266), with no line terminators	741085489F2CF436260CA19373812E62	3418320571278FC339241C1341C2D3F44E0F2662	32A622C97EDF085C7446222ABC11663B1228174DE88A8B84103B10E29509AA4C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\qing\mui\default\res\desktopbackuppage\static\css\backup.css	ASCII text, with very long lines (65536), with no line terminators	EF304A8868CE145B9DB771B84FD3ABA8	92F39F2F38462F5D40A5B96FE891E1E85E2BD099	8C84606773C58E5F7B41ADD7043E5FEA4D4F130C69E41267B7A062C1F9053072
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\qing\mui\default_xa\res\clouddiskhomepage\sidebar.html	HTML document, Unicode text, UTF-8 text, with very long lines (570)	9033FDBB7BB3177CCEE93E4002C4AA1D	BDBD9852C5A373EE0D4E942CCCEF772189C8A440	CD9260FF7D407AB872831E62336BCE76BAA79CDF41D3F865028AEB0C246EBD50
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\qing\mui\default_xa\res\clouddiskhomepage\static\css\app.css	ASCII text, with very long lines (65447), with no line terminators	2D7202113B0EEECFABEEEDF11BE3DB86	CA6986845B4DA9C33DF05A2ED3B424A3B1CC6C6B	40A3BCB3A341B15A24CD6004891B56D3A933210A7B2603906DC5645466E90153
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\qing\mui\default_xa\res\clouddiskhomepage\static\css\history.css	Unicode text, UTF-8 text, with very long lines (38954), with no line terminators	66C48070FC43B65DE6E0E0B8103E9894	15C5E099E63E4DA0635369F081E839A10188F7E2	1BE48A326C5F829C15DBA4F7E8FF3FE09E300DC60A43F275E546D9F62F1E46FB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\addons\qing\mui\default_xa\res\clouddiskhomepage\static\css\sidebar.css	ASCII text, with very long lines (15278), with no line terminators	DD1ECCC4A36F45D745DC78D86679B298	5462E2DF8FA88E9E6A7CD2FE6B6FA15AE66E41E1	B327897974A0A17F312082EC83A925694BCD9F4A65926BF3FC2B4AD6750E4756
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\cfgs\ettb2_kso.cfg	data	0AADA3BB2781DD1C7AF180C720A1ADF6	A37CA67B8B253266FEE65B373C6854DA8EF73277	3445A1AED0E6CA1291BD5A69BA757EEDD039561FF973FEADA165109BCF83507A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\cfgs\product.dat	ASCII text, with very long lines (633), with CRLF line terminators	2E743F3067FA75FF3BCAD5BAAFAFC8EA	57AB56038CA28FCF2CE3E519A1E8F858C8BCAAFF	3927A21159FCD0049A376D60ED74449F3690D2FF95F432A3BA4B5738A478818F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\cfgs\setup.cfg	Windows setup INFormation	C97ED5A0F101F1095748FB3D2C3C982F	EE28865FAB11EE696B27FA0206860831B4EC27C3	A721F509A48CCB73D46338B0CB065BF91420189F5776580076CF68F96F4D8840
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\cfgs\wpptb2_kso.cfg	data	57CBA4FD3954170A6DA8688499D280B9	70116CB24B6B1EAD3E6BEDB4F830BBA515B41481	D8F77C5952BC488D10B4F8512A44C3C82F141B933AAC4E3F8E0898AEDEFF4BD7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\cfgs\wpstb2_kso.cfg	data	A27CD578432AC5C2A98FBC966610FC82	CAC5D4CDA493C5BD65519C1C1659546B378B7588	6846BF3D82A2FE4F1DA6CF63B9FE37DCC78E0A55076173E9F60A5D756624BB7A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\CharDic.dic	data	2C1FEB1F5D572C27250DE66B38917268	69540D29BD44F373F6FBB6A51DCEFFFC506CF9F1	499A4774F67472C38A7E3CEC15B8DBEE779A74F598D2F64D637331B88227BBAC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\Pinyin.dic	Unicode text, UTF-16, little-endian text, with very long lines (32767), with no line terminators	E1303311736C246C5625358C144EC52B	F36A606C00BED7BD9D5EE961ADA200B0008B31F4	BFBB3A30EB8BB583EC440E8F8A92C460B34A8BCFDC3FDB176D677F60C46A4168
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\WordDic.dic	data	C1D4C56290FA3BDDFCE7F2154A8E50C6	08118104CF1790B6A3F70F7881BB31214987AE2C	BB4AF3ACB31579DAC2D98840C6364713A37A34D0AD0ADD75D31806DE5B219615
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\chinesesegment\LICENSE.md	ASCII text, with CRLF line terminators	F7BE968242E666FD95E929E7521729E5	94620B9E60037E8682BCE2A27238ABFA121BF040	5C44ED62F78F2868487CB40D526518600FC52448C97E2B91049289307A62DCC4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\extend_dict.dat	Unicode text, UTF-16, little-endian text, with very long lines (32767), with no line terminators	FEF27FB699A36FE56F293135787FA94F	1E635C93201AA0D8BB2A294B9F940B1A3E925E9E	50F9DFA37AE5523392E85D2808925B65AA49A64C233D25E8F559A678BCB6BAD1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\firrule.dic	data	812E71A0A554F37427ABED3ADCF3106E	5C90DC9F8B40000215658ABE251E0CA8ECE977A7	63FC0858EF8F5E12C525331EFBD5AAB835F38124A1254093B27B796FA389B923
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\README	ASCII text, with CRLF line terminators	156A9A6D606AAA06BD99D980A6C00280	18A1252DC3B8D4D2AB18C0005AA83E49360ED1FD	942C88420B8630E4247B6E476C1B4F45F96AADC3AD3268A413D814DE1942F403
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\nl	ASCII text, with CRLF line terminators	BD412552D8D647F6E7918D802E448496	E7FE6D6D0F9D81E7C21723D7F924112F08727A60	CD3CFF60BE98D99A76D11BDB796D38D12250F0984A130572F4F6C942FE09DF77
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\nr	ASCII text, with CRLF line terminators	0FB149CE7F2768DF2388806D646C23AF	1AE03EC69724C8C2C05ECD094D7DBC9E607AE97E	70000C6D0FF5DE955440DF55AFC44A68EFBDF66BE3708005DE488EE455DEEC84
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\nso	ASCII text, with CRLF line terminators	DFF742D13693ABD83F2FDB7B632A8E15	B1692D41CAF30CBBB2558FD9FC748E02B4C6D100	F2DE1BD38DF030D264BF8C4B930FA299008C2814EA38B930AF78F65C026DCC36
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\pl	Unicode text, UTF-8 text, with CRLF line terminators	5725AF7C0418F25E787CD6509D12540F	55533E17294865447EA2CB0B205406C8F31B9596	0EDB4AB9A2252F13001759E62F8D2856764EFCAC29836E88FB4F46CC6BD69192
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\ps	Unicode text, UTF-8 text, with CRLF line terminators	B7F6A9F3FED12F2B1AAD0E1A1C69A5E3	001E1A43FE6C1468ADE86186A72A4F19339FA3D6	370C639E077EEF40B56DDB1E6597860E56B9C7803FD11522F736CAB262CEB74A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\pt	Unicode text, UTF-8 text, with CRLF line terminators	D3BD2F6D3299E8AE4FAAD78CB11678D2	8CB00D9BB0714B156E1A056BDDD7EB2B6BE97B85	ECC9DFE308C2E8410762DADDAD92D632FE80923D951B6ED09F61A8DBE6E3559A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\pt_BR	ASCII text, with CRLF line terminators	B86E2A54D8E1B24FEF9C0CF18B8C8A87	A6F7CC367ED909735FA464CB4DB36CA36DE04679	15DF569D20F1893EC5ED9A636A06006F1D8A7CCB37E0402C626427B35AAB944A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\pt_PT	ASCII text, with CRLF line terminators	98CFAF7BFD7008FA048CAFA4E332AFCE	A917D22253E9C862C1794F43A59467E137E9A065	F984B310C7C2773C73D854D7A2A5E5EC3E4934981BD73666C6FE4310675AD4ED
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\ro	Unicode text, UTF-8 text, with CRLF line terminators	82FD99DE2BA274F33DBF0AC45D7D6787	E769B5E540217F1E469210105600AC5E7112ADF4	CC72EA92D775680C2490FE5BAD41865C5878124D8815C2B0304DF46BEE28DE07
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\ru	Unicode text, UTF-8 text, with CRLF line terminators	16CD461010DD870F6FF3785DA0DA3C00	B613CC1064562FC50497696539AE2B41F3DD5F7E	5AE7B7D5BEB5A9A6620C4940A965DA9BFD712D946315FE93E5202D4D283EEF41
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\sk	Unicode text, UTF-8 text, with CRLF line terminators	45CF1E139F21E5F32DCC37F7BBEF5C2E	0BC5C0CE4BD03F084E300429C2248182F1AE06C2	97F54C3A9DECED87D8360C7BD517D2878CD2A16532699BCD095999062E550C6C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\sl	Unicode text, UTF-8 text, with CRLF line terminators	4BE94199965E063E3C92CBE7733DBB8C	107B274190BF6A71D2709A385D9ECD97B6B7D2F0	AD84C2A76A08DF07205C12B2C2946D1A5A0D492142894F830AD73BE2002236AB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\so	ASCII text, with CRLF line terminators	1420185CFFF9624AFEBE1BB9B9B5BBFF	48C8EEC622658FE7F64003F7737B509A25667E30	2354BB814F173DDF4BA22A1544A4A6FA5EFA7FA1D6B2C0946FC15E1C177DF100
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\sq	Unicode text, UTF-8 text, with CRLF line terminators	9DA8978E288A5E005F2C4F523FF127B1	6EDCE106BC1CB35BCB7A55C2EEC046CE9B444491	88487E5E26D793E06F173013201A6934255A034DABD092CDD27A0226F2429B53
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\sr	Unicode text, UTF-8 text, with CRLF line terminators	D06D8FF9A5C3AA2342EE39CEB8E481FD	BE96ACC56D6F8FCB960E624EA31F7D3FD56EC36C	75790C852E74FD9FDA95E45A50094FE51FF48EF12669DAD237C91FFCBDAEF702
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\ss	ASCII text, with CRLF line terminators	2CF09B8EC7E0B4EC3D787A0B960E4DC2	1782741E53BA2CF375D981764E6D34CAC432D86B	E10A8FF8AAC92720F65582B6D23640351022CCE1876AD65E12DA46EE3938DDC1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\st	ASCII text, with CRLF line terminators	62ED26049A42932CF1DE5F22533E35FC	A71B42420D33013925A68241ABD1341B426D543B	186496FF470B1D595AF37CA9E68ED81873901E58ADE3779DF817E6CD9DE46C4A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\sv	Unicode text, UTF-8 text, with CRLF line terminators	64C525436349D936E2E1341E37AAC20A	DCE131555445498CAE48CEC30347A5C1DBCF0558	DA1C35A0F62A256C7D3D09A3EA4FE953E6678F4A83BD2968BE66DD65003236C8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\sw	ASCII text, with CRLF line terminators	557337B2F2C8B7E6CE8D498D55529D18	4EC8124F49EEE0FBA7F7AC627684D20B3BF0656D	08786C899E84AA204C98A9A42195960AF3C3F88BF41D4263A29C5503AC56189C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\tl	ASCII text, with CRLF line terminators	3C27D00B5B7AE55B8EA39363A547C1F3	7162E0C09DC96DDD6A4592270C1924061965A02A	330D8A0DA61DCB129EEB9A83706A66817308E290D4C899415FA8FBDDF9235483
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\tlh	ASCII text, with CRLF line terminators	8B0F97F7B85435182E7BA6756D962909	165823E4D643C05D0DDF69E3E61EFCEC6B82766C	B22695BCF4AE27090765F4A8FEDF3D72D7041F62BFE3BCED18551999EDD361E7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\tn	ASCII text, with CRLF line terminators	309C29ADDC18ED29806B4848A45F8CE1	0D3546A47FF43D7E16390E3091DA4B093A85AC3B	1C8E57A0270B43C9ED38A2CBAD7F9608C2AD540D87C1B9F3C01BDE361D1E5A9E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\tr	Unicode text, UTF-8 text, with CRLF line terminators	D1084DA7804CE2210EB4EE97AE685996	B7ED5E209434F43C8E7CA679AFB2EFAEDC7A6AD9	1B475A0C6A4842326836367EBA26749702752C81D2DAC5D0842336F0620891F8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\ts	ASCII text, with CRLF line terminators	6850E84D940381D6E107EDD18358347F	A1160109717A99524086784CBF76532A6D83CC85	8C955278B2BE9825EE4DEE4EDC7888992B81CD4CDB3ECE08AC49A892450CF2AC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\uk	Unicode text, UTF-8 text, with CRLF line terminators	B3213D0A80E2A2DF99115CBD429C252B	67A2B9F080448DEB07CF5C63FD342D88F0699717	A3AC5FD96B38DD800DC26CAEEDD791F4AFE4996F572C4577C8CB9919FE36B9B8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\ur	Unicode text, UTF-8 text, with CRLF line terminators	ABFB6A12EA59EE22D18AEC62B677CD94	1504429C1F243E1EAEA996C8B9B4AD9EC1B4BED8	A1B088A9374CE40D07962ADFDFA500766027A8978061DEF50DD64D12CCDB2DC7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\uz	Unicode text, UTF-8 text, with CRLF line terminators	075AF0766E78F08E0B038F0279CBDC5A	C194E60E16EC3C5E1A2FE6C0F4873C1C5A013565	FE7B98E51E1911CCB7908705E15A3C02373B368C48D457F228E53DC5461654F8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\ve	ASCII text, with CRLF line terminators	69EF01875A08A3E9E15892FD30C7699F	45F3379AFA458070740C1F0E45B9C36D8E078DCE	486858BA6807696863C54E22D7473BB9C8C2ECE606F37A033D075A3869D7E6EC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\xh	ASCII text, with CRLF line terminators	6586094EF8DE2A5EAB807D134CBDF3B4	5AED7BA2EC119CED1C6E3A5CB94DFAC314312851	180EC6959A6C7150E5FAE56776B2E0B5DC7D2AF0CB53DADC175EB07AF2A37DCD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\guess_language\trigrams\zu	ASCII text, with CRLF line terminators	34E3CD3FE47EF6BC87BC6D15F4FF98F2	98025004A80A38FAC12A742ED239A3FE097DDFEF	D16E94D30790833F5D0651792927F8C0F9582C92BB5DB27D94C62C0C389F1C8E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\location_emit.dat	data	14231F90774C51750D265A3F36110247	451517BAFC401514F954F0587BA6DE156BC82A86	C85AB962501FA6A49AA2AFA8069C36C58A6B645B4269EAE7497F0850C34A59A9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\location_roles.dat	ASCII text, with CRLF line terminators	E2C4F051B579148E5BE0B09D0292CB17	9B454596349F7382CDBFB9B7B0B8265C493CD5BE	43FC427801EE0DB33B062D6124073281FF7FF7AF99B398703E6ED39090C54C97
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\location_trans.dat	ASCII text, with CRLF line terminators	839200D74A33A3191A3131BFE2B6080D	97E9B60D776194E9E3F1EB3409EB2DA4800883D5	E76F47B5C68F565885D16BDAFFB1300A05523259F6E3C31A1624F92C66B67094
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\person_emit.dat	data	388C0AE1E0AA31168DDDDE740776B7E9	467DA95B61551C3173961BC62B8EBFF999907061	37DE8E628DE5D1992DC26CF2B9AF15B0CF3D59CC2694C11DE2421C494F2087AC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\person_roles.dat	ASCII text, with CRLF line terminators	A78FD36FDE77147943450AA889E0675F	2B14298A3D728B1A799B526B3AFD6F28E9C7F3E8	4EC8054738A36E65BC054BFA90444EADCE3AF298284F681DF01DB675FE45E880
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\person_trans.dat	ASCII text, with CRLF line terminators	24E8263E98B825E148A1BFB4CB2FB493	34A970FC0DC0924F1A237014D7B17E26BDD91AE7	C892D9D7425B53BF76C2F2A90C7FDA559E8E182C9D704D7CDAF3A2BEE7BD598E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\secrule.dic	data	2EB43FAE2747779EDBCA81AB4D914A83	A2407D63BB7B6DA03B6F10D134F60C01BA840E45	2D42F1E70546DAE9E9264C13F45B6D522DCE17C742755B157A5133BB50431551
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\unigram.dat	data	59951DB4B5261D3CEFCA2F8530772EB4	B9BB96EDE0D3F993706938DE3E6A2D3878F315B1	F0A1A37CD3D4736FDF58BBB026EED1A2E563B0717CEB5E9EDA2DF08D56ED4C21
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\data\words_bin.dat	Unicode text, UTF-16, little-endian text, with very long lines (32767), with no line terminators	5FA3C8B930BA0E53806EA4B8FA62D178	ECABD1F5B63B0046C7DF3C17BE78748F0A51C223	CFEE9CF452E97DAEE2BE10F18A69B0E51322472553F169D8F4F3DFFF5047E310
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\de_DE\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	34F81FB3969DBE23E077C5D5DB7E7A7B	F89F96E6DEF4458593B54A22721548D6611F873B	CE9CD79628D5D34C87AC9448AC6B8FE1D2CCA4DB7849A271790CB28FBAD87DE8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\de_DE\main.aff	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	767C8F17506518FD5BD83F4EB68C5C30	4E07ACD1262BE959E6DBEE430F9D705A35D2A45B	5538268372406A5BC3FC6E68A27FA81C3AFF40470641B33AE29F700C02C38A21
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\de_DE\main.dic	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	B28DC0187995C474E6E1CBA6C6A92F9D	FBD667F4F4CE63227D874FEA1D1897BF78DA246C	EB93E7F5555E063E5820981113E50A1C14D1AAF32F10E4735508544C38D45196
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\en_AU\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	69DB194A1F1DCF0A6FC84CDCE7B706CD	2369E97FCCDA7EE89AFA6D1C66F4550E1D4EBB21	6CD61F7864302E35F769B4A19E9D31CB459860DF3DFE8A6243184B407743BF01
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\en_AU\main.aff	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	FC610B831B84CC490116643C2794DE5F	7A41898987045262591B1C9E62D331119F5296FD	84943770AB18C88B6C83F739271CC150868E34527ABD58A1B9B871EDC595633E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\en_AU\main.dic	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	2F90B292D0F5DCB4E7BA3998DF8F36E9	8B65E0C16D3CFDB6B27449D7B5E4BEE039F44CAD	1728C064AFEEE864A8A510CED65E4E9ADD6FDF004A541007BF12B541335FDC2E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\en_GB\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	9EB55A9EE913D982CC0D337BEA03BA9D	F3B1EDCAA09606A3761FF5CF67BA9FD18691DC77	61ACBE2E5D03A99122DF9C97AB22A708D59EFC5643AB012F7A7B3A80D6AA0BC9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\en_GB\main.aff	Unicode text, UTF-8 text, with CRLF line terminators	A68292D366D40C3FDA3197CE8A26DBA3	599182856E8CF2C31A519A677C9C33C59E26B6D7	61CC5655E3BA093F79AFC46BD25F41F54C60F2810AAC9C2E35A5383AAB9D9D7F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\en_GB\main.dic	Unicode text, UTF-8 text, with CRLF line terminators	46F390842991DFA33EBC13CC7DCF044F	15E6574C1E572F39ACD824D2D2EA56C884312E74	BD23A0ECCE5A89C3E8989FAB984A67B51D54567BE8F3B8894BED20C788AF563E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\en_US\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	80655A47848510845DA2F375D4421025	69DDE934652B0387162E57A28AA637B93A8066ED	8294C502782518AA535BB456C23CA3FEE81B0CFF3B601A722586686FE3E9A971
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\en_US\main.aff	Unicode text, UTF-8 text	EAAE9BAE63B305440B412A48E1653A26	E22BE4B305584C419DBFDAD2F69BFA1BB181D239	C7A8C4D08C29D237880844B1623099F59092602F189BE38CE3912E457FF38BC1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\en_US\main.dic	ASCII text	5025ADC4B7B71617381A027A02FAF57E	523AD04B6E130CC355F00CB61BC75736EA75D968	3E5DB6E787C683444903B347E7D785470218020EC1CE40D03D0EBB9B02466685
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\es_CO\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	79AA78D49DEE53A7560436FD0264DC7E	2909C0CF344C66ADCA9482CDB1D4F9A66C92BD5A	D36D689376127F6FC9796A40037DC28C0B4C211DA57867071F323CBB3201D9AD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\es_CO\main.aff	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	EC6A17B9D78E3AEAD8897541CCB50957	E6A2C68EFCF2AB57AB11B403EBB311DF354279FF	53DBE0FDD76F28AA5F58D35E39B7816226E194925EC23C43FE1402DFBED206A6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\es_CO\main.dic	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	BB7203472206ABB359E5685B05D95E52	60F1F70D7608B570AD8334CFA7682B16EF9E33A3	630686CE014847EECEB9AA24BABA35E7CA92473C813A2766CB91511BE3E27AF6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\es_ES\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	2559C4AF266C845D225952E9FAC244D8	24D10F52D4C0AE2C74BDF0DBD4AFA8557315D318	81188A32B113A8D8B8C942F601A0AFFDF3D876F7774D9792738EC4394890B2E0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\es_ES\main.aff	Unicode text, UTF-8 text, with CRLF line terminators	61AB58D1878DF8E20F072D44A6E8C962	53B80A0EC3F4224035A2D2D212D3A593A2D3515E	0D3F487AAFE0E37BA5E13C6EAAB04E75712E0846C56908F9334EEF62BCFEDE3E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\es_ES\main.dic	Unicode text, UTF-8 text, with CRLF line terminators	8F5F76D52A8E77A131F6FB0329BB8670	026EF4530E7795F6F4AB30713BF3A98D6B6AF141	14B86C4F8A73E495EA86C1BAA5F4AFD8AB8D13D509870002AF36477323E5430F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\es_MX\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	A186E584AC2662B81AFDE1E8900A15F7	8D54F2E6B221E97FB3239BDD1FB7559AB5300742	C50E1C55BA31162DA73AB351DD9C864B63650AF2E00FD8F4494D04F484AFBBC9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\es_MX\main.aff	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	EC6A17B9D78E3AEAD8897541CCB50957	E6A2C68EFCF2AB57AB11B403EBB311DF354279FF	53DBE0FDD76F28AA5F58D35E39B7816226E194925EC23C43FE1402DFBED206A6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\es_MX\main.dic	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	FCEBAA1953DA550CCBFA25035B470687	3176370A358791AB443FBCBDC9EA315543F7B6DF	B11C7233D512BFA91AE15A9E66C5C74F2D9FB227A384473A80480552681C0619
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\fr_FR\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	5442BBAD479E792734510943CDADBACD	B68D224995C2E0C1533411A3085D76895C30B13B	85F09DBB9908953DEA3E5B90FCE9B7C19572892B5544AAC6AE17E3018E7A0608
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\fr_FR\main.aff	Unicode text, UTF-8 text, with CRLF line terminators	A27066CC57EA0C5628FF4BB431370357	5EE844CE62F2981205A788E8C8CD9F36447453FC	4793B1234B24059609278311F83E0E1C7666F69C1D00CC3CA7E28F8E087EA5A8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\fr_FR\main.dic	Unicode text, UTF-8 text, with CRLF line terminators	A5F9AC9FCD08B682EE4772F908AF08CF	F3433450E35D91342082B13D97A157B37D733135	3AED971ACFD4FED9C464EFF0ADED69B1F902EF5E0E722F8187B24F72C24AA1EC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\id_ID\dict.conf	ASCII text	84E7BFE37F92583AC13A35E3D8A72311	266255120FA7243DD927AA77E3EE2296EF2806D8	DD7D694887A0E1D49D362637306084D3D958170CCBC90487AE47D366D9B93933
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\id_ID\main.aff	ASCII text	83DEAC7FC246E9F0062EEDA778087F14	D1FA07B9F14848A04F18A2BF59E4C5DB5F6B6C58	F663C7A104BCB1D8D9E89DD48DA09D6EF53057BDF6D12ADD2B566A9F97C4D010
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\id_ID\main.dic	ASCII text	41AD0539859A7D868B8F0F6235946F5D	0B6F2CA0EBE02A2996280B7B85DD8618F9BF6BDA	4491AF23AFEE8ADD940BD78D3CA94D3C8D7250A485263C3212787210D6883ABA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\nl_NL\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	2734F96F3E0B09D9200BB7B1CCB21589	A627529E8B038766C01AF2FF7522D88DF85C8E64	4B75DE0B09E0EE9D4B700F77C337E52E3EDEA8C420C5BB206C1D1839ACCD44C7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\nl_NL\main.aff	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	F5193AA859CA544454115CF62289D2A0	531FF77C31D3AA4D1A8DE7F036A6C73B8C483DB6	6410F28D0C2BEF378D742C6D14E47917B42269FE1FABB9DDA2D4A110E2CBB91B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\nl_NL\main.dic	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	63E9E1E8E9A380452982DF27A769D923	7E722769F5EC0BBF7AA8D8629D3241B3C5A1D667	1E148CCD896D986D1DDAC2CBC7B79BE5806EAD3D1E7C89074C3C16C2331F46C2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\pl_PL\dict.conf	Unicode text, UTF-8 (with BOM) text	A76228F6D90866D1F5BBCF876C2F512F	670E40AA001F9A90C515712E50CCBDB71079FAE1	94FAC63EC0FE2F1A38490C9674ECF5A3673D14B9931D9C2972DF5A424D68EA9E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\pl_PL\main.aff	Unicode text, UTF-8 text	1E8946CF9A5D3610B535AAC1FEAAE3F3	7D4637A9E5C4CCAD419C72BB82645B8924DD8DC6	57C32B6963D7668F43FEE289BAE7D517F70B0344514001223116040FDDD9E520
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\pl_PL\main.dic	Unicode text, UTF-8 text	976338981B4D977B6DB8E93E794CBF1D	81144791D4226D81FAA73897D6448B8F78C4A853	4A31F54F3046E3D0C2E2D9CB92072199AF0AD00D0104912D1691946774DB3906
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\pt_BR\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	C404EEBB7BFA8657E2E858C6E367450F	397AB6F291217C8CEC438FDE4C882D363A0C293C	DE937AFCCAA7439DE68946BEB5F136F8F2330C4D98DB2562DD597796E7310CC5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\pt_BR\main.aff	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	D12108EB9F88BFB5AAB19E418F77EBB0	29389431FCEFE82F7A58038399279C9B236CC223	5FCDA7A9EB421533ED8FCB31A7A59D80D5BAA32C8E75DA72B10812D55AE02424
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\pt_BR\main.dic	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	96B78A15FC850B63E435E23DEE6A74AC	A6659C14A23C011F17371900A539287D57DB6CA6	4E1E31B9CAEECA3ECE6C85F0457F70314CC452A532571DF3C6B1266DB50FAC34
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\pt_PT\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	3AEB0F8FD6B6D47454BAA0B9600B9169	93275EA60D0FF81FD9F843E6C497AD31C4E65C31	89258DB00F3A114028A5E19B48B1F0C9A45532D9C1DEA560FA230995AD827FC6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\pt_PT\main.aff	Unicode text, UTF-8 text, with CRLF line terminators	D2611D4A4D2EE124244AFC8F1FC1381C	93D945AD84048181237A87F74FEA66BD98F782EC	9B08E2F7B5D08CF5080FDB3938185B641BD588D84D7F19661DE0D177D73F5256
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\pt_PT\main.dic	Unicode text, UTF-8 text, with CRLF line terminators	2CFF2285A8E1008BC672DC085332BA77	8FC30405C816E4CD1293372C5B6C4F703F8498C1	70252FE4E90B96508DF53CC51BED691C4C8E2429739744539CDAC897C265FAF3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\ru_RU\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	C33D241A6FECEC8F13590C2D0627F8FD	D765D1CD696E848F59632C3FC93915AD5906F485	1334BCD1EAB4DE1863A3B2CD23F56244EBDD38EE1AB805B8D64A696CB6B14354
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\ru_RU\main.aff	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	4D03BD1DDFAB38554940BC4F65AFA7B1	5592A37A94803308B3774F08488E0CD18EDC4F1A	4C232A7BDA5BDED2BD20611FC07429E708A4D152F77C6B286FD5F311F98D9CB4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\ru_RU\main.dic	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	A8D3AA84A0808095D832C3BF01B4980B	7B5E0453CCAB972CFDAA25EFF7E6B99567C4ECF2	6FCC810C2E81E41919D3E584D01CF5C9315182B7197188E374E0E55AB49C764B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\th_TH\dict.conf	Unicode text, UTF-8 text	5914D3A9EC35CADD79B2283D070FC476	A201D7D6FE1875461963448AF8155FBFDD37AE59	CB68E1B33AC43717773D43ABFF1E20B869EF3AFA7045693CFBB328407C1CDA8E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\th_TH\main.aff	Unicode text, UTF-8 text	49170FE0A0425D4F0F8BA552062CBBF4	99C4D5C4D44DC49686F470E09CE158C387E69F2E	A4081234266AC3B850CB80748C597445D5000797290F707AFE7953F3C86FE363
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\th_TH\main.dic	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	52A9CED875E8DF19D8C7BE03A12707F4	E017C6EF7458C5BB13A9C23BED9D6A19B66D4E10	E99AE34A607F7C65B94F360B092AAABA0838C28C285531E76BA96DC2A415D250
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\vi_VN\dict.conf	Unicode text, UTF-8 text, with CRLF line terminators	3E0D0BDB7B8348605252AFF62494C658	A610B9067DB5A87A7989760B1A9064B94E80F305	CA469677A9D777F1CEA6DF2E1B7C54198A2E1AAAD6A536670F6EDE561AAFCD93
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\vi_VN\main.aff	Unicode text, UTF-8 text	EB3F629ED55D9DAAD1770ADE24F23EAB	F68977B4DF9F02AADFA4334EC87E0778E0FB402E	B58B31BA3CFBF1C5A3730F2CCEB8652604180770020F291D2CF6C6FECC9721F4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\spellcheck\vi_VN\main.dic	Unicode text, UTF-8 text	F61131188ED253283AA6697F8F92371A	4E44B8CD1AF351739CBEEC484238C6F440C20AE3	21D59C8385D2AC8D708BC5DFE83B62753D7769A8B2C9C38D319CE5C57BFBA0C7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\de_DE\thesaurus.conf	Unicode text, UTF-8 text, with CRLF line terminators	901AE8E36A210522F952BCE8E01E91E3	C4AE1A8AF5950A9A7B0A7EDB808F6A2ADFF41414	EE694B14B866971A3E11351E0F3AE2D47D9946168D42E008E8917F71A4FA8595
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\de_DE\thesaurus.dat	Unicode text, UTF-8 text, with very long lines (1773), with CRLF line terminators	2A5E1342A2516C13EA2AC697D4922E18	AED1EDC1ADB095A685D2CDB3ADCFC3EA5F3F42A5	A7F395E662FC38CA881E313E5870E41008974565267006AE63670C0A68ED6D1C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\de_DE\thesaurus.idx	Unicode text, UTF-8 text, with CRLF, LF line terminators	26DB63F1EFE32F6A11A801563900E2C2	674DCC759C7D43158585F9CA7E56741649483D9C	446E02F24E62391B2713908CE8D6D4E8D490F5D3D79FEAD8632178FB5B27D5E6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\en_GB\thesaurus.conf	ASCII text, with very long lines (362), with CRLF line terminators	244711C80560B7C283AA76D4D9837432	26208020D7701C8F6BF1786FD4BCC6C340AA6CD9	743FE5B080FD7EEC55744D57FCB8597C08F0BDCE3F2F7A04BEC2CC3073A584DB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\en_GB\thesaurus.dat	ASCII text, with very long lines (447), with CRLF line terminators	20272429040C0AA15AA786ECA3F8C57E	2670C94F56156CCAF04155213D04AAF1D4AC1C04	42C50F41B0F12E20CF0759C7D6F01F31917310460F81F00172C32E2136A40C94
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\en_GB\thesaurus.idx	ASCII text, with CRLF, LF line terminators	5D44671943055F4959B0F7098EE6DA44	FE04C6BCEA976AC5E488295C0F9F76912265F70F	5827FCA24059F222AB96C46AB5A94D389615C5A0CA9FFE32DEC81C8FBB32A983
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\es\thesaurus.conf	Unicode text, UTF-8 (with BOM) text, with very long lines (464), with CRLF line terminators	010996AF46F2578478F26E9DF58BB1B0	3EBE9B0416C1B79A9B8A2532A3A90EC91EE321A0	A9A7C99959D93C4AEE5A6D85460C86A100B5FFD30F5A1B39CE19E0736BF6E777
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\es\thesaurus.dat	Unicode text, UTF-8 text, with CRLF line terminators	F0FD35A8D884CCEADB3CAE3A23ADF8FA	6C8E35C230948F0F0FDB3BD64DD1D54ECB6EE880	35174251341C26479219A1B52C1CA76116F2C8DDE9D948C4590FC088110218E2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\es\thesaurus.idx	Unicode text, UTF-8 text, with CRLF, LF line terminators	F2329B77BE9EA6AC28BD678F1CDF0409	3446AF8B2A47BDE35C3A577EEB775A1CB0A9364A	A8EC476F373ED8231A11048B0B2AE2BDD51B19565B40AE624D3A605DB5B1F61D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\fr_FR\thesaurus.conf	Unicode text, UTF-8 text, with CRLF line terminators	FA7300C5452BCE7B3A064B5A6CEA8081	57FC614B15594C09563B8B65362893DA8BA594C0	22047F684BA2DCC1A6DB2FB0B9E010036DE84CE89E0F9702615C3C4F1D3BCC67
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\fr_FR\thesaurus.dat	Unicode text, UTF-8 text, with very long lines (1283), with CRLF line terminators	A0960F8534CEDD7CB611BB406849ADCD	DB1C0911EA18F0A8600CAF5B210B4D64389A839F	A3430BB1313F0F04CF39B03BA2782F0F7DE2CCA3E9B8CE4EC05C04273AED6427
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\fr_FR\thesaurus.idx	Unicode text, UTF-8 text, with CRLF, LF line terminators	A5C20CDAC0EEF69398EA78549F534B86	05C82E598ED8FE4C5CC10B180401B64A6D347836	7197D67C60C408A861A00A03DF30E69573E15C6D62905785AC7546030E69CAF6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\pl_PL\thesaurus.conf	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	37DC4FA078C213E1771F7847AA3050B1	2B0579C5E52209E8ED9926240C6DD038834558A2	61FA2F2D520B537EB00DD0225593D77FB4ACC2203E3070E4B179C705FF039AA9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\pl_PL\thesaurus.dat	Unicode text, UTF-8 text, with very long lines (317)	039CBEE7DFB27C78F29950A754450EA3	209FD1DEECF8A8D5ABF89FE688002D5253972E82	F8A7A03D1C4B36A0EABB6EB1BAA5B784B23CADDDDEE1EE7D74C2651BE373181E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\pl_PL\thesaurus.idx	Unicode text, UTF-8 text	0F589BCA13C836CACB9A51D85124E9B3	3033A8C02CB951A732E2E4666F29079DFDAFBF5C	7E50B49CFFF9D451586A932FE133AEC380DB8C30627B499EE1AD4B70D09C05B6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\ru_RU\thesaurus.conf	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	4F3F90A607E91394C04B8EEB75128982	B5E9166616D02496B8079FB21935C48248E04D5A	0866FA2F11760B49D3C47B5CF8E1B98BA175B5A0FCCA1F777F68A15333BC549E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\ru_RU\thesaurus.dat	Unicode text, UTF-8 text, with very long lines (364), with CRLF line terminators	DCE8F3D7C5DB10A780F5DE78ABF54458	F4BF7BA81221180C7BF61D0D9C64E9EB67FB4243	F7C7C66B2660E3EEA970E6DEC4ACFE56AA491C69477805B51A7AD8263A918F87
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\dicts\thesaurus\ru_RU\thesaurus.idx	Unicode text, UTF-8 text, with CRLF, LF line terminators	6D5C28ED9301E9B604A74BA188D7EE7B	E2766924F35E395E0E23A8C158079BAD5C8968ED	7D5A953E03B1713C30C1B75B4C3681C1D8F14553E6E5CE51278CA8B16FF96D27
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\document theme\theme effects\Adjacency.eftx	Zip archive data, at least v2.0 to extract, compression method=deflate	4EB3F9D0247EE4F58C3F3DA71FA60893	676DAEC789FD4E249845BBB524723C2CA8B43F20	CF275F5ECA4784F02345922B15ABF7717E63A9929D804F2A5E6A1D265A1FF160
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\document theme\theme effects\Angles.eftx	Zip archive data, at least v2.0 to extract, compression method=deflate	0A931D8406EF74ECA48CE23985F8E4AE	7C603315002981948545811C640B63FABD821C7B	AD9E40FCD0A3EA06A07F926A052AB5070AAC2BFF884664351FCE25AE36973F55
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\document theme\theme effects\Apex.eftx	Microsoft OOXML	DEF6797E20E3B3DA04FDABBC318FC6ED	EAD4510EF01A86E911EB6B452819CB5A815C1953	EEE5A2B6A42443F527AE990193EF8B9FA444194BEB81A0625BCD990FD50B02C8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\kqingaccountsdk.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	81ACD7BC82B62E180F4234A80539DE8E	3B2C31110B49AE31C7FE93DB58C768843F6C05C8	34DFF81D4C93117BC3903A0F00D30C032FECBFBB9B41483790D2AD0DFFFBADCD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\krpt.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	8E8487CEFC5F213E78B6DD8EFD24601E	66C40F71588B5B250E2A9A5521853DF011020031	2AE8873BF288197A8E9378DEBBA540809DC485E3B7D74C25EC2C2E7CE8A559C2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\krt.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	FD7EF27A8780754D160EE2F70780E62F	41C463D3A38704A2E3B83D01E73F225F14C1E219	BAFB2C6E3B0DC17F9B487EC50904300E2D0B3DB865471F0D9B0E2192EE8BD0CD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\ksaddndr.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	25B79506CF20FA176253C96C49BAD577	97113DFE59099A1C702F885A4A2370011161ABA9	784AF4EEFB1D7320059D31BC69E90CDA2ECB7CC05D862DE92D24B8C651057A65
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\kshell.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	8603A85045DEE666F1D6005D9A2971E5	1B4ED0A58D4FD64A6053AD5182BBAE332EADDE9D	CA738344B0B9655203E3135C57EDD7505D293833DEF2CA888AC0726993D1D25A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\config\controldatetimeformat.cfg	ASCII text, with CRLF line terminators	5E5B427D870E02AE356DC4FF70381281	D73D59703FB69527F79CFAFBC95FA6F8A9C0D400	83BCB790BCC168DCB563BF45059CEFB6A4381AD237B1B90813969EBFD96D066B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\config\datetimeformat.cfg	Unicode text, UTF-8 text, with CRLF line terminators	8CCFC89C0BE5A418A3D1CFCE3CBC8CF2	09EB20F0602C56E37701725B441A7A0B8A86579F	95E3FD94F5A3946BF32B1CCC51E4ED40C09B52DED7543319C70B4AEBE4AF3FED
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\config\downloadIrmUrl.cfg	ASCII text, with CRLF line terminators	46CCC9FD84D15D542019A33C2C7BAD6C	E110E9110CE5DDB97D0145D60F93ED5F9D7515F5	EDE6BF9D7633C7DB2261178292852B126B4A3D3710F328589AA05DDE5183B7C1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\config\envelopesproperties.cfg	Generic INItialization configuration [Size 9]	E7BF087066274D7DBF556159BD0F67BF	7AAAAF9E89AE5EFD51E5B9ECB16FD97F59FFC5BB	F4FA5892989BE047BD222255CB0704D4703A643C89C541A44AFF279B80B41C1D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\config\idstr.cfg	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	8B838F92C6F1556229392A45338C4FA4	50281BFD71D578A3AE73C69FC4E24557EDEBB29D	25792D695DBEABF4495B4F48E989580AD8E849E393880E5DEA6967E19C128A55
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\config\numberformat.cfg	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	8C73F55406BB40691CC89B7F5E156569	5B39FC3359A8BF708BF147C3AC22DE23CFF81C37	1A0681C31BDFDD9C6868897773D578A130F79D90BF2F3EDC60E2E58FA1C4F6CE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\config\printpaper.cfg	JSON data	77A1734B96CA039829FBD3259ED7080E	4016C01C2642FED819E21FB42C364FDB45A16FC1	6FC5ACB41DE7CA0441C8C70B95099E99C8F2E12A74DABAD4F3F96A3E24461CBF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\config\replace_as_you_type.cfg	ASCII text, with CRLF line terminators	57B391028A64C5DFB0AD1F8A9227B254	4C2F5D89C2CCA85442903F31C687ECB205735FAC	00451A986862F4ED76C5D835AB7DA3BFB6A1468AB49E95AFE6B2D33C5B345EB4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\config\wpplist.cfg	Generic INItialization configuration [BulletListGallery]	D8239A64297F51B79973C4893533673F	9CEFB5063BD2EA7AF333D922368DACBFBE87860A	FFBC24BBF599AF6792A88FA6C47B65024754F57D08286EEF40F14AA2CEF3C385
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\config\wpslist.cfg	Generic INItialization configuration [NumberListGallery]	29635E3F7BFE341FE93C152DCE5E418F	2D94F497944BE94D52B82543A196210ED0FCE3FD	1A953B076C1D1CE4CCB793DF96263B5B508631A752D56CA79B89E231568017AA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\bksound.emf	Windows Enhanced Metafile (EMF) image data version 0x10000	04E3A7B8877CAFB4B0D6FA24B52DB970	410531CF31542B8C32609B787BAD222B09D2D1BA	4B5A145006541D76AC6251E6F7FC71B46B49599E4286E4AAD041FA4D12664785
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\error.emf	Windows Enhanced Metafile (EMF) image data version 0x10000	B02FFF978033048B4D76FDBFB9828D94	D53F840C26DF17085FB93E4E30D48592C5C83E49	E5A9906CDF45791F9BE68CAC753E24BA4116BF09BE95FC2E34EF55E121BC698B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\sound.emf	Windows Enhanced Metafile (EMF) image data version 0x10000	09246B9A1E0B54367B4CD942804BA3B2	A91494A4844D72D1B84BCA389C796B50D15C7B59	ABECDF272343B04C0BACC1122717480F12C43EA41ABCEDFCB87BDCDC25353818
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-34.svg	SVG Scalable Vector Graphics image	D48AB968B191D9F0161870B76BCE00C4	9CEC4B5678E4F87BAB00F1EEE2CDEDD755A7ACFF	9151F7BBD747F2B07E5053B5820899506BEABF873A72F44913BFD262F1FAC223
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-35.svg	SVG Scalable Vector Graphics image	0097E9B6E046A36D0E7480EF8EF42027	95D9BA94A4E3FEB688ED7C7F38AF3C3148A0CB6A	FC666F26609C833AE32F3D9348299ADEFF92FFA9F6B8A568578BB62CCFBB29F1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-36.svg	SVG Scalable Vector Graphics image	F6E02391D4CA05C7A729DD48C60EE356	717DCFBF5EFC9B20CA311D7111152D64C14E64D8	590508C8D414C8835A52F3932D969284D6C2AF638D15922875734521F9EACB1C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-37.svg	SVG Scalable Vector Graphics image	1E5CB344EF85E5E7C2CFF2850F491ACF	E6148E1F060DFDA3299FC3FE91F39DB54EB0ADEF	CDCDFB3D594229A8AED4E65153B02FAEE2A81DD1485BD689D40E9C1118F8B1C5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-38.svg	SVG Scalable Vector Graphics image	E1FD5243735D8A713BF01884C54E0006	D953332480A78B1EDD249EF6F437192ACCC11B9C	BA9899970F4C5EC44740F389B19C5E9137E840ADE6B3E5AF256B178A9BA5B97E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-39.svg	SVG Scalable Vector Graphics image	0E9BB58EF7503AE25414F198513185AC	0C45A099B694495E6B806C3FE5E47CFC0D605CF1	99C6F8D3F0D8F1E0EF534D6B93688A67EEA3A8569D33370EC7D2BBC17EA57D5A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-4.svg	SVG Scalable Vector Graphics image	63F59DFD68CEB8F8A9B1F9950A9A3F38	849D76CF062D36A61B5D46D1F789A0700FD79836	C000DA73A420BB26AF8BB4CF9D1E8C02EAC33F1F36CBEAEA237137305591F196
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-40.svg	SVG Scalable Vector Graphics image	E1A3A2801FDC5BD382091EB8644122F2	7869E25685F8F0AE2ECB9D308A900540768A251B	C044987C3A42C92DB150CD33291927012C379846AF5DDF48BDB57C6313ED8B57
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-41.svg	SVG Scalable Vector Graphics image	CA21CD464EF420B7E28253F20E149818	5D0EC615A63A2E3670C37F68A4CDC947BFE9CC96	246FEFFA687FD606B131B5850843DCAAFA1C2FDC10C65CDD7CDCBF3D4B44E887
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-42.svg	SVG Scalable Vector Graphics image	173D9DC3FBE729DBE3F1D3156F6F5231	257AECC9042FD05CADC7A5CC4E48FF17897B3FCC	E3EF5550783EDF7F58BECB7AA48C09E1915CA058496D781959FB1CA83216D4B3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-43.svg	SVG Scalable Vector Graphics image	AB190530B66F4EE35CE6F39C47C73BFC	11810ADDE1ECFEC3FEC1EB2C2B010CF950FE3858	CBAE2F7F915527598A7220125AAE37E9B8AC7CCA14EBA8295E4102E3995C10C3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-5.svg	SVG Scalable Vector Graphics image	EDF40C145A4D3CA1A0630FD27CBEB65A	FB9B3303B3C96E7A915AAC9D9794B97A4EBB62F4	63B500DE8DA33FFFA9AC915A8BDAA7B93E5AB5AC0E0D9FB491DBA1B63EFC4DD3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-6.svg	SVG Scalable Vector Graphics image	8DAF1EC5B2701ED47100B01277A7AD3A	55EEBAAD54CA84159FB211273DC19DB9298AEEA5	A690E1AD44E110C46E026AFEA81D604809E54991A9003A5F551464896704522E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-7.svg	SVG Scalable Vector Graphics image	EC6291CB5450CA9FE245B6AC5339F805	ADE6D17916773C73E2B219E6D7D6091BFEF0026C	4E41AC85AA582FAC8098F808D1F16ADAD67BC60272B0D2187676954DD74126C4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-8.svg	SVG Scalable Vector Graphics image	04C8DC027EF3CD94F6EAD38298BE810A	22654E5491943F4E8AB95A9336EED28B41CF84B6	3F9A9180DE1FE3E9C720A77ECF62F026C1355E78B87E6C8D7455AA45FF51AE66
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\BasicShape\bs-9.svg	SVG Scalable Vector Graphics image	99F21478270CFE6F177FEA32D9B0E904	1ADB3162629194C168126C1E7F346A33EBB8C01D	0F8392FA21795DD5E2EDEAA3708D55F7C004E3D1BCC17F790F111C9D40811819
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-1.svg	SVG Scalable Vector Graphics image	F5D1915E347FA265B5878D9550F34CC2	27150DDC27617E12E89B610D95EE9D9C6E0F0F5A	5E80585C50683DA52AC01E7003C2109E7A4C4FD169D4D98926998724A14EF130
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-10.svg	SVG Scalable Vector Graphics image	F2525843459FA57F369D407941494AA8	D9BB99815E038EB3A93788C1AEE2C0874D5B236C	C3E87A991E009AAEC687C1994F186926538F90D65B7EA0CB1D06D266B3FCC59D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-11.svg	SVG Scalable Vector Graphics image	70C35A49452605FD5BD2F03E8A3E614A	83CD48C145D8E3FECC875FD1C3D00CD976D53E41	D26A0B4BC9B3A5127582DE934F8750D9F413E1C67D2565077E64AC550A5C9F0B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-12.svg	SVG Scalable Vector Graphics image	06DFBC9C2A4E833458242AAEC7BAEC2F	E167A6F231BBCCAAE8BFB9B80718BAE0A27FFA37	9D9EF4B55C0AA3651108C3847FF7A7C656346E4B20DD2049A903875EEAFB5E5B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-13.svg	SVG Scalable Vector Graphics image	A31F106F50B0BE7143E3DF16CD583A27	4E1B2B7443F6CB75E3BA304DD0402693FBF912F9	6535B2BFEFCC68553619932E0185662D8B8D45D0A4D4FAA3DF0625C53B83042A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-14.svg	SVG Scalable Vector Graphics image	4854FDD535209C910D4178B5BB78122A	23CB07DADC25CD532818FD8B9AF3AEF8E79E2BC8	29354A0B8E4352D4043ECD2B8EADF1CCE1D8D223663A29135112E2397A6C0016
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-15.svg	SVG Scalable Vector Graphics image	B8CA332D8FC4129B92F30E84752BC856	C6257FED1ACF7A6C7ED74B1C1E3B16C3DC55D44B	98F532EC0DE06C552355868439BB7D338612E7261D07C5455958B1B63BEEC22E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-16.svg	SVG Scalable Vector Graphics image	0C2255CC4FF98EBDF9262B0A59CDB561	41C17F9B2BC4358E68695AAF3B793AA727941AE0	3B94967ABC50AB843C353DB17C7F8415CC9DF0AA9D30FA258D0F0E11096712BA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-2.svg	SVG Scalable Vector Graphics image	89617F7CA3AE38B088DDDD02749879E4	901808899BE9E7D4D9255ECA0E40BE5F7604D554	C6350A9C3AE010B26DDF2545CE0627686C6F851C450D3F07DAF0F9E68BD08635
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-3.svg	SVG Scalable Vector Graphics image	CD8130D607072D20C587EE7D67F5D6A7	38F836D3633841B59E5090FC8EC4A32F1C28B239	A60E097428CB8EEDB1ABE3B931B8F268B86B6DE71BA254078F5FB1E56D4DDADE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-4.svg	SVG Scalable Vector Graphics image	8187054AE4FAAEC8273A1191E49CF997	3FA3E64A11DA4F9DB20A74F41ACFB2FFED76D793	33942162B062E9E679F269BBCAD787C02D1B75F85F77A1F301AA40D967F25136
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-5.svg	SVG Scalable Vector Graphics image	9C6A5A8AB0AF97B0D0FA1F10970081AD	51B1CA8853F89397C6A95DB9DDA478F28562E72E	376CE02B68C3C5CA02B0AFC8E321EE477EB379E5C16E061CDFCAA1DFA68D93C7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-6.svg	SVG Scalable Vector Graphics image	8D5024CC32FEC65C6B94D85DB8A3025B	27D540871D9A96C37D8C3A7634BDDD35ABD6529A	AB870A5B473873604B3423B665FA916544BBF50DBFE1BBCB403B68494471BCDF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-7.svg	SVG Scalable Vector Graphics image	BF7963E66979184EE74DD15204F2A198	989D4F820C5FC2922BBE2CD4A0F84F65AE4FD063	B28BA676FAFA6D113F5AA91846ED5AEA7D5DB2753535657F6DFD05A2731AA2A6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-8.svg	SVG Scalable Vector Graphics image	BC79EA06CA792003B1249D54DA3D0F35	7BEEBDE74E655AE4B89FD1910B84FFF277CD3FFC	A0182DB44D6B92BB40B5F5DAFA70F037E7A615862147FE503E640E205C8D702A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\callout\callout-9.svg	SVG Scalable Vector Graphics image	CA70685F089D431A09DD245C54D88938	8B4850A6FEEC1001640A768C4AA38A89B3656B88	E0BD04C46EEF4AF32DEAA3ADF3C81A39BCFB2F5025355C1DBB1C4AFB92A1340B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-1.svg	SVG Scalable Vector Graphics image	4821EE2DCEE5D420D7B1B58F2545B8DB	EB301FAB2EC0B27214CF53072BFEBAF984D6FF7E	A01FF3482890033C03CAD6FD19DCE80AC0E7E8761B535560079E09BEA6E6E342
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-10.svg	SVG Scalable Vector Graphics image	DF6347DB8D2E77C5460A2DEAEB3FD21A	10412F5C0F50CF9B85D9BE35606E80069A524DEF	26F7E6B55AA066CBCF99C60B37533FCC9580AFDF0EF2BD53CFA74B42EAF7F2A0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-11.svg	SVG Scalable Vector Graphics image	75302ECBAE1C38C0278A50B00E32A3BA	3579FCB6E48A6A90413311B8E2D748B496DCF2D4	63D3310FC93CC9E24468AB75855F1F8E5238B9FDEBC0EB9BC8DC53BFDD5659D2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-12.svg	SVG Scalable Vector Graphics image	8A62A151C9E25DF4B3A51155A1AB76A4	6355DE08C73E4BB9768865ED28F639114561897C	FE61FD246323270E59F2BA4D65D72F260D741F434BCC8F4717C6ECE75FE6659D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-13.svg	SVG Scalable Vector Graphics image	951C4C51C3E005756D412C8FCA03474E	95771ABC21A2D75943A1978AC431B7A1D5AD4689	D6CBE3043F7AE1FBB76F78821FCC346956EF8F550200EF913321D9D91FB237F4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-14.svg	SVG Scalable Vector Graphics image	287188843788B97211818197AD47F863	4F72CCCE3A21672223F62050747A3DF22CC73001	DA6C27685846048403780F329D14F7F226E7D1659B6EBEA999D8910CEC156105
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-15.svg	SVG Scalable Vector Graphics image	74D6EDB6F4DB45F0726CE85BABA649C4	FDB11EFC73FA2478F1A44876CE8146CEC90E0C5C	54E45FECDFDEE6A9B647DEB299D7D98CD92C59B41F1523D5B5510C9A1C396F90
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-16.svg	SVG Scalable Vector Graphics image	D93BA6FD93F6941654FFEDEB864607B6	0F91723ADBB84EB754C5D0E3B5F4BE17D9A0F519	658D8104455C891B2E55E778D1FC96076A3028A114356E39C3518CF859CB22BF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-17.svg	SVG Scalable Vector Graphics image	088F3BD2B4BC958B89A1971AD2F4D2E6	148AB9EBE0D038686FB9F0D1AD876F5976B36754	32E4FAA27E7394DCDA585D56137EA70BDFA7A786F568007081F4884ED008C60D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-18.svg	SVG Scalable Vector Graphics image	8A5745D140166B7815E2DB806A66CFB8	9977CC0BB08ED5D2F85BFBFFA28378C9CAE7D260	B71DDFD230A60CA8598F93DB1D1070C0C4B491492A266FDE2D5B687A37EDB99B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-19.svg	SVG Scalable Vector Graphics image	53211E72C2CA991DA94EFC0D6448F42A	1A9CABD9291124AA95133CB8E442FCE3309CED03	5C0E8E07DC87E1A785B3474DFF40F262ECAF1AF6DD093547ACDABE82F77E278F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-2.svg	SVG Scalable Vector Graphics image	E93453DD5997FD6BB65C70BE9601EEB6	BF4F7850B5F2559D2717821448471F71EB5C4237	FC15B61B1AC07E8286C18DD2994154709DFFCE0286F72604F150E0D469BC8672
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-20.svg	SVG Scalable Vector Graphics image	A8A663F84C8BED5AFA73F2688BA56375	AD4AFC12B464C93304B604972D10219E803B515B	8FA28BA5202249DB22581B56AE1B29F133F63F269199100C64C118A78353E3BA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-21.svg	SVG Scalable Vector Graphics image	8C07BC68B1C12439ABAD5D885BDBB2F5	95EB72BF706B3A9C6B360DB1E122E31E6E0D3719	C1906A7C2E8EAA33910F2451AB599D7E6129E40B800286ACF10B78FA636D9378
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-22.svg	SVG Scalable Vector Graphics image	E1A275470AE202A490FBF7D41C9AD5C2	6B5784059E28F2402C00C415607397F349E58969	2C3FA0CE8D0F90DCC899A939837AAEDE54224CB810216C45A05ADAB808FD0803
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-23.svg	SVG Scalable Vector Graphics image	1377C90BE2650711FDDBE0CA3EB50613	048134CCF397E8F259F319133E187E87D5B86DCA	0B0936F5B0761885DA6A0CFA28CEB1B9FA3B58F327918F455637FCFD72C5330B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-24.svg	SVG Scalable Vector Graphics image	C80A0815D690A560A5DE202DF0ACB5F4	F226F01F07CDEF4BA47313F368F8C50F4E86F01F	7A082AC2EC446B7C0ADD5892529E5B9E3CBCD5FBD6584A0C8DF5C968C81C4D06
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-25.svg	SVG Scalable Vector Graphics image	D2AD088D2AFA12E270017E812B7DBA24	57B7C7B8763390573A22FD306A8C82E3E88841A7	D6A83C1D5C15B685B5DD2171C2265EA463EC66FB47FD322FA866046EFF2507EB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-26.svg	SVG Scalable Vector Graphics image	3EBC517ED1A873923DE72A1F99BCFFF7	6CEBB4E4574D77919333AE914A8E280E831EA08F	E8E0E02D8D6E04E93CF6E02E11D71FDD2B14C4158FB6EEF78B246367E745F3D8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-27.svg	SVG Scalable Vector Graphics image	0954A8FBF550C6734CD92805C5CCBF8A	62AF4AFB9D0D10E448191544AA1A842574B9513F	8BA204AF8474904C892F2A4C2C584F1D263B1A1FB4CC71FA2A893EDF851D8A1E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-28.svg	SVG Scalable Vector Graphics image	36147F12D49E2CDFC708128FB455EF37	2A704E297E46A1A1031C66AA7DA3509C6E7425E2	72C1D386389FF831235CD4B9EBE9CFBA04D3255B9EB0C864B52AC22563206F1D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-3.svg	SVG Scalable Vector Graphics image	A04A87E4BC28F7AA5AFA9616BBD33820	BE0346BA5A73AC778758F2DB5027CBAEE429293C	51DE9CB4821D79055BC3C066A6C29490C81EBA4EF8A094E84456B0F52AA32B8E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-4.svg	SVG Scalable Vector Graphics image	CE1F6E2D9481D9B480CF561C5B2D7096	A9AC771D50C97CBAE40E8720384A7BE9020AC693	D8738B458EB911D8A2E8C3FE1865273CFB42B771BAC128DEEADD7877A7DB4303
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-5.svg	SVG Scalable Vector Graphics image	819F171A011C1068244D872DD1760E16	C4C125E27C81F84BB80DC579878DD8C0FA90E0C3	8AA5CE2337D362E2C671BEE10533C142D5C48FFFFD4AA11FA6C4B88057B9107E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-6.svg	SVG Scalable Vector Graphics image	8AB1E4A4DC37BBA563FA0BDE6C3C7C10	3115877DBDFDE7A55CE81F3F73512845888DC725	6B556AC35C17E8D136C4500ADC25DFE078C32579B6A5117CF50E8339D623E886
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-7.svg	SVG Scalable Vector Graphics image	FDF7BFD8AE32EE96BD323E7F5E2D9C51	F57F999EFEF454D46B0A6D9CCA635D85D4A937BB	EE76FE01592D44134C542BB712AF6623EC172D1C9ADC170440ECF98C103CF0EE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-8.svg	SVG Scalable Vector Graphics image	22832743719D51444F1E1EA0A12C177A	D0C25D0657D51A88B01209F5B2029DEBA42CA33E	3073684F05F3DA22A0CF907F1BCA843D6C0B3EE79DC7D8492C3ACBB6107BADC0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\flowchart\fc-9.svg	SVG Scalable Vector Graphics image	65C2CB8E484978EA15C703A58BC36594	15209BD1A5F2F74C0DBE0D651E0020E67F34471F	433F0B3087B303B5DD0DDB4904DF3BBA8A8BA76C66A1693E8B05C5E81D8B414D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\formula\formula-1.svg	SVG Scalable Vector Graphics image	76B5D61EFB6AA0A817A8AE9684FDCF92	563E47CE18212D7E8F81556D796D57DE665021F3	952EB050823157B2CC840ECCD2D5ECD52DA4D3366FB25E242A6106CCC8AA5D22
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\formula\formula-2.svg	SVG Scalable Vector Graphics image	6166EE9AB6F69AE3B68C285A097C5F67	2AA49A89DE21AC3FFD9E97D8638709B84942339C	ECD36F393AD33851A773E1C1619DF220890DB2FD7E31D51AE3BE6E6209239867
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\formula\formula-3.svg	SVG Scalable Vector Graphics image	866081FDFC760B20D27AE37FF901DE00	7D4497C8DDD97DF2C00D61C5FCA6DD8975AA3468	5C92E3FFD337231886D6B5EA9D988D29B9B93A2D7CB97205D8BF63B3A7753E7F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\formula\formula-4.svg	SVG Scalable Vector Graphics image	89A728FFA789D96F06F2B27BB679DDCC	3814CB8E9AC286425BBE258EC4B2AB4261E120FB	887DBB6DEB64B72F53972C0ADD8DCC75CA71BBE5850C51CE99C100BD3F6DA7E9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\formula\formula-5.svg	SVG Scalable Vector Graphics image	0CCEACB3F1D3FFBC2357DDDD19F9C52F	A45C936BFDB37D830FACF027EE7CA4A958280901	1448303738EBD87D8EE231B170CE6FE6732E463B7D9F01009A51850762AF19CF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\formula\formula-6.svg	SVG Scalable Vector Graphics image	E0C7E6DAA67222A6A0B252CDEF29B12A	3C912F91716A8B2F5F981E86D104760C72BA1ADF	B0A2EB68DD20B3D8CB6E7994302354CBA976D706E89499C4372878666356179F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-1.svg	SVG Scalable Vector Graphics image	B9C64F160E4D595DADE483C1F3D0CD27	F1E9FA68FBA936BFE606DFE876D41A588E110664	C5B23159415A69069855AD45D1A2D7E69F83240CE224E58B274A9C12AB05BC61
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-10.svg	SVG Scalable Vector Graphics image	1F0467BB4101D46C78A03B69CAB5226B	0213988643D3E55BBBC4236373F46266770130EB	FE131F130866F8E68FB5051354DD61B467074C58ABE615B727BCD11F70C5FC7A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-11.svg	SVG Scalable Vector Graphics image	C7CE2F6308483DB1B8E6A9F5B0448FFD	B8763E6B7E735CED63BC20DDD8911FAFE915D2BA	45DFFD09ABBD055CD434FA07F0E126D829FA231B6E4B6AA9013EEB5DB26F35CB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-12.svg	SVG Scalable Vector Graphics image	50CD16113FF5410E70B91374BEB3DD4F	0EE968CA6CEDB99A29F32C0D07A10A687B18EC1E	137F1CF84739D0D37C35D0BB78AB87CE1367D86814C918E28039F8545B78E0DD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-2.svg	SVG Scalable Vector Graphics image	B027F7674B7DD327E92985937842A405	AF4C91B5E1C7080BF5A5C9831C3286232ADD5AD9	ADF8DA5AD29057F5EFF8B184A0433A2613E7CE0F4EDB89C161623EC03D57979C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-3.svg	SVG Scalable Vector Graphics image	D4BA602AB6CDEFAD88E53763495A7575	B8637E2E19496CF88D6723328B719CBC108E473B	FB74DA57B833F8D1967E00472B8BCE756042AC9CE6B7A5470DE23F7C03182DA0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-4.svg	SVG Scalable Vector Graphics image	F2F802734401613A72319DD265018AF9	840C0597BDE3C2574578C7B723D61C968323F3CE	982CB5FC11E8F338C801D5CF9548523D4725BC9630BE2FE7C3B922C93224D138
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-5.svg	SVG Scalable Vector Graphics image	DEAB9F53B1D8D05F20756EDA2C0E2329	30BB5CB547A89005A514C041BD948D80FC5FC9FA	76320777A19852C5B95DD278FF14B947F289D7E254949F09FC5F099B8FE66854
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-6.svg	SVG Scalable Vector Graphics image	DFE6C094FD098BD40C0F4347170789CC	71117EE2C38A0294BD329C665FDA8F36A4738ADF	AEC3539C1B88E8E63A7F618B4F02941C5D791306F6F56E0E9E11745ABAD0F8EB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-7.svg	SVG Scalable Vector Graphics image	B9C259685A70479D6CCEED4F8940ABC4	FC3CDF8F1EA4DEA2874C0E0EED6F28CEBB42C8B5	B3F0B2AD39F5B81FCCCED03C49828A505D577242757D02F42E0066450412E6FD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-8.svg	SVG Scalable Vector Graphics image	79731E61C7AB2882046C25B33B0C242A	D2D2FA959AFF0F87CBC2675418BD676BDF74E611	9D5C5A1172E53A57F1BAA13E31BDECD6E200460AF24E6563395D56D521A2DD89
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\line\line-9.svg	SVG Scalable Vector Graphics image	1A7CB903332C89FDAAB22C946B56CDCC	4CA8C2F0B736274800418A8C224894908849F8CD	A8C23E1ADDDC52486197219A584B0C53476BD6552ADCE2FAF9C7F77EA02224BC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\rectangle\rect-1.svg	SVG Scalable Vector Graphics image	DA689011C25FC10A7DA1C8404CAAE7A5	D52C6A3885E5B8DA37DD4F7BB2D83F7876F9E260	0B9693E72600ABAB0CA4F76585511D1B806E7EF7DA484DF6D1A1FC3DE1D4AEA5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\rectangle\rect-2.svg	SVG Scalable Vector Graphics image	BC6C76914FD2A136DD7C89D86DFEB333	2950BF747198103A021588FB698EB1D3144EDF33	8715A51508C5FB64E527181A7B28EB0D1A81FA2C9CDBF718F8F0B7293B79F63A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\rectangle\rect-3.svg	SVG Scalable Vector Graphics image	9756EE7E8479D618DC2D32F5DC37DEBC	B141F5001445E9B975A784A110B12E9FB99C3D3E	45AABFEB3715DFC291D3957348380F83A3D215A6EA72786EC0B6166A3435A8FF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\rectangle\rect-4.svg	SVG Scalable Vector Graphics image	5A124AEE15A6BA690076BFCBCD0D8385	CE4AFF0C925DA7AE07146C1DF81DF79AB92BBEAE	90E7723D3F19FD3B7F63082DA742727B1CB16F6EC8D71695F9A6A14B758303EA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\rectangle\rect-5.svg	SVG Scalable Vector Graphics image	1BCE59CB5CA9C0EECA556FDA09261E56	EA5663F49FBE2F675ADF2B3FA1477C6B15ABEE18	9AB0B9297D21ED33399FBCE60E64D9272DBBC8B7599A263ECD56E0F24CA57353
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\rectangle\rect-6.svg	SVG Scalable Vector Graphics image	CE16CC1B86BF52B1D11B2B6312A93BB4	5869FE8EC4D1A224E55A980EF1EA19CB601F7CF4	EAB656F8D9211DDDA6FCB2D6DBEBFDBF6849A30612B760F48077BECE3D2965E2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\rectangle\rect-7.svg	SVG Scalable Vector Graphics image	F5F3B369A5533B186BAEF877A983DA21	E122C8D279B34BFC150349B6EBBCF71E5EB9A5AC	6509532144911EE559E6A428AB18D6097F394CE3410A4731BF30397389565E8D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\rectangle\rect-8.svg	SVG Scalable Vector Graphics image	A9B401C73DAFA302E884548677D2239D	B7EEFE9A2C1B3A2DF00A8A20CB06F5BE4F3C7E24	757F98200A30DA8B08E7E0B1E5E5252610B7E2C5BFB3503CBF75C8477F7B74EC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\rectangle\rect-9.svg	SVG Scalable Vector Graphics image	A75FBEF5D5A5212143C07FAC126105B7	4E808DD683816BF002883DB3B8BDE7BF75F43895	CCA05496D6825859954D5A71786D8028EF5A3325690B847D5BC66DA4EC5241F0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-1.svg	SVG Scalable Vector Graphics image	EAC73B41BEF662B4E01778B7EE55C40F	3E8C8ABB24F01F377306E86FEA1ECDEE7B3A5BA6	A2EA3CD17F504940FC3EA1E94EFAB457E99B4B11C56189534F6E9A1D728F4C9B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-10.svg	SVG Scalable Vector Graphics image	EFE6C975B44069C594C5537692CFF2EB	D49CE8EFCEED2DCFC6DF4F478414596D9FDC1E8E	C321716DB86110BEC21F967ECDE7A89A58F5C9C64ACA4AB9BC9E584C8016A1E9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-11.svg	SVG Scalable Vector Graphics image	4940604B169DC68F9D5D422716E3EBF1	4F0AF28F3C4335F564E44B391E604D0D6B4539DF	1B04F83C15C67963008679C5110AF6E7B5C3CD54E8C2099166F1FCE84F986BAE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-12.svg	SVG Scalable Vector Graphics image	D59C816626A60452FBB893798D8E6453	7B2FD280AE16FD6B20C8EE6BBB78DC98CF10FC13	A31DE6D2856E928DE58579D0D6A0B49A49655BB16CA00AC75A1DAD482CBF31A6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-13.svg	SVG Scalable Vector Graphics image	08452280FE23B76E41CDB3934351F20D	690573FF0C6ECFB2C7E2E74434C4167992A126AB	487230B2FA3F6F003189A865DE22AF593435ADD889C698C65912529E00B76B6A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-14.svg	SVG Scalable Vector Graphics image	59CEC0637292351EA3F6591DA4175732	C072A21BC1B571193B35F4D7A4031360AD9776B9	15E6DF8ECF0BF7E70273AA7AD5AF34994B60B28F63834B414CFDD129987B68B1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-15.svg	SVG Scalable Vector Graphics image	2AFA71B5B4EC441921C050B0E4C5C505	1127FA4F58AF8AAFFA0BBAA4D8EA41300AFA5CED	77A6E6259D2DFE02E4E1093C16597C72EB29E68ECBB008DABE32E6E5538E7FB0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-16.svg	SVG Scalable Vector Graphics image	119B0A54616CB3FB6F9A866EA6E368F3	24CCAE2B8B7299B7E854588F7BA3B396011E0B7A	0C00412FBA6BCD2ECE6ADCBEEDF548A962EFFFBEF166A4168C6F7DA2035F0347
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-17.svg	SVG Scalable Vector Graphics image	D1DEDCD723A0A7EB12FAD42DC3F562AA	127920FB76CCB80FBFFE28556B88DCC7B9F247B2	9DEAE1F503ECB8F32D172B0BAED65033B5070828E1FA4BE453948353560E0415
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-18.svg	SVG Scalable Vector Graphics image	E5D3E9CC46C81C84DAD25A8AAF0E4225	FD31F06AC52D6EA20389029008808AC5C0402EEB	9FAE6992EB40AF38AF6DE1A37845890054527DE9E6A82B2C2E8B870FD38AE6F9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-19.svg	SVG Scalable Vector Graphics image	2EB88EB5F6000763F12452AF33CCC0B6	56B7CA5FD9872AB2DD211C440D2247D6FB5B3307	1935FB2D62BF3DA572BC46CA799B3752FDFB1B8ADAA131F8995EDAF87081FC41
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-2.svg	SVG Scalable Vector Graphics image	A57E46D2F0431B5533EB52B12FBA4EE2	674DD0F2145F0F127FAC68F1C4E04C3BBEC163D8	623DE42AB22D22E6C9044887BB73C51BE8AEC6016A735F6508F72AF15162E25A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-20.svg	SVG Scalable Vector Graphics image	84D885CD955D8AE077E182B7AF4CD8DA	314522699F23D45CDCBFB4AC7322F9BED418EFD1	8E5484197CC08D68E01E57B6D1D03C37C3101D7D1E9AC5775C6E63155C207F40
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-3.svg	SVG Scalable Vector Graphics image	A0DD20852674D902D999314B934A0672	7372F49996A562347E8060636E3234AFAFD2BC02	1D31D5B816E58383CCB533EF8C0DF3DC417437A3668CB30C6D201A913EFA85D5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-4.svg	SVG Scalable Vector Graphics image	76D6906960AEA7550EB5462EB5BAFAB2	13241C43D46831ACCEB86A6E227B2DBBC7751332	CC4B9B4F2C039BAB06FCDD179670DC57D1050ACD534EFDEF36CA13D165DE143E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-5.svg	SVG Scalable Vector Graphics image	21CBF789C24A20653069F35342F7B5D3	6AB3116F6EE898FD0169B1D6F265DC76613488C2	BE62B7ED46DCF67AF78A8E061083F9D6728A9B527444FF87303B74021B6C8747
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-6.svg	SVG Scalable Vector Graphics image	FBA83FD3DF33D1B2113D39F6EAC04878	3C7956CE6F633DDB137E28E39DD3049DF90DBC5D	5B3D6B4344825D054EBC9FEC80CADBB8C399F435A4E5E50F8E6EE158D35A4A24
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-7.svg	SVG Scalable Vector Graphics image	C8587D360120BF723438BF4B34D0B84B	70B6445D43224CF0CCD95345831CE4F8F744547C	2B3478C09AFF01DEF02A7F69EA5D530A990D5496B00C49B0BB62DBD1619D56E8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-8.svg	SVG Scalable Vector Graphics image	A85E47F0C93D7C057522693B09171916	C10DDB1803F2D69CD359253946F7EB45F9572A93	5824325EC0FEAF032A8DE3B3137B0657EEBC9B936034CC938BB2E6A14891CD43
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\autoshape\tempRes\starAndflag\sf-9.svg	SVG Scalable Vector Graphics image	C4D29E3AD209D4A7ABF91394CF2014F5	1ECC242C1D8EE315159FC2B45E852721830972CA	615BE5CD486184D0E4A6A4DF3BBB071777CD75FF9B928C2FCBBC70F1066B3F8B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\big blue shading round.gif	GIF image data, version 89a, 40 x 40	E9354094D580F9ACE011DAD8A150FEE8	2EDB63181F75E3E4A1BA5EF25DC2102B879C7B94	916F13CD6DCFEA686BDC89C9F2912CA8D30B839F885212FEA82FD0F51AB80B3D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\big blue shading square.gif	GIF image data, version 89a, 40 x 40	F7E2CC69E2A945DBFF37EAEC9F6005BF	18B51369C628650E2541747FA0F1ECF5C6A3873D	A0EEBFA7F30E9147D07AA96B45515BB71710419551F7E624ADD40129ACAAAA1E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\big green solid circle.gif	GIF image data, version 89a, 40 x 40	50B119B26398D7DEB08975CF38070F5E	E902EC5519E3A08DA331849685A7CEAF919AE4E9	F1C4A76C4F5001A5323BE30B79C423B7F83F8AD2E96840B5305CD2D7DC87F37B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\big green solid square.gif	GIF image data, version 89a, 40 x 40	105FB75F3D3B468153C6463505CB069A	B9FDC5402FC3278B85896EBC8044DD68A9D80D6C	AD11B96A88821097400A3B35F5FB853429D3691661FEFE20A0A9CDE5C1C3A28B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\big green square.gif	GIF image data, version 89a, 40 x 40	8F74747A1370E4623BEF65A06F6585CC	BFF7E0C54725452E5CF4B8EDE4C5CD6309528991	DD4DB517B0BA944AD86A0F99AD6F0FAC0CF6B5D776600056FE800490012451B8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\big red shading circles.gif	GIF image data, version 89a, 40 x 40	5CD9BDFB8215A187566D7445E11E0A1E	C73ADC31E3E9AEB5F92F06454F0CDA04ECEC5017	5029D6A9ED9245FE94AE7E50766525BBAD811CED0DA619AE8F1778E2280D5B02
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\big yellow solid square.gif	GIF image data, version 89a, 40 x 40	F6690B011721188746E18D132C003B97	9D51B75BEE712DEFC525DCE969D328B0D008EBE6	63A9A57B35166B252DD5FF9305624C526729B9E723E76695E46518CEADFECE12
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\black and white texure square.gif	GIF image data, version 89a, 40 x 40	8D023C70D46690C5EE72E749875BD38E	B697D628ABF4F9DFCE8BC414EB96F06B47358935	00507013AB91D9EDDB6927E5A7228A2316507AA592986EB2512F8329C96C71E0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\black echinus.gif	GIF image data, version 89a, 40 x 40	342FFAE9402D70DDBC048767C15C7831	2F99B1D5790FE78C798939A23B4C91E89700E565	70CE12F7E8FFC85852127A6B963A6E1462003B6EC14B86C3A2BC0A7CF76B8BDC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\black gapped pie.gif	GIF image data, version 89a, 40 x 40	92593076C258461E80181736735E3D1F	632B20F8DDB7BB3D64DC85DE9A6F121AEEDCC897	43AA3032272CAB0E844B33C1541CC894A8C389C8D8CAEA7DB6857091D3286BB9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\blob.gif	GIF image data, version 89a, 40 x 40	465C9E6626ECD2D1D580490ED7EDCF86	C47E2DAD65372E7CFDF5FF3F8412C78B9B77566A	432A0EED2980F6590ADBCDD846826A72934FA3029BC5D85A47F26549ED08D0AA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\blue annulus with square hole.gif	GIF image data, version 89a, 40 x 40	B0A14E9283F462CE59E2FAC3E56E8E1B	BAB26A5EF542079F267DD248EB8EF545E13B8920	22D4437FC33AAB195EB122ED8EDE56BDD83624D7140C0F6A5971FF78CF4049F5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\blue arrow.gif	GIF image data, version 89a, 40 x 40	8313DAF7948EA53D01C6BE3646004B51	A08F255533C4CD2F2751E9BBDE26F21E153CF28C	0817CA3F6921FCB1D8F3E5BABD4107A750A8F49C5170F48DC1517AB79E4CA263
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\blue diamond.gif	GIF image data, version 89a, 40 x 40	AA5D4D71DA44A0DFE87B4B439043D74B	5E5BD5BFFA5C729BD07A17D4C2365F7C418F5EF7	283E528CD1C250ED9F3C085064A410D34A9FF68F715A5E978F739171C1B0E1A2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\blue donut.gif	GIF image data, version 89a, 40 x 40	581199AE3509440E8BC62704F320A507	3442978789239C4905E058C67D7EBB89F594AC52	5179D79B6F9E900F0A80A452140AB82762C9399F422864D81B5D53D3FECEB85D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\blue flower.gif	GIF image data, version 89a, 40 x 40	305B63106A184E4CACAC923EDBD907C2	4A3EB6268FCE76C7746DB7D6A97EC318207FBA4B	3300F6E6FE0A01D57BF8BF3F4030BE5D08E64F47B9FB4496B27853D889D7A661
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\blue horizontal-striped round.gif	GIF image data, version 89a, 40 x 40	21C9BF8AE6E8DB1FB02DD9C13026C4ED	0742CF480141571AFF6CFAC7A6DCD02A67575C4F	12963BA4D7DEC7051C816B27E843ECBF16126FE197883823234203F6B79500EF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\blue horizontal-striped square.gif	GIF image data, version 89a, 40 x 40	0D620CB34E7D83BE0C19E848502B5633	E0FBDEAA07A592FC13E1A015BF7430B48722DD36	CFDC59055C5694A41B9B99BF959B33D4E70372EC7E21F75685B1D48CA91F67D5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\blue solid donut.gif	GIF image data, version 89a, 40 x 40	3E58DC48C8391CAC609276F733A32B5B	DD26BF113DCF918EE0F0D796791D53C293E07AA4	7AEE09B2D7D807A0D84440FDF266DAB84FDA68933647694B9B923B9337D1F71A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\blue square.gif	GIF image data, version 89a, 40 x 40	F7B3EEC401E4099CDD4090E9FF52A328	BB2A0D8D0D48DD8EC2FB109E8B850DB142184242	3C5A3C89EF61F17C84A3AFD8951B26E54243B560001DEF0A45CF5C0034AA9F59
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\brown square.gif	GIF image data, version 89a, 40 x 40	92F48D6119A74CB715353D224375F4F9	83FF196E815183F86512A8FC3D8E4CC9377B2F56	32798A79DD9295681E00BCF4B877DC5541A14F9EAD38F45EC405AD3A02E4F222
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\check with check box.gif	GIF image data, version 89a, 40 x 40	830E5B4512A1E251F0862AFABA6657AC	DF585C7A31E0E00A03C73565D2D205B473AFE661	82A21ED849F5349AD387034AA22A63869271E6158480D75344B4C0CF4C3DA84B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\circle with shade inside.gif	GIF image data, version 89a, 40 x 40	3DB5E4B51185F354AEC19797CC39623F	F7ADD223C622EFB74D539878954288D48273FDD8	FA66B7362C6B65C8FFA051F141EE88DB4AD8CD9F1F674A5A70FAA50EC63CF58D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\cross-focused round.gif	GIF image data, version 89a, 40 x 40	24D2CF3FA09436022D4AA687E778C37B	749CCE22393E1B7BD739FAF9EDD7A6612D80D603	6BCEB1F6C3225A0D52D55B84479DD25FE2625962D8E0E806DBB39B622147E830
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\diamond cross.gif	GIF image data, version 89a, 40 x 40	E1AC34B2DCA9312BFC915E5724E25C7A	72783821B401810FD9F908C5E71DC74536FE4259	BF21329B8943FC5428C2867FC3466B876CE7A1902F17693D2194CF8EBDFCCCB3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\double blue square.gif	GIF image data, version 89a, 40 x 40	86C4EFE7C18ACA8A7B888BC78CD9C8DE	6A2FD6D58212A0E49DD2C2F1373AB2101A091271	F3BD3DCD247DB79D4A04BA20556BDA563177DB24B3304757AFFFDA0FA1B74A94
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\double orange square.gif	GIF image data, version 89a, 40 x 40	4A603E3A72DB3D6BA24BD921080FE0A1	EA237801A905E071373FF9F39E788CF9E9DB99A9	9DDD6FB0496673D0940ABFD019D04A6D85EBE018B7BFC03B58B7A31EF10DDEC8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\grass green texture diamond.gif	GIF image data, version 89a, 40 x 40	B4BC23E4251851AAF0AEF4C922550136	D8C7A69E349D79CA68CE96AF75515472B26F25A6	427A79427896E26FD0DCAB2894A3C13F461A7068A87AFFA03C488717EE8A358F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\grass green texture square.gif	GIF image data, version 89a, 40 x 40	55CF55DBD15E0654855A923942D83D5B	A9808C8967E4F0BD2000B80035388A2D547780AC	74F251D269C84EB059349365AA5392BBF13A3299D903F221F2DCA5AAB79F31D8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\gray diagonal ball.gif	GIF image data, version 89a, 40 x 40	EC9A5DCE3D3FD91F741883EFEFCD77ED	615374E7CFB99CDBC3EE15287C9954FFC4452475	D6FA7689E21826AABBF3EDB0E4F415661AF703302C6F103410E8CE25DFF1BD73
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\gray solid round.gif	GIF image data, version 89a, 40 x 40	1FC34B619E38B92B4BD25B8DE9D582C9	FB8A63DAD5C0B5D2A8F5B0EBF156A2EB93F708D9	F17CF765ADAFEEA542F1F4C68C6176B461DEB508A7D31E7D2100259CA494FFF0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\green annulus with square hole.gif	GIF image data, version 89a, 40 x 40	EBB1AE93CE729FBC5B9F9414F6BA69B7	B3086DD46AA573C7128FBBCBF917CC34D63B13BE	5C421B620AD7AF3EBF4FD265F7F43AE6F8278ACFD03A1B38E5F6DCEAF0B8F695
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\green diamond texture.gif	GIF image data, version 89a, 40 x 40	FABA52AAA5464989EBD3CC5E5B65A5DF	9C306EC84F017C82D139FA7417785EA6BFCFC95D	64B01179521EBEC92E0E57E5DC84932A2C7D2FA325304461231FF861455C29A7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\green solid round.gif	GIF image data, version 89a, 40 x 40	AF57F8894453CD4EBA64EFE86AA9A958	F8B1A19A98E3FDA941368F927311059D5C9EF18A	D566F910FA9F8B262E6782A37C4D90A54994A72B4C55953642EAC781C590BAE2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\orange diagonal ball.gif	GIF image data, version 89a, 40 x 40	E1ACE108E6D36C14849FB94A5C2E202C	738F9412B89D1C648D54499AC9DBCEF348D45D04	F6EB6CC5DF994ABAE65C6464F7F02DB6470AF5EB37F00F1174DAE10CE0C5A2C2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\orange diamond.gif	GIF image data, version 89a, 40 x 40	896E3420565833E02D9FD58D0201E1F0	B42E66E913C3AA3EFBB94DC125C7914698436D0D	92FF05E0D883FBAD2C34C115E32202600CCB3365C8E1AA41BD145F1290F011B5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\orange snowflake.gif	GIF image data, version 89a, 40 x 40	235B60BD76DCD9A1EC97BC9EDFDC7CD7	7E82A6A718AA49B7C51CEF5700E58391462E22BC	1A165BD838012BA2FA6EB61830594B2DDC21FF764F3620B3A010B0A47B532A10
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\orange special texture square.gif	GIF image data, version 89a, 40 x 40	4BD2AF423C18396A0FE39EABF8A3083A	F08F558E171D704A86A3D2076928B0793FC8A04C	F8DA12494DE0A5F227464A272636548CA2A531A3AE3CC7CBF95C417C70819375
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\pink shading square.gif	GIF image data, version 89a, 40 x 40	8CC765666BEFEF88EB4C266BC58B1E66	50881622A7766566B3991FCABC1D51482F679416	72AD9F45C2BBBD58CC6B486AFF80ACEA935F34313FA147D6CDE4C4E47C2E4084
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\purple snowflake.gif	GIF image data, version 89a, 40 x 40	BC6589AD22EE185C8891EE5E2F611018	52823C9DBE7ECA8719A71F7CEEFF744EECA40DB2	629D784D237A5EA2C89889FFA4A9B84609E4C073776F10BCCA843712D5F14A42
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\red arrow.gif	GIF image data, version 89a, 40 x 40	8E1352A6142D08492DC3EDC1D088B937	9B68F295A9FF6F8AB15A9D826BC513BC73E011DD	79D4D8E4675FE4E8A27046E78A2D83858C060E8C70A36688D74AB29B7F7B2205
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\red echinus.gif	GIF image data, version 89a, 40 x 40	F45CDB1C415F2D5A36D2035321798BB3	591CD0B4B52D38BD911CF66EAE1AD7073B5E573A	84F69E37FEC0F8DB1B1CEA7BDEB5CF2DB002CB037D3B1FFB3B974FDBD3A80263
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\red flower.gif	GIF image data, version 89a, 40 x 40	5110E624C660096E958AB91C2482B203	479E6D8C555A8596F91F4E8B66912351A956D639	9C1C32B9454E7ACC66FA302FA51B8F421A706324EBBE3E73465189AF42D9A87B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\red round.gif	GIF image data, version 89a, 40 x 40	148F573CA856F6DDA99C59251AA9D781	11D7F2E6CBC3740CDC4369E2D075B67B59AD0B26	15F350B5CC512D0DB8A1839104FBA471342A127403CE17F72F4C1FE4FD40C08F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\red sunken round.gif	GIF image data, version 89a, 40 x 40	2C39B6EB344522E609ED8249AAE3F6C3	3DC6F81305141900ED6814E1E263B36CAC4153B5	46C8EE3592B3C43E734E362839B21FA8BC12DD0C1E518EBC59058E6ECA301742
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\small blue circles.gif	GIF image data, version 89a, 40 x 40	8B09DBF0E24A6210E3BA8876354766B0	1A396C151E7A489CAD26C8CD903CD01CBA4A5ADC	D846EF9796D089D7666A5AE064D84727FC9C7794D8CE7D2A4E4F50323588AEDC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\small blue shading round.gif	GIF image data, version 89a, 40 x 40	B07D225C5EF961A5D2556CDF2605F04E	33ED2D56F29C26ACACE81FD1F985E9B35571D0AE	159AB7B416FB7C7F55A725FA29073309986F38D2FE9D4DF5285A21A8A05EA1D0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\small blue shading square.gif	GIF image data, version 89a, 40 x 40	47BDFB221F4D0A07646838A50CD23A82	05EB1315A244BD778F548F945C157F036287EFCE	DCC7DCD558757BC9163892D50A79C37421BC82645CEB7D14143E299C6D3FA154
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\small blue solid square.gif	GIF image data, version 89a, 40 x 40	CE36E37A281E798B762C49E675385758	E9531C5742455B51FD861975559B494D9F109E97	C3EFDCFED7FD90F34E84D42592DC707AB9C6BD4A8E5DFF4153C1A2B970A77B75
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\small gray donut.gif	GIF image data, version 89a, 40 x 40	C8AB24B964B77136877EDDF5C2671153	A4C7BC81983B45403ADB0A17FDB39641CF478161	093FFE8F1CAC986EC33EB443C366940DDD987AC908030A71EF4B467CD98D7C69
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\small orange circles.gif	GIF image data, version 89a, 40 x 40	2BB372E3D5EF9F67B886485E5F87E96C	EA5C66F63611607CEF50D194C660B1600C0FB335	2C35CD1DF48E471FF35CBE0F55DB6A02EF96BC644290938EDD3511E1C6090DC7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\small purple solid round.gif	GIF image data, version 89a, 40 x 40	885F202E01025603E39B6DF7FA5C8D52	1822866FCCA42A24D08190704BF158EF346FA2AA	24276CD4C9B97BE5EB86C821009A0D4D3DE3A78CDD65CC66D8D9782F63A4EDED
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\small yellow square.gif	GIF image data, version 89a, 40 x 40	2BAB59CF8BCBA190E9EAAD1E2E399E65	9F23CDBBBC2E29A60DA9DCDB61BC17B93B4552AA	6C308A28C47DA8E395B6FF5A804404F2F9260B15F94E4E1843260BAE652D8C1C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\square with blue hollow circles.gif	GIF image data, version 89a, 40 x 40	C636ED9181D2F32289E6EA1DA6D52EAE	6C79D08F69408AC2504B448E63F7A012CA13C46A	F6C13B798A80334746DDDCC0F3FCDA4B19BA5D586ECEC6AB2E9D3D73CDE6BB31
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\yellow check.gif	GIF image data, version 89a, 40 x 40	99DF6297642260D8947DA3F21303C0EC	9EDD5D63FBBC8928887B5A523668A63CC64A982C	9BA24D0E27D4E9FF15BDF88F963874D731982691F7A908BF19D8BDCA36018AC4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\yellow donut.gif	GIF image data, version 89a, 40 x 40	B844B0FB008172278DF6CF1F105DBE73	EBE86AA34B9EFDE846E8D7984F866AB4874C1B1F	23A0ACA8DB64F56EBB3465FB1AEE3BDAC8524318F1AAF71CF7D977D213FB167F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\yellow hollow texture triangle.gif	GIF image data, version 89a, 40 x 40	F81CABE3A8F7D49980454E7A45A7CCE5	63048AA0830D4FF2B3ACAEFD751D434A218210E7	42B958A35DD9B7E2FDBAE6D881477ECC87A82872BB41B7A72CA62A2FBB81F1ED
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\yellow solid arrow.gif	GIF image data, version 89a, 40 x 40	81DA6153BF5CF2566266BAE0E1AA88A1	BDC64D786BFF0C53076304C16C9AFB75027D1B65	FACC02B840B7EB98C9DF883DBBFED7B9DF840179DF640F327415C8B5BB295C96
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\yellow solid donut.gif	GIF image data, version 89a, 40 x 40	8D17CE80300EBA9C353A15CC462B8400	DE6ED952D05AD4A7995FB291CA4D366B206C091F	89FF9B8FF32A5F7688EEB31885116B6405ED9416686481A62536E489C373A998
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\bullets\yellow sunken round.gif	GIF image data, version 89a, 40 x 40	F7A74A4E97D8A58A8DD9F3561588A0A3	E94781458A1F9A47435A30CCF4C6CC298CCCAA35	7F19A40F56280A01EE4355F077ED9FA8B967F377BC6B6B1489C3DED2D0C77EED
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\cloudref\audiopreview.mp3	Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo	39407A8A27B7B95390EB865D32A7AAAB	9DCD075A29175A73EF9540C05F2C41277882CBE9	EE1CAB34DAFE59AA573BAE61F457D7AAC6CE8EBA706CAAEE0D2360761F7C7AB7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\cloudref\videopreview.mp4	ISO Media, MP4 v2 [ISO 14496-14]	5957408F29403485282CEEA68C3820E6	C88805BD255FBF19D88388471D75D97DB684082C	6707AAFA3FDF1039784EC2E90BDD80F88B765B9DF72ED5DD32F8E51921A84280
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\dialog\filedialog\css\app.css	ASCII text, with very long lines (35781), with no line terminators	EFDB1ADF64108A1EFC9A08132F5FDAE2	A996621CF619BCD514CEA23A2B8E0C9F01E22447	51D6FB044785AD8D2A3AF0F337BB43BA15181676D3C815CE339B4ACBD44F8253
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\dialog\filedialog\img\loading.gif	GIF image data, version 89a, 80 x 88	81BCAC718D614542228E83820BE814B6	08374E0C8083099103C89DA62276890347D61BAD	8D4C24551928704B8A1B68981FC8F71DBCC72DA95C4303F9A9B579624BEA6EA6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\dialog\filedialog\img\search.svg	SVG Scalable Vector Graphics image	C90B950029BA7A83748774F59D1F171C	C0542C0A32D2AB5D531EC2B486E3EA223E392ECF	288D7DD9E4183B7747C488695A0611C17E336A1ECF734C003DEC8E896FCB9BD0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\dialog\newuserguide\static\css\app.css	ASCII text, with very long lines (27399), with no line terminators	1C09B4E483AF5CFE7BF6C4EFA49E8F2F	512E0B53F4EA16BE183DF7F61CA1A798BC3F25A7	2AB30676BF3D2AC3B14BC3DCF8183D3D2EAA38039B4A7AC87D3F4E1E8D6B1EBC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\dialog\newuserguide\static\img\drive.gif	GIF image data, version 89a, 800 x 364	6E450156A80AAA3AD278EA56853E4B6C	2A9C6FB869791BA78A9862862390C0DB9BF14397	2A9D227FB09D4557352DE2AA8839EFCDBDD18469557750804E2E8727010CA95F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\dialog\newuserguide\static\img\merge.gif	GIF image data, version 89a, 800 x 364	FE500D209CBB107CA04DFD8F491CD8A3	A0783BCF59C1916B74E177A9D670BEB249EDC28B	15664431E3C0CED34E4E62A19FB7E2650F12AE556A2218096303D4700705A9DA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\dialog\newuserguide\static\img\multi.gif	GIF image data, version 89a, 800 x 364	BB7EB03BF4FF69002D64456EDCE11605	6766F056A7E3BD5FA7E9B614103C99D4426704BB	D13A5B8FB1DF186A0B1C6D4D437EA10029F304B9168A579673EDED5DA783E3B0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\dialog\newuserguide\static\img\pdf.gif	GIF image data, version 89a, 800 x 364	BE8CEAD050106E98DC14C1ABD012728C	43C637FA45073386C5A5357EA5D24A046DA032FB	1841A94D6EEAE45C3D320B0789C0D2002CA1E41AEC554D380D74A027F5021880
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\dialog\newuserguide\static\img\skin.gif	GIF image data, version 89a, 800 x 400	A10B0A97F40EDE0FDFB233ACB6947D1C	CDC7D493EE8499225CC2D672AE8CE8402AC3854C	263FCEDDB1DFDFD2961C6F26B430108B2A504F195DC39C446FBB6D4EDD242018
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\dialog\newuserguide\static\img\welcome.gif	GIF image data, version 89a, 460 x 276	EF55EF6AE50389983216567C5BF51CE4	3D7A30A7AA3CCE549AC4BF2A15F5CEBDD8EED8D8	9BACF73B9D848A14792DED4D429248A13AD0C7D3F67FDF80C3A25C98C05FFE03
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\documents\WPS Docs Quick Start Guide.docx	Microsoft Word 2007+	76889FEB35682AE87FA8C7D348C73D45	D0BE5BEF285EB4766C63113DDD9137FC9A10355D	8E9054B01459A422B4BA0AC2436CB0C878CF584DAB83E911F128A6231389ACE1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\documents\WPS PDF Quick Start Guide.pdf	PDF document, version 1.7, 9 pages (zip deflate encoded)	C9D26278011584282CE019AC3B2D8F90	E6CE56F950CA002AC83D5106CF65AB0C2A1DD547	D505E9C1D7C656DD5154744DD49F2CA0961A339B918B6CD9DC0BA2D4C3ABAF5D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\filedialog\loadingall.gif	GIF image data, version 89a, 72 x 60	CDE1FEDD0669DF6AEB2E684DC7E0C445	AB8942B79A29BCC4633E8CF89350AD877E94F3AE	8ACB0D2C0AC36025B28764C86B8577742E176B3569D2AD00E57A412D045941E4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\filedialog\loadingfail.gif	GIF image data, version 89a, 72 x 60	88B47AD9383BD215DB14B12DA2F046B2	412BC62314F785BADCDA8A83FDAE9E6CC36BEDC7	9DD2B858E1BA27A95D39E98CAA788D28225CE8FC9424FB2679741B2816C71DB3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\ksee\Equation Editor.chm	MS Windows HtmlHelp Data	4C02167B771C24103EE81022DF43CCB9	A3171F9A9E832CE3BCAD1246DC6A0C199691886F	2C62F014718706B0546E07FB71D6DD8A22E1D022D93633628B155C3F698CE4DE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\ksee\Fonts\TrueType\mtextra.ttf	TrueType Font data, 16 tables, 1st "LTSH", 26 names, Macintosh, Copyright (c) Design Science, Inc, 1999-2001.MT ExtraRegularDesign Science: MT Extra: 4.3Version	FE5C714162BF1B9C936B2BC5E66DA03E	15A623D87DCAF61476A6B7B89DFBD30EEF712FC6	E117624AACDF36DADBFDFAA6CE0B67E697C8D0FAD927C554042404027F25415E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\ksee\ee3.dsc	data	49857F0C2EB29C389385B101934086FB	1898EAF7379F8EECD33E61495E4A5BB19853DE63	43AAA62B9A750996D59423349F37F5FA35E4F9C2A68D1D4B001B4195A00296FC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\watermark\images\user_defined\addwatermark_buildin_wps.png	PNG image data, 102 x 134, 8-bit/color RGBA, non-interlaced	378508D5FC93E80E95FED180E8F3E606	E603B868A6E3E1B64C67D0DA465B49B9FAA1B8BD	0D1E83E04BE4CD1815BE7E1A1C315E35150627150DDFA0CDFEBD07EFF544CBF0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\watermark\information\preinstall\ORIGINAL.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Create Time/Date: Wed Aug 15 12:10:12 2012, Last Saved Time/Date: Wed Aug 15 12:10:12 2012, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	A58A0F8A7CB565F20A9A5428A62BB197	7A3009E15DCB947CE298574561B4AE542F2D4A69	877B80AEEC3CAEDD83CAF15533A59C559A960A42ABAF2F706D0A869832DED3F2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\watermark\information\preinstall\SAMPLE.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Create Time/Date: Wed Aug 15 12:09:38 2012, Last Saved Time/Date: Wed Aug 15 12:09:38 2012, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	6CF1B437A9BF4B761C87114CB48DC5BE	68D9D9F23C5880D3825635B1E6366D904821E462	70A45A138073CF7024FC228B8A8A9C7544743998E106E4A36D5B698F099DDEA5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\watermark\information\preinstall\TOP SECRET.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Create Time/Date: Wed Aug 15 12:09:16 2012, Last Saved Time/Date: Wed Aug 15 12:09:16 2012, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	9336843C40EA2D1814BF35160A26FC9B	412856CE4BBB6034FB48AD184FE90C6260EDB142	066039EC93FBA2F33F600E2E22D9CB16FC72215EB68B3A3C35D5DE05F933572B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\resource\watermark\information\preinstall\URGENT.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Create Time/Date: Wed Aug 15 12:08:19 2012, Last Saved Time/Date: Wed Aug 15 12:08:19 2012, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	74116E358D2D0F99799BC122B6EC6A5B	2961FB2FF963C68165082296168907DC07A68DB0	C6E51381C2FBB3B990CF916C6A069F8092B10A3897B70AC5B8A949996829299B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\Normal.dotm	Zip archive data, at least v2.0 to extract, compression method=store	C1860928236FDBD6F59B880939CCA19A	D1FC23A5AA283B58F9EC9EDDCD98364CBE0C22B4	4FF49D830596F9D1FDF35F3B2CD1512159D1C3F4FE480D2A91D8631519366398
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\builtin.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	FAC913DFD193143767A67049FE74A65E	56DB8B97CCEB1B027963AB66B685D25C9A98BD11	A63F2C5CB63198A47009D0780046D0BC4E357DBAF2912789D53D5D5830ABBF05
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\default.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Author: kings, Create Time/Date: Fri Nov 15 06:11:31 2013, Last Saved Time/Date: Fri Nov 15 06:11:56 2013, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	F10A90C71DCC798E2ADA4585FC0C55B5	C4CCDD434B996FB54A099C180BD70E4C4DE3EE0B	845DF3733F11338185FBD68DF419C4C9180172073BC14055E5EF698DAE5A6128
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\mergefield.csv	CSV text	77F82AADD69B9D14ED7961840DDC3C8F	5E4FB0B83D2BBE278464C586EAB2D36D098AAED1	C31D600C0E7C052E75F21444AB2088A64F397EFB38441FF2A84CD4CFE61A77A6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\newchart.et	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Last Saved By: Windows User, Name of Creating Application: WPS Office, Create Time/Date: Wed Aug 26 09:13:28 2015, Last Saved Time/Date: Wed Aug 26 09:13:47 2015, Security: 0	F62C45472647C1664B5F147C393538E5	CEC9603FADEE28BF6920FFE4B43E4C845CB9B0FB	CC24D79D73397B05AE37EB18EC56409C0AC071EF026E677166C79A9D88665CF5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\newfile.dps	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Name of Creating Application: WPS Of	75EB456EB256ADC1C81B1DF2BC2E34CE	9FFC7F3BECAC1EAC9692A5A92CE35B00EF796882	D2C28C9CEB7E5D045B2EA7258E26A80AEDE13535F6D971B1E031952963514DD3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\newfile.et	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 1033, Name of Creating Application: WPS Of	B20CB3E95FC78B2EA166D8FAB29FE047	EFFA13C6FAF7D18AA7BE0C44521E15FBB8045692	5F34A68AB8061BE391836530BE7A9B13436B404ACD90AA3D8320AA7CCA4E3AC6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\newfile.wps	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	24C0BC609BCF6464E79C6234D22821CF	FF20C5FCB10953A37D4F85818E6C082572EA954B	CFB12A001D6CE93482D079AE480EFC515690F98937D7C3BF0E1DB22325853E89
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\pdf_printtemplate_thumbnail\0.png	PNG image data, 106 x 150, 8-bit/color RGB, non-interlaced	FCEC8EA41B060B0AF99E9631898F016C	D36B73EB8C117252A3900D4307C2F9ABC7D9911A	1F2E203D39197A9F7605CAA378347E4A9BD3F2BAC4086DF91F728FFED53CC8E8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\pdf_printtemplate_thumbnail\1.png	PNG image data, 106 x 150, 8-bit/color RGB, non-interlaced	0781F52557528225B25E64EA9A096826	43098BC758416F60953EE0AE87054246BD0860FE	4661D75ED45A899BE11FE0E49E3A105A45C9E8273F0B7C9864504689608FCB84
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\pdf_printtemplate_thumbnail\2.png	PNG image data, 106 x 150, 8-bit/color RGB, non-interlaced	1C13BCDC915E80012AD5B91E87CC2400	BB87C2A826B4765770162853AA8AE52826D21F89	65DECB3FFC0DD2981C4922DABA1D29144BE720CECE3C76409AAFF8218BA10A72
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\pdf_printtemplate_thumbnail\3.png	PNG image data, 106 x 150, 8-bit/color RGB, non-interlaced	1510A044AF6288D7C25D4EB23CC56FFC	3066819B058585FAD224022EA0DB874866982DFF	811449270014DF9C374EC4B4E78E3F01734CEFA750562BC2EE933AED0EBE0047
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\pdf_printtemplate_thumbnail\4.png	PNG image data, 106 x 150, 8-bit/color RGB, non-interlaced	B2A4987194478E864AA265FE0913FCBD	6421E81244415367CD67A623833027FCBC9AA286	3FE7DA7A0F26F0A9CEEED4A6FD55A041BEEAD6CA268A67B0876125C1C5208F31
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\pdf_printtemplate_thumbnail\5.png	PNG image data, 106 x 150, 8-bit/color RGB, non-interlaced	90A492281490B6C30BC94B367092BC46	5AB1DF5DE9E9DC928146481678435BAA0DE88CA7	864016D63750A291A0531FA8FCD12E4F700D52A7F9FE5D09F322404E7927BF35
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\presentationdesigns\Art_mountaineering.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 936, Title: WPS Presentation, Revision Number: 1, Total Editing Time: Sat Dec 30 00:00:09 1899, Last Printed: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Oct 28 12:13:37 2011, Last Saved Time/Date: Tue Dec 1 14:28:04 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	ACA996E3C2AE88D94087D0BCF2F0CC82	5AB58E0107F6B9367B24551530E2D4A1C238D8FA	44A73B75A510A9563E15FF5FB7880CD3747394A9EF200BA6AAA051EFA51E1D3E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\presentationdesigns\Blue Waves.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 936, Title: WPS Presentation, Revision Number: 1, Total Editing Time: Sat Dec 30 00:00:06 1899, Last Printed: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Oct 28 12:13:38 2011, Last Saved Time/Date: Tue Dec 1 14:28:28 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	A6E08E23DBE7AE19482DE53FD78D5ED6	924E64E5CEDFC5149EA6FF8317CCD0323BB43EBA	649E8D29670CD3FF6C7C912AEB35E132E10C4787FAE396A177FDDA14B20E2B34
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\presentationdesigns\Business Cooperate.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 936, Title: WPS Presentation, Revision Number: 1, Total Editing Time: Sat Dec 30 00:00:20 1899, Last Printed: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Oct 28 12:18:35 2011, Last Saved Time/Date: Tue Dec 1 14:28:53 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	553DCFA7614ED64C68F31C684D2874F3	F8DD79826C90B3CC958A8AC784D56B1A969BAF29	E799A779C47DAB3BB0F827FEEC6CD33548D3E9B2804C8F6D93785CB5243CB0E3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\presentationdesigns\Communications and Dialogues.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 936, Title: WPS Presentation, Revision Number: 1, Total Editing Time: Sat Dec 30 00:00:14 1899, Last Printed: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Oct 28 12:21:56 2011, Last Saved Time/Date: Tue Dec 1 14:29:09 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	8484730AB41E9D06F9999D9FA497BF75	69AC974CDDE8E4696EA8A775A1F36F147FBE6A3F	7A5903B33AD9641E5CBF97264D5FD9158C52C37DE01020FE5E3C5518EB20DDA6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\presentationdesigns\Data Pie Charts.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 936, Title: WPS Presentation, Revision Number: 1, Total Editing Time: Sat Dec 30 00:00:07 1899, Last Printed: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Oct 28 12:21:57 2011, Last Saved Time/Date: Tue Dec 1 14:29:20 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	49627436564E6C275A18B9F8199FBA57	38B598FB1185F0FA0210545FF4140492CA445447	02EBFAE1D84F616CC18D1534FCE502B113D114538C26D04084D628F843B666A3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\presentationdesigns\Gear Drives.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 936, Title: WPS Presentation, Revision Number: 1, Total Editing Time: Sat Dec 30 00:00:06 1899, Last Printed: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Oct 28 12:25:23 2011, Last Saved Time/Date: Tue Dec 1 14:29:29 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	18554B113A96EA3C689D4A68C226EEFB	157A6A4B3F9ABBB88B38BEA130E8704FB03D4FAC	5F16B2F5A53ABC52F6348A4AC0F8272DB44049A86EC53D1ECC99E683B6530AEF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\presentationdesigns\Green Color.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 936, Title: WPS Presentation, Revision Number: 1, Total Editing Time: Sat Dec 30 00:00:08 1899, Last Printed: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Oct 28 12:25:23 2011, Last Saved Time/Date: Tue Dec 1 14:29:40 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	560B5B3E2ED53E87866E853267A28ACF	3C404D92FF313AAC32FBDA5BF8007D7F01B79297	221B8AFAA317C722074C5223389882174AB7E60C6A93AC27D90F6AB9DC4553F2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\presentationdesigns\Orange Waves.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 936, Title: WPS Presentation, Revision Number: 1, Total Editing Time: Sat Dec 30 00:00:07 1899, Last Printed: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Oct 28 12:28:56 2011, Last Saved Time/Date: Tue Dec 1 14:29:49 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	6330B74EC4E0F7508A9307AA850A0755	D880BB0E40D533C3EE9DCECDBFFA0B6D17114916	60BBE1108B68263A2EBE60E1DC2537D088D7982881D6FAAB2CD2B6A7C5BE4EAE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\default\templates\printTemplate.pdf	PDF document, version 1.5, 6 pages	0933F911CD840CE826394C90A56942FB	C480007FB53DB255C7134E37A06A0964DC91478E	3175A2C83F8F2195D68CB2BA17F090E61AA24A522EC76158A3578B2831926178
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en\config\replace_as_you_type.cfg	Unicode text, UTF-8 text, with CRLF line terminators	6B676F3E46C6F05D93F5C0130E13A8EB	564C6723D038B21F78EE4A7ED9D745369AED63B5	B96CCA1B657E9805A49B153E2494C82DE4A2565D1B3334CC7632D52192101828
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en\lang.conf	ASCII text	A5EA64503A7D5644ECB004E51D628B93	A7489D98327FF33D7A6A1346C986E692E835AC45	6F88990F089B750AC283D6AE5896C6EAFF8097E39899A6B195993AD8E9B40356
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_GB\config\replace_as_you_type.cfg	ASCII text, with CRLF line terminators	5E5CAC3B0CB85BE5196AA14773F9E59E	BB48C1099537F7B2317CD699DE4D89D7EE5F3048	415AF612A3E93679761A0D8ECDC51B81D7C2B912DD4172CED629141E495E7C7F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_GB\lang.conf	ASCII text, with CRLF line terminators	F460C49823821E3DC29E22CFD6429711	5214AAB85320FD1982EB9A34436CE5F5A52B64EF	9A17F2613A186525331C5385338277425B0E6A345C770BD7D5517DC12194BC2F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\config\numberformat.cfg	ASCII text, with CRLF line terminators	B917D00D442D50A244BF66C75F66BA35	102F6FB257A247840A5C930FA81B71AD656C4F6A	7A14AD8B440F29AC5BEDF1957C3DBDF033B91E3520011EF7A1FBDC6827D419C4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\config\replace_as_you_type.cfg	ASCII text, with CRLF line terminators	57B391028A64C5DFB0AD1F8A9227B254	4C2F5D89C2CCA85442903F31C687ECB205735FAC	00451A986862F4ED76C5D835AB7DA3BFB6A1468AB49E95AFE6B2D33C5B345EB4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\config\wpsfieldnumber.cfg	JSON data	7215CAD7132F83B0584F68F23C8EF9FC	85FCF2DF2A80C0A5F620AC613BD08109CCCFAF11	6AA058014FA3DCAECF193C53D1A862BB7FFE15C7818EE21749D392D8748ED6B4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\lang.conf	Unicode text, UTF-8 text, with CRLF line terminators	667AADBC9C9BC9881EF779A40D27A4F5	29E8053A0D20D8A303E5BE215C35F7721F68B270	9AAA187F77CDB4C5FD704DECAA8367DD4321F26AC60278FBBDC1EFE06AEE9FC8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\resource\help\common.chm	MS Windows HtmlHelp Data	D78551DEDD18DB7E158DAF775EFBFBBD	086A39CDD6660CDFAEFB09B3DB5CA6B9819A05CB	8D2FBF57E568B27EA5C8F8E2DCB543F08DC23AEB640A4E31CECCAEABDDA3EE16
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\lengthwise\Business\Natural.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Title: (d, Author: rach, Template: 3, Last Saved By: kin, Revision Number: 2, Create Time/Date: Wed Oct 27 10:02:00 2010, Last Saved Time/Date: Sat Sep 10 04:17:00 2011, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 6, Number of Characters: 38, Name of Creating Application: Microsoft O, Security: 0	985F30E21FB443BD21FF686367FD3AF3	116EE07DB1DFBD3A8902654ECA11979562385015	1B50803EE4F353BBE2F538276EA7370F0DB95D64281469EFD0251C7F641065DB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\lengthwise\Business\Newsprint.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Mar 1 10:13:58 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	9B6C2CB75D05CAD8916C9EE594BBAF14	2B09E86BB1AE2A6DFB809D0B7CB7DE81C8853E24	2B86490BBA9B252E06FD399EEA525B6E4F398064DC37D1BBCFB57CC66985E217
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\lengthwise\Business\Standard.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Title: LOGO - (com, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Mon Jan 31 18:27:56 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	AEB846A9F49A550C11DED8A3A19F65E9	88211E70D222B82FD95FB81953BD752DB3219E4E	91AD6BC495C6E0160C6BD47F11E02B39B69CCD754454F63541A0BC087BFF57C0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\lengthwise\Resume\Pattern.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Mar 1 11:05:46 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	575BA64FFC8FFD14312725F30792C1D6	9553A3351FCE3016FC69D70CA7D4F715511053F7	1902BDA413C32CB19A1DA879B6FAEEB5C91898530A54FE0088D12AABD0BF5887
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\lengthwise\Resume\Puzzle.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Mar 2 18:57:06 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	8A8FCB932F9459F15D3AFE2FC27BC02A	443632EAA096347A6F5CF818CBD64CA7787C1E70	81573C20775260D090C561AAF010E5130183373BCB342A6002A6A15CA274515C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\lengthwise\Resume\Sailboat.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: *, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Mar 2 17:56:17 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	B42648C11EE311F6C5C4EF843302DDF7	3EC8EA0224081D4F0DFB6E52F310B34D47D8E69D	6BBD9E968B8CD91AC4FD5EC625DBD3E009EF129479218DA8403FD028ED4A96A0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\lengthwise\Thesis\Line.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Mar 1 17:31:29 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	14DE453CBF73E348714BB8D214EB9F34	5AD440864E4A0606AF7DF986233D9853E6EB1A0C	C45663784F5D78CA1AF72CA943F063BF613631DA7A93B82F27EFFF308E4BB458
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\lengthwise\Thesis\Pinstripe.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Mar 1 17:07:19 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	8E86347F1B43CC9B70E4017D393D6F4F	4D8086A1E58A948F5323D60D41EFEF61ADADB110	F5A12D1751A879EBE329AF04DFBE45727DF7C2B04BB396EBA283E72C29D88EA7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\lengthwise\Thesis\Professional.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Mar 1 14:25:34 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	2443EE9115B5E8DDA743461DDBFADBB9	D3A329EA9B3164F3E9B1DCDBA26E01AEF872F5BF	A4415030CD05065E0F68E62F254F2D4BA2CD6073AF0DEE5D617290C2BB405278
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\transverse\transverse\Line.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Mar 1 20:14:50 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	0E226C96E8559ED1D44FAD6BFBC747A0	C8879E6D8B5FD79194D983AFF074074D0ABB0554	1F565F0980BB91BE4EFEF7E3707A802821941A0D85ABDD18346B9937FC526A9A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\transverse\transverse\Newsprint.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Mar 1 10:53:54 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	F435647BC5AFAAECF0BBB0B829CB104F	A8F23979AF80A98F93B59CFED65FD4A0A7CF98F8	990CE5FF76E387A4049DBA1C1151CA81ECD97FCE34678BF52FAC0B40A9B663AC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\transverse\transverse\Stacks.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Mar 1 14:20:10 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	F567C0F73DFE9C528FB90AEA80C1EFCA	C1555B288A8783171FD3D2BFE21211172C465BE9	4DA423419ADD27D44E147E666A6675DAC9DACDEF5B6A309D7C77F58F0899A053
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\coverpage\buildin\transverse\transverse\Traditional.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Mar 1 13:56:45 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	C01A2781AEF6B3C6C6A5C67710958FDF	F0FE1A972258E5D4F833C2D871E868F6A0AB9328	636892AFE20E3946CD3C712499F8DA36E22F58741586FBADC5E6DB5587DDC78F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wpp\Business\Business_business Affair.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Sep 23 16:07:58 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	333E1475D3E5059FD6619D3B4B8AAF3E	4F07C2936EA8A6A3AB1AAC2274A0B33372774495	C8EF577C3C2186A4529192EE70176BD3B6F45B9D207270FB49A326F1BB2481B4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wpp\Business\Communications and Dialogues.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Sep 23 16:07:58 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	2C4089D65490FB26E03DA1BC52FF3E0E	31CEE2FF061F929449A9E16BEC6A566A195527CF	516005FFDFA80B0029318BEE367C2B762258BA7680716C00A478D1FD5478F0B5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wpp\Business\Data Pie Charts.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Sep 23 16:07:58 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	300B74E05E969F275D8B632850D347F8	BF622525EE9FF7E7A1ABE49512320AC0970F02F9	D5798B92612698B1D5F116860B2D4B053A3F693E33968BE6BEB6DE34D01DC469
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wpp\Business\Global Plan.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Sat Aug 21 12:07:14 2010, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	AE9636233A3FA511DB14493EF45C5221	06FA528AACCBFCA7D8E017B3F77846ECF8F67DDD	D7E0C7DC4E32A61D6FDBC832EF915234BE21AD8B5AD4FA30EF645B08BA43118B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wpp\Education\Books.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Sep 23 16:07:58 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	55F6297E69A7E5EFF699419E48CC0995	D045261CC2F2E443ECD248A9077F295194C6A015	9375E32AFA2657FB2AD2E8EDDACFAF46899F641FB8BA8D90980A267359380EDF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wpp\Education\Daily_loose-leaf Binder.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Sep 23 16:07:58 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	10EBE4DA733F565F9E9389CD4D87311D	C9DD8A153BA7D0995A664FC2FE09920C7402B1E2	216DC99EAE3C5CD9FDB426982B3947104BF1DFD51C072D6BDEE769B4B9E00F85
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wpp\Education\Small Blackbord.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Sep 23 16:07:58 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	412897C35DD217F1B5E3EB44BC3BCFA0	E44BE493F7702167F8B52A939A8948F58430599C	F818722D064C336F7AF2B4AB6D12E9A2C1CB63B4B8E82A0DAF30EBE0B5C27B52
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wpp\Education\Stationery.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Sep 23 16:07:58 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	2B70B7FA2EDA40D6A1F947F255A23744	93F2BD297DE2453B206AE22D657EE5664C232C16	AEDF5B2DE3F0EAC89FDF296F67A2D14285FBEA1DA37F724A701CFFFE53EE7029
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Business\Connference Announcment.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Title: CONFERENCE A, Author: Kings, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Mon Mar 19 16:38:14 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	30679690246A9BD0046F59E36425A8D3	6D0D49E533848CA91697CA450D1EFEBEBEA660AD	C79D7D96AE65BB1E50A57FF3B56ADE86123B177EA07A87BC0C97590B634CEF35
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Business\Memo.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 1033, Author: Dav, Template: Memo., Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Jul 11 12:29:29 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	12CD5975B62F3C07157CD27B99FC0516	91086BC46546EA10B5ECAA5DFBC10A545EB44FB7	8C1E5A7891AAFBA1432D01D1E2FC5E4C9FD51751C876EBC437CA204ABF40248D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Business\Memorandum Confidential.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Title: Memora, Author: Joy, Template: Memorandum Con, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Jul 11 14:53:26 2007, Last Saved Time/Date: Tue Apr 9 10:44:21 2013, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	FAD5A0235C16A4F2DF57D8C1AB32707B	B035EABD556620F2BE56B9D54E24795987304D16	13B8578D03FCF8C648A4339C22D059B6553F0BF04A196C159B75359676A2AB2A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Business\Patent License Agreement.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Title: Patent Licens, Author: liangsh, Template: Normal, Create Time/Date: Wed Apr 26 08:14:00 2006, Last Saved Time/Date: Wed Apr 26 08:14:00 2006, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	E204F85CA3316027104465C56D74699B	0676B02C290958917B466FB535C9B15F9EEEE4A3	3D1B1D4D774C743B0897523806BAACDC46B8125F7CD13440918AE58DD0D540F7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Daily Life\Standard Email.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 936, Title: Email, Author: tanmingxia, Template: Normal.wpt, Last Saved By: tanmingxia, Revision Number: 3, Name of Creating Application: Microsoft Office Word, Total Editing Time: 01:00, Last Printed: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Apr 26 00:14:00 2006, Last Saved Time/Date: Mon Apr 23 04:17:00 2007, Number of Pages: 1, Number of Words: 56, Number of Characters: 321, Security: 0	0B48851B5CE7BAD21512B2DDFAAE78E6	9155069BE1E7E187ECD39B2B6E30309E9A98BF99	5B77B8074DDFBFC913741239203152370351C5ECDFAE8435B4AB0D221FE41D2E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Education\Bachelor Thesis.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Title: Bachelor, Author: 1, Template: Normal, Last Saved By: tanmin, Revision Number: 3, Total Editing Time: 02:00, Create Time/Date: Wed Apr 26 16:14:00 2006, Last Saved Time/Date: Fri Jan 12 00:55:00 2007, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 306, Number of Characters: 1750, Name of Creating Application: Microsoft O, Security: 0	669044AB0158C9DA915969A0054C632B	1313F026756B8376976291505419EF9C65B7A5F4	54B7C601DCD45157419134C985BBF7693386182FF9E85A496F55E6AA922C1185
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Education\Seminar Report.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Title: Seminar , Author: tanmin, Template: Normal, Last Saved By: tanmin, Revision Number: 2, Total Editing Time: 01:00, Create Time/Date: Wed Apr 26 16:14:00 2006, Last Saved Time/Date: Fri Jan 12 01:00:00 2007, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 746, Number of Characters: 4254, Name of Creating Application: Microsoft O, Security: 0	13667A4E54F0B19E8F2CD6DD9CAD6568	06DEA6069F6D8D2EFB6742B9BC07976B7BC4D216	7A00C6BE1F359DFA21288A49EBFE13C3F303F63867825F129BA72F5F5C0AE8AD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Letters and Faxes\Business Fax.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Author: Dav, Template: Standard , Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Jul 11 16:31:38 2007, Last Saved Time/Date: Tue Apr 9 09:41:08 2013, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	9D67C487BCCC9314F574ACF62DF3A368	3133273B5D938B75F187F8C2DD53E742DFBABC24	C9FA97B9575092A09BCA3A4D6327A29165C39966E9782EF82AA20DF21289541D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Letters and Faxes\Business Letter with Enclosed.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Author: Dav, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Jul 11 10:34:03 2007, Last Saved Time/Date: Tue Apr 9 09:40:53 2013, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	176B06B52EFE473566E6FDAFE926BC9B	F1DF9F04B2D708E6B2913528BD7E955CE068F291	70C874B23E6215C07D95207FC0663214AA42449C31719197E5BB33E9CC12D32C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Letters and Faxes\Personal Letter.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Author: Dav, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Jul 11 11:45:10 2007, Last Saved Time/Date: Tue Apr 9 09:40:34 2013, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	881DC487B4468630ADA9717CFF8012AE	566D4F067C0257364C471A6367AC42B289D2FC9A	C49666F2BF375BCB9E636784DD6F4F15FF9A844B76738C80070356C485169BA1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Letters and Faxes\Personal to Business Letter.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 1033, Author: Dav, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Jul 11 11:45:10 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	32E17100F12DE3F202B9BB16A392500C	0F83EEFB20795BF2989C8000747AF1FCB11051A9	4394D0667AF04CC526C3C7EE98C0B308E9AC485A2101FFB7DAE7684DA0955275
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Letters and Faxes\Standard Business Letter.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 1033, Author: Dav, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Jul 11 10:34:03 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	2422039E7AB7E8555979CF678556C2DC	D603F3DD7F4EFB60D253C07D3ED0663981BE2B70	F13A68EEFEEF56BE058CD24B77EB482B5D8635F0BB213D5EDE6639408313883F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Letters and Faxes\Standard Fax.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Title: Fax, Author: liangsh, Template: Normal, Create Time/Date: Wed Apr 26 08:14:00 2006, Last Saved Time/Date: Tue Apr 9 09:38:50 2013, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	8AB0D53E4A6BDF27F22EF61A3E6926A0	8F5F4FFFEE629CDAE5649F0292874D8365B6ECF6	91A1018A10F8C09AA2627F0CA448E1B2CE16724B400782C2624B5CE312262EFD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Personal\Cover Letter.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Title: Cover L, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Mon Mar 26 15:55:04 2007, Last Saved Time/Date: Tue Apr 9 09:47:27 2013, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	EBE19EC2F1D9075BD9CF9C973FF49F70	C7F4FAD15971C2DB164E170CB9A77F38489B9F30	7B1377ACFC9CBAB18ACCB530EA6B61BBE074C8D6CBA56F7EB0E18352081A7DAC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Personal\Emergency Contact List.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Title: Emergency Co, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Thu Jul 12 15:18:21 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	1E166B7985C7C4C166DC51865C20A2A3	3A53E433358796F4879E33720C056B3C1BC60153	A4DD869DA81AD68CDCEA159789BC75315077950C006B460E2215C64356B31C62
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Personal\Functional Resume.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Title: Functiona, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Thu Jul 12 09:34:26 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	435706A453FE3C2EF66372E87A96F8C4	27AF3DBFC1720D65CE9BE56FEFAA86674E96F8A7	AF051EB483A1DB7D7C5311B59D425F24277EB93BAF93D358501885741884DB9F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\en_US\templates\wps\Personal\Job Application Email.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Title: Job Applica, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Mon Mar 26 13:57:30 2007, Last Saved Time/Date: Tue Apr 9 09:52:08 2013, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	EFD8A1985B817E1BBB8BB43E90C5D3D4	1160602DC166D3EA961A2ED4B7423FAF1A6EE66A	B913C153F0E5503BA07991995A16097C0A7F864681D261AB6C76A04B07245C31
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\config\controldatetimeformat.cfg	Unicode text, UTF-8 text, with CRLF line terminators	5414C59714FF19561BB7E7A70BB5F7D5	80086DEF91A2454CB0A6A09F37439CDB56BD4C22	C4EC93283E4EDE762EE56E4105BDCE1E7D6CFB9FFCD624F20FCAB1EA36547850
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\config\datetimeformat.cfg	Unicode text, UTF-8 text, with CRLF line terminators	5A701887BE02E821D7E415889629059A	080193B57B591F8A36ACAEF2A7A1C45A3E2EEFBD	D83076755D980F41A7751F21C38D4B000975D0A2B667420635BEA45EC3A58B7E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\config\downloadIrmUrl.cfg	ASCII text, with CRLF line terminators	46CCC9FD84D15D542019A33C2C7BAD6C	E110E9110CE5DDB97D0145D60F93ED5F9D7515F5	EDE6BF9D7633C7DB2261178292852B126B4A3D3710F328589AA05DDE5183B7C1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\config\etfunctionhelp.cfg	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	B986CED4660945D4EBAD2AE3329EDBB9	30E1262D1053EB58A9A2BF822180A532E5126BDF	ADEB7B858D98D0B88638654BD002BFB093D52DC16E986467E8D00A9F67A9D9F5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\config\idstr.cfg	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	98135AEBC9FDDDFF4331B26B1AFE22AD	7BE956BFEC850808379CFDD5123AFDF55DF6D8DD	A7EED57BE94FD5D978650F1130DBF75E0313CF77D19748FF79A896B7FF848701
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\config\localizedfunctionname.cfg	ASCII text, with CRLF line terminators	D7FF6911FA924D0991597E78D279F29F	5CBF9831EDAD4E2C6EE8916CE4930275E8FDDED1	079807FAE3D93F1E7350EE6D322E67EB80C243F3523BD5F520A475869EB7777D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\config\numberformat.cfg	Unicode text, UTF-8 text, with CRLF line terminators	21E3BCBFBB74466F0B7910DE26E4E56C	FCDA9A97038CB83FBBFA16EF7106DF9CEF65010D	3626DA5926CC0C08E037374E80B3CD6B339822BA01BEAC4A27BB7D2BB104FDDA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\config\printpaper.cfg	JSON data	74E8F0D0AFE6BF769F406B8066AF2864	09B3E9EF1E777FAB7A87FDD5C8789388ED43FAC2	AA6014E72849D62C65581F73CCC22D8CA58875C031A4A9C1EDCDCE5C46C4791D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\config\wpplist.cfg	Generic INItialization configuration [BulletListGallery]	C1609A235060D1E398D62519CA5B389F	CE322BC58D251E64E23BBF70A582151BEAE9649B	4089E688FF3247E6F99913311156E523F0AA0E55F24ADBED4CE75F2ABD8E4CFD
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\config\wpsfieldnumber.cfg	JSON data	14BD220BC6F68B11EBE03BC5D5BCA871	10DFE7ADD5661A6C5BA48B3E463D63232D346E01	B106683E536D1D3A9E895AB19EEABE27A5D3D073E12867BE938ACA723E80C121
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\config\wpslist.cfg	Generic INItialization configuration [NumberListGallery]	39517CB1CC30273213610063BDF05FCF	1DFE2802C61D7E6D1F1E3E3E521581C4BEEFB789	5C8B072B80C551C8C46EB6DFEAD2504A35817966FF01F4E0500B35BDA9B91887
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\lang.conf	Unicode text, UTF-8 text, with CRLF line terminators	189946B46A2672118443491C1EBE48B5	87D3D1A38211139B469A33942C3295B8E2ADF218	058E1694FA70D0F7A6470E9392EB82E14BB6C56684E77DCB4FD5CC27BED4172B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\big blue shading round.gif	GIF image data, version 89a, 40 x 40	E9354094D580F9ACE011DAD8A150FEE8	2EDB63181F75E3E4A1BA5EF25DC2102B879C7B94	916F13CD6DCFEA686BDC89C9F2912CA8D30B839F885212FEA82FD0F51AB80B3D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\big blue shading square.gif	GIF image data, version 89a, 40 x 40	F7E2CC69E2A945DBFF37EAEC9F6005BF	18B51369C628650E2541747FA0F1ECF5C6A3873D	A0EEBFA7F30E9147D07AA96B45515BB71710419551F7E624ADD40129ACAAAA1E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\big green solid circle.gif	GIF image data, version 89a, 40 x 40	50B119B26398D7DEB08975CF38070F5E	E902EC5519E3A08DA331849685A7CEAF919AE4E9	F1C4A76C4F5001A5323BE30B79C423B7F83F8AD2E96840B5305CD2D7DC87F37B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\big green solid square.gif	GIF image data, version 89a, 40 x 40	105FB75F3D3B468153C6463505CB069A	B9FDC5402FC3278B85896EBC8044DD68A9D80D6C	AD11B96A88821097400A3B35F5FB853429D3691661FEFE20A0A9CDE5C1C3A28B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\big green square.gif	GIF image data, version 89a, 40 x 40	8F74747A1370E4623BEF65A06F6585CC	BFF7E0C54725452E5CF4B8EDE4C5CD6309528991	DD4DB517B0BA944AD86A0F99AD6F0FAC0CF6B5D776600056FE800490012451B8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\big red shading circles.gif	GIF image data, version 89a, 40 x 40	5CD9BDFB8215A187566D7445E11E0A1E	C73ADC31E3E9AEB5F92F06454F0CDA04ECEC5017	5029D6A9ED9245FE94AE7E50766525BBAD811CED0DA619AE8F1778E2280D5B02
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\big yellow solid square.gif	GIF image data, version 89a, 40 x 40	F6690B011721188746E18D132C003B97	9D51B75BEE712DEFC525DCE969D328B0D008EBE6	63A9A57B35166B252DD5FF9305624C526729B9E723E76695E46518CEADFECE12
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\black and white texure square.gif	GIF image data, version 89a, 40 x 40	8D023C70D46690C5EE72E749875BD38E	B697D628ABF4F9DFCE8BC414EB96F06B47358935	00507013AB91D9EDDB6927E5A7228A2316507AA592986EB2512F8329C96C71E0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\black echinus.gif	GIF image data, version 89a, 40 x 40	342FFAE9402D70DDBC048767C15C7831	2F99B1D5790FE78C798939A23B4C91E89700E565	70CE12F7E8FFC85852127A6B963A6E1462003B6EC14B86C3A2BC0A7CF76B8BDC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\black gapped pie.gif	GIF image data, version 89a, 40 x 40	92593076C258461E80181736735E3D1F	632B20F8DDB7BB3D64DC85DE9A6F121AEEDCC897	43AA3032272CAB0E844B33C1541CC894A8C389C8D8CAEA7DB6857091D3286BB9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\blob.gif	GIF image data, version 89a, 40 x 40	465C9E6626ECD2D1D580490ED7EDCF86	C47E2DAD65372E7CFDF5FF3F8412C78B9B77566A	432A0EED2980F6590ADBCDD846826A72934FA3029BC5D85A47F26549ED08D0AA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\blue annulus with square hole.gif	GIF image data, version 89a, 40 x 40	B0A14E9283F462CE59E2FAC3E56E8E1B	BAB26A5EF542079F267DD248EB8EF545E13B8920	22D4437FC33AAB195EB122ED8EDE56BDD83624D7140C0F6A5971FF78CF4049F5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\blue arrow.gif	GIF image data, version 89a, 40 x 40	8313DAF7948EA53D01C6BE3646004B51	A08F255533C4CD2F2751E9BBDE26F21E153CF28C	0817CA3F6921FCB1D8F3E5BABD4107A750A8F49C5170F48DC1517AB79E4CA263
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\blue diamond.gif	GIF image data, version 89a, 40 x 40	AA5D4D71DA44A0DFE87B4B439043D74B	5E5BD5BFFA5C729BD07A17D4C2365F7C418F5EF7	283E528CD1C250ED9F3C085064A410D34A9FF68F715A5E978F739171C1B0E1A2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\blue donut.gif	GIF image data, version 89a, 40 x 40	581199AE3509440E8BC62704F320A507	3442978789239C4905E058C67D7EBB89F594AC52	5179D79B6F9E900F0A80A452140AB82762C9399F422864D81B5D53D3FECEB85D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\blue flower.gif	GIF image data, version 89a, 40 x 40	305B63106A184E4CACAC923EDBD907C2	4A3EB6268FCE76C7746DB7D6A97EC318207FBA4B	3300F6E6FE0A01D57BF8BF3F4030BE5D08E64F47B9FB4496B27853D889D7A661
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\blue horizontal-striped round.gif	GIF image data, version 89a, 40 x 40	21C9BF8AE6E8DB1FB02DD9C13026C4ED	0742CF480141571AFF6CFAC7A6DCD02A67575C4F	12963BA4D7DEC7051C816B27E843ECBF16126FE197883823234203F6B79500EF
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\blue horizontal-striped square.gif	GIF image data, version 89a, 40 x 40	0D620CB34E7D83BE0C19E848502B5633	E0FBDEAA07A592FC13E1A015BF7430B48722DD36	CFDC59055C5694A41B9B99BF959B33D4E70372EC7E21F75685B1D48CA91F67D5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\blue solid donut.gif	GIF image data, version 89a, 40 x 40	3E58DC48C8391CAC609276F733A32B5B	DD26BF113DCF918EE0F0D796791D53C293E07AA4	7AEE09B2D7D807A0D84440FDF266DAB84FDA68933647694B9B923B9337D1F71A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\blue square.gif	GIF image data, version 89a, 40 x 40	F7B3EEC401E4099CDD4090E9FF52A328	BB2A0D8D0D48DD8EC2FB109E8B850DB142184242	3C5A3C89EF61F17C84A3AFD8951B26E54243B560001DEF0A45CF5C0034AA9F59
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\brown square.gif	GIF image data, version 89a, 40 x 40	92F48D6119A74CB715353D224375F4F9	83FF196E815183F86512A8FC3D8E4CC9377B2F56	32798A79DD9295681E00BCF4B877DC5541A14F9EAD38F45EC405AD3A02E4F222
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\check with check box.gif	GIF image data, version 89a, 40 x 40	830E5B4512A1E251F0862AFABA6657AC	DF585C7A31E0E00A03C73565D2D205B473AFE661	82A21ED849F5349AD387034AA22A63869271E6158480D75344B4C0CF4C3DA84B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\circle with shade inside.gif	GIF image data, version 89a, 40 x 40	3DB5E4B51185F354AEC19797CC39623F	F7ADD223C622EFB74D539878954288D48273FDD8	FA66B7362C6B65C8FFA051F141EE88DB4AD8CD9F1F674A5A70FAA50EC63CF58D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\cross-focused round.gif	GIF image data, version 89a, 40 x 40	24D2CF3FA09436022D4AA687E778C37B	749CCE22393E1B7BD739FAF9EDD7A6612D80D603	6BCEB1F6C3225A0D52D55B84479DD25FE2625962D8E0E806DBB39B622147E830
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\diamond cross.gif	GIF image data, version 89a, 40 x 40	E1AC34B2DCA9312BFC915E5724E25C7A	72783821B401810FD9F908C5E71DC74536FE4259	BF21329B8943FC5428C2867FC3466B876CE7A1902F17693D2194CF8EBDFCCCB3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\double blue square.gif	GIF image data, version 89a, 40 x 40	86C4EFE7C18ACA8A7B888BC78CD9C8DE	6A2FD6D58212A0E49DD2C2F1373AB2101A091271	F3BD3DCD247DB79D4A04BA20556BDA563177DB24B3304757AFFFDA0FA1B74A94
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\double orange square.gif	GIF image data, version 89a, 40 x 40	4A603E3A72DB3D6BA24BD921080FE0A1	EA237801A905E071373FF9F39E788CF9E9DB99A9	9DDD6FB0496673D0940ABFD019D04A6D85EBE018B7BFC03B58B7A31EF10DDEC8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\grass green texture diamond.gif	GIF image data, version 89a, 40 x 40	B4BC23E4251851AAF0AEF4C922550136	D8C7A69E349D79CA68CE96AF75515472B26F25A6	427A79427896E26FD0DCAB2894A3C13F461A7068A87AFFA03C488717EE8A358F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\grass green texture square.gif	GIF image data, version 89a, 40 x 40	55CF55DBD15E0654855A923942D83D5B	A9808C8967E4F0BD2000B80035388A2D547780AC	74F251D269C84EB059349365AA5392BBF13A3299D903F221F2DCA5AAB79F31D8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\gray diagonal ball.gif	GIF image data, version 89a, 40 x 40	EC9A5DCE3D3FD91F741883EFEFCD77ED	615374E7CFB99CDBC3EE15287C9954FFC4452475	D6FA7689E21826AABBF3EDB0E4F415661AF703302C6F103410E8CE25DFF1BD73
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\gray solid round.gif	GIF image data, version 89a, 40 x 40	1FC34B619E38B92B4BD25B8DE9D582C9	FB8A63DAD5C0B5D2A8F5B0EBF156A2EB93F708D9	F17CF765ADAFEEA542F1F4C68C6176B461DEB508A7D31E7D2100259CA494FFF0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\green annulus with square hole.gif	GIF image data, version 89a, 40 x 40	EBB1AE93CE729FBC5B9F9414F6BA69B7	B3086DD46AA573C7128FBBCBF917CC34D63B13BE	5C421B620AD7AF3EBF4FD265F7F43AE6F8278ACFD03A1B38E5F6DCEAF0B8F695
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\green diamond texture.gif	GIF image data, version 89a, 40 x 40	FABA52AAA5464989EBD3CC5E5B65A5DF	9C306EC84F017C82D139FA7417785EA6BFCFC95D	64B01179521EBEC92E0E57E5DC84932A2C7D2FA325304461231FF861455C29A7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\green solid round.gif	GIF image data, version 89a, 40 x 40	AF57F8894453CD4EBA64EFE86AA9A958	F8B1A19A98E3FDA941368F927311059D5C9EF18A	D566F910FA9F8B262E6782A37C4D90A54994A72B4C55953642EAC781C590BAE2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\orange diagonal ball.gif	GIF image data, version 89a, 40 x 40	E1ACE108E6D36C14849FB94A5C2E202C	738F9412B89D1C648D54499AC9DBCEF348D45D04	F6EB6CC5DF994ABAE65C6464F7F02DB6470AF5EB37F00F1174DAE10CE0C5A2C2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\orange diamond.gif	GIF image data, version 89a, 40 x 40	896E3420565833E02D9FD58D0201E1F0	B42E66E913C3AA3EFBB94DC125C7914698436D0D	92FF05E0D883FBAD2C34C115E32202600CCB3365C8E1AA41BD145F1290F011B5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\orange snowflake.gif	GIF image data, version 89a, 40 x 40	235B60BD76DCD9A1EC97BC9EDFDC7CD7	7E82A6A718AA49B7C51CEF5700E58391462E22BC	1A165BD838012BA2FA6EB61830594B2DDC21FF764F3620B3A010B0A47B532A10
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\orange special texture square.gif	GIF image data, version 89a, 40 x 40	4BD2AF423C18396A0FE39EABF8A3083A	F08F558E171D704A86A3D2076928B0793FC8A04C	F8DA12494DE0A5F227464A272636548CA2A531A3AE3CC7CBF95C417C70819375
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\pink shading square.gif	GIF image data, version 89a, 40 x 40	8CC765666BEFEF88EB4C266BC58B1E66	50881622A7766566B3991FCABC1D51482F679416	72AD9F45C2BBBD58CC6B486AFF80ACEA935F34313FA147D6CDE4C4E47C2E4084
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\purple snowflake.gif	GIF image data, version 89a, 40 x 40	BC6589AD22EE185C8891EE5E2F611018	52823C9DBE7ECA8719A71F7CEEFF744EECA40DB2	629D784D237A5EA2C89889FFA4A9B84609E4C073776F10BCCA843712D5F14A42
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\red arrow.gif	GIF image data, version 89a, 40 x 40	8E1352A6142D08492DC3EDC1D088B937	9B68F295A9FF6F8AB15A9D826BC513BC73E011DD	79D4D8E4675FE4E8A27046E78A2D83858C060E8C70A36688D74AB29B7F7B2205
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\red echinus.gif	GIF image data, version 89a, 40 x 40	F45CDB1C415F2D5A36D2035321798BB3	591CD0B4B52D38BD911CF66EAE1AD7073B5E573A	84F69E37FEC0F8DB1B1CEA7BDEB5CF2DB002CB037D3B1FFB3B974FDBD3A80263
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\red flower.gif	GIF image data, version 89a, 40 x 40	5110E624C660096E958AB91C2482B203	479E6D8C555A8596F91F4E8B66912351A956D639	9C1C32B9454E7ACC66FA302FA51B8F421A706324EBBE3E73465189AF42D9A87B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\red round.gif	GIF image data, version 89a, 40 x 40	148F573CA856F6DDA99C59251AA9D781	11D7F2E6CBC3740CDC4369E2D075B67B59AD0B26	15F350B5CC512D0DB8A1839104FBA471342A127403CE17F72F4C1FE4FD40C08F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\red sunken round.gif	GIF image data, version 89a, 40 x 40	2C39B6EB344522E609ED8249AAE3F6C3	3DC6F81305141900ED6814E1E263B36CAC4153B5	46C8EE3592B3C43E734E362839B21FA8BC12DD0C1E518EBC59058E6ECA301742
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\small blue circles.gif	GIF image data, version 89a, 40 x 40	8B09DBF0E24A6210E3BA8876354766B0	1A396C151E7A489CAD26C8CD903CD01CBA4A5ADC	D846EF9796D089D7666A5AE064D84727FC9C7794D8CE7D2A4E4F50323588AEDC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\small blue shading round.gif	GIF image data, version 89a, 40 x 40	B07D225C5EF961A5D2556CDF2605F04E	33ED2D56F29C26ACACE81FD1F985E9B35571D0AE	159AB7B416FB7C7F55A725FA29073309986F38D2FE9D4DF5285A21A8A05EA1D0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\small blue shading square.gif	GIF image data, version 89a, 40 x 40	47BDFB221F4D0A07646838A50CD23A82	05EB1315A244BD778F548F945C157F036287EFCE	DCC7DCD558757BC9163892D50A79C37421BC82645CEB7D14143E299C6D3FA154
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\small blue solid square.gif	GIF image data, version 89a, 40 x 40	CE36E37A281E798B762C49E675385758	E9531C5742455B51FD861975559B494D9F109E97	C3EFDCFED7FD90F34E84D42592DC707AB9C6BD4A8E5DFF4153C1A2B970A77B75
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\small gray donut.gif	GIF image data, version 89a, 40 x 40	C8AB24B964B77136877EDDF5C2671153	A4C7BC81983B45403ADB0A17FDB39641CF478161	093FFE8F1CAC986EC33EB443C366940DDD987AC908030A71EF4B467CD98D7C69
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\small orange circles.gif	GIF image data, version 89a, 40 x 40	2BB372E3D5EF9F67B886485E5F87E96C	EA5C66F63611607CEF50D194C660B1600C0FB335	2C35CD1DF48E471FF35CBE0F55DB6A02EF96BC644290938EDD3511E1C6090DC7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\small purple solid round.gif	GIF image data, version 89a, 40 x 40	885F202E01025603E39B6DF7FA5C8D52	1822866FCCA42A24D08190704BF158EF346FA2AA	24276CD4C9B97BE5EB86C821009A0D4D3DE3A78CDD65CC66D8D9782F63A4EDED
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\small yellow square.gif	GIF image data, version 89a, 40 x 40	2BAB59CF8BCBA190E9EAAD1E2E399E65	9F23CDBBBC2E29A60DA9DCDB61BC17B93B4552AA	6C308A28C47DA8E395B6FF5A804404F2F9260B15F94E4E1843260BAE652D8C1C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\square with blue hollow circles.gif	GIF image data, version 89a, 40 x 40	C636ED9181D2F32289E6EA1DA6D52EAE	6C79D08F69408AC2504B448E63F7A012CA13C46A	F6C13B798A80334746DDDCC0F3FCDA4B19BA5D586ECEC6AB2E9D3D73CDE6BB31
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\yellow check.gif	GIF image data, version 89a, 40 x 40	99DF6297642260D8947DA3F21303C0EC	9EDD5D63FBBC8928887B5A523668A63CC64A982C	9BA24D0E27D4E9FF15BDF88F963874D731982691F7A908BF19D8BDCA36018AC4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\yellow donut.gif	GIF image data, version 89a, 40 x 40	B844B0FB008172278DF6CF1F105DBE73	EBE86AA34B9EFDE846E8D7984F866AB4874C1B1F	23A0ACA8DB64F56EBB3465FB1AEE3BDAC8524318F1AAF71CF7D977D213FB167F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\yellow hollow texture triangle.gif	GIF image data, version 89a, 40 x 40	F81CABE3A8F7D49980454E7A45A7CCE5	63048AA0830D4FF2B3ACAEFD751D434A218210E7	42B958A35DD9B7E2FDBAE6D881477ECC87A82872BB41B7A72CA62A2FBB81F1ED
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\yellow solid arrow.gif	GIF image data, version 89a, 40 x 40	81DA6153BF5CF2566266BAE0E1AA88A1	BDC64D786BFF0C53076304C16C9AFB75027D1B65	FACC02B840B7EB98C9DF883DBBFED7B9DF840179DF640F327415C8B5BB295C96
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\yellow solid donut.gif	GIF image data, version 89a, 40 x 40	8D17CE80300EBA9C353A15CC462B8400	DE6ED952D05AD4A7995FB291CA4D366B206C091F	89FF9B8FF32A5F7688EEB31885116B6405ED9416686481A62536E489C373A998
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\bullets\yellow sunken round.gif	GIF image data, version 89a, 40 x 40	F7A74A4E97D8A58A8DD9F3561588A0A3	E94781458A1F9A47435A30CCF4C6CC298CCCAA35	7F19A40F56280A01EE4355F077ED9FA8B967F377BC6B6B1489C3DED2D0C77EED
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\charts\styletemplates.gst	data	03C2D8F12BB990254E6AD68AF7AC4327	7EE46211550D48A4D820533116D8468C8EA26650	8C3E543DDAE8886AAB67A1B5B4E02BEFC11FB5512D6E8F51116912B76DBC5D02
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\help\common.chm	MS Windows HtmlHelp Data	CE36C96A6E808CB7BAFD5C0851FE76FC	97DA363AC337B67264ABBE19837E939CAC633EC5	70060360E67D4EE375212FFC993856BFBD77C69D4237991A5E0D6E52DA12473B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\help\etapi.chm	MS Windows HtmlHelp Data	83C1C7ED020F93BB3CE800FA568364CA	EAC226E3E47E6E36E72D9F054E974B8321901605	59FAA2FA80FEFEB18B9E1C139C86B9C10D7EF6FBA5E25D39DC96FB90A2EC151B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\help\etrainbow.chm	MS Windows HtmlHelp Data	59D26C86D037EAFFB96318229B88D82D	773B7F1D30303528F7841121FD73F180DB78B32D	C58555F7925933BE1612A9AA20D2169EE9608807C91EA68A5F567856C4226E5E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\help\wppapi.chm	MS Windows HtmlHelp Data	39A23D0825E032B417D3B8B6CF782D58	B8A10FF625D3D2AE83BE8CE990547A11E4B2813D	950DA49AF1647E72CEEEAB05B20B96BFE80BB729F94DAE1EEA20A3E7CC1C7A52
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\help\wpprainbow.chm	MS Windows HtmlHelp Data	67A41997D9451FC5D35316754D2B0C5F	C4EB7D52DC1C73E5D4BC536218A8C02EC3E3A991	2A3013DF5C29AF39AA552EC500DBC55973B2D82F7033E7FF3F17674D8FBD7072
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\help\wpsapi.chm	MS Windows HtmlHelp Data	288F7FE2BA0E25BA27D918181C910FAB	9269522755958028A1440ED82F2215DD0B3819B5	DDF3DDDE1DE097294A9116CCB7906FB5430C0A56AD29A8177BB24F1E910C0127
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\help\wpsrainbow.chm	MS Windows HtmlHelp Data	880456E3CE64DDB2DDA74A938C7996FA	230D928643BF7A737792E900F94A9FEDC2B89800	0EC730CC2AA8360A31CF31304ED97CD983F5CAC48142D9689DB6E399ED1B8797
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\ksee\Equation Editor.chm	MS Windows HtmlHelp Data	4C02167B771C24103EE81022DF43CCB9	A3171F9A9E832CE3BCAD1246DC6A0C199691886F	2C62F014718706B0546E07FB71D6DD8A22E1D022D93633628B155C3F698CE4DE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\ksee\ee3.dsc	data	49857F0C2EB29C389385B101934086FB	1898EAF7379F8EECD33E61495E4A5BB19853DE63	43AAA62B9A750996D59423349F37F5FA35E4F9C2A68D1D4B001B4195A00296FC
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\watermark\images\user_defined\addwatermark_buildin_wps.png	PNG image data, 102 x 134, 8-bit/color RGBA, non-interlaced	241CC4D8AA4381F664901620D1E694A1	2258CA6D24B227F5364D20F1CB1D52007358C6F9	4A04E2EA7B27826AAE2BC4E638BFBDD3F3AD16133C21620EB33763F6C6AE6D0C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\watermark\information\preinstall\ORIGINAL.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Create Time/Date: Thu Aug 16 08:50:27 2012, Last Saved Time/Date: Thu Aug 16 08:50:27 2012, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	A68672E62990618B5A9B815BED49F563	19FAB268D5BBBEE7C97033FA16AC608946E2D415	A9C613587B477760F697E9C7A0F30BB49AD43F762735B083A5BF9584FE4889B4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\watermark\information\preinstall\SAMPLE.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Create Time/Date: Thu Aug 16 08:50:46 2012, Last Saved Time/Date: Thu Aug 16 08:50:46 2012, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	905C26DA493BB1AA25B8AC6B33DA5959	D8C27BDCC48470B3C5B11CB75C8EE39D45852373	E4CC8F0F87AFF88B693E2D57D0DD20E8E5FE4CE550EB6FDDCAF7FB0D75727C47
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\watermark\information\preinstall\TOP SECRET.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Create Time/Date: Thu Aug 16 08:51:36 2012, Last Saved Time/Date: Thu Aug 16 08:51:36 2012, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	3DFA495E8EBB0DAA77B3DD8D46591350	45E76E9E9E204962EF1EDA97E9D80C1625DC6A1D	2EB244F4B13DB011A82802F59455A2E3208385D532D9DA9BF66240628E94B15D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\resource\watermark\information\preinstall\URGENT.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Create Time/Date: Thu Aug 16 08:51:23 2012, Last Saved Time/Date: Thu Aug 16 08:51:23 2012, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	B21D421B227EE421E706312735F70C1B	C6C4677293865582F7551695AAE336BE709DE7A2	A7869E4561B8ECE7A213D8A6BF3385D0E90DC4823FF52AB1115B35588A840372
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\Normal.dotm	Zip archive data, at least v2.0 to extract, compression method=store	0F39361898660C13D06B10EE85FCD535	C9CD2E2084A18CF6065BB246523F503403121468	150438F6C21E6634F8165F0251EAEE9FF209E83741C0760578AA92020A2AA615
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\builtin.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	1E0DABAC27668F0AA150F16F737AC83F	023D7AB16FDFA9E0E8EACD2B9CDA8E7D6FAFA9E1	9A8488A63951B810A94681CE0D696AEC8BB46139374A68C73C3BBEBC88B9DD3B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\coverpage\buildin\lengthwise\jianyue\zongjianyue1.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Author: oshi, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Sep 21 17:52:46 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	DC6B4AE24F42925FF936A2C5389FD5B8	90BDF7AD8B7C57FA305F3BEE609B23DA0D436CBF	1550A111A98F020143A83A64B8CE38A21656E64420070840B6AD4F9F23FEAD22
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\coverpage\buildin\lengthwise\jianyue\zongjianyue2.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Author: oshi, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Thu Sep 22 15:02:58 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	1520AD43B92186BAFC3B0D94B0D79A90	E400D7AC8AFF7010257ED7FC9AE93B9853EAD69A	B176A53342B82E438A6B6620F75889F1C7229311FD81E8BCC6EE3FA265679150
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\coverpage\buildin\lengthwise\jianyue\zongjianyue3.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Author: oshi, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Thu Sep 22 20:14:42 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	9F666917D1BE612FA523518AE9986417	EA9E253363F847EE9DE7D2301807D46F5F176A07	AB09C1C3A7910E449AA24255BB9842DB57DB0B0D17A2D7AD0F2C659DD5C669DE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\coverpage\buildin\lengthwise\shangwu\zongshangwu1.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 1041, Title: *, Author: oshi, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Sep 21 15:02:16 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	BB9537B3D554C9E843ECFAE4BA405784	5C5FC4C148DB4C06DB43CF341AF45B2047BAB9CD	B58CC2D58C237614986DF88A47CB39408E4483C9BF883F846766B0FB440CE8D8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\coverpage\buildin\lengthwise\sheji\zongsheji1.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Author: oshi, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Thu Sep 22 20:47:11 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	9212E04FF523C0C50633DBD6894B6D22	00D7F27AA815879BFAD69012648E44E530071982	2A86673C37D8AB2B5032407B7825A59911D176CD81C884D855A2DC8865B5F768
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\coverpage\buildin\lengthwise\sheji\zongsheji2.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Author: oshi, Template: 4e7abef52, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Thu Sep 15 17:04:23 2011, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0	D80E7287FE3B0A50F7700668A3AF0EAC	257AF9B96830794407577BC8871B5F893ED8A592	233BF06FDB7A43AA469348836CE050F6F535663E7D10DC65C81457F10B8C7E24
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\default.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Author: kings, Create Time/Date: Fri Nov 15 06:12:06 2013, Last Saved Time/Date: Fri Nov 15 06:12:24 2013, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Security: 0	A575ED010597B8BEF968A56F577762EB	EE6DF8887912BB7CD36A47E33BC73CEB900C2675	53B03DA79065B1D83E78B66B480FB1311117B11D84D576EDC4F78EFD22A2E24F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\mergefield.csv	CSV text	90A521707689818C944B92126FA4B471	9CC5C065FE04742C1EAB71666C558601EF286B3B	71A27D8C59ACC9F2867BCFA9B7323ECC8BD838B1A408C9653036154B608B8671
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\newchart.et	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: -535, Author: Windows , Last Saved By: Windows User, Name of Creating Application: Microsoft Excel, Create Time/Date: Wed Aug 26 10:41:43 2015, Last Saved Time/Date: Wed Aug 26 10:43:30 2015, Security: 0	CC1BC4152A33300B5682968ECEC21911	E43828104B0E76FD77414F9EFBC811C847745833	8C4EC67B24523FE524CA662D35DA8863D3767D99FCEE8C56223DCC7B316B90B9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\newfile.dps	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 936, Name of Creating Application: WPS Of	B8A5B75832F9BEAAEB1A621EE1C34F40	3C1D7F2A1558D7EC5C90AAA8DC2AC1FACC43E244	F79C70A9F66FF5C28663A76A6791CD255D623F6EC5C71D031862140EE2132BE5
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\newfile.et	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Name of Creating Application: WPS Of	AB9BDB03793D0365C85FFCD56D7F0BAF	22937C264F3D4B3A3B91B95AF3769EB8ED5761A4	3E52A2F00734EA7A69CE123255ED86AC000C4ACE4948F022DC978CC2932D88E2
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\newfile.wps	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Offi, Security: 0	72B38DBB6EF21D647A19EEDB546F3416	BA80081F34938463E081AC05C5772AB789BF798B	9D4F9F7992D8B2B8421F771DE685CF9DE6BAE806C39F78C069B11F597676219E
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\art_blue chair.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 2, Create Time/Date: Fri Jan 19 12:28:52 2007, Last Saved Time/Date: Wed Jan 13 01:39:54 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	13B17EFA85B16C9A34A8031B86018A8C	298EA9B4814DC6E00D57259FE6B60CA73D91BFCB	3392BF0E742F724C2C2CC8D75944EC27AF4966202838A621C83DEBD53C885405
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\art_cup.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 2, Create Time/Date: Wed Jan 17 11:34:57 2007, Last Saved Time/Date: Wed Jan 13 01:41:03 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	25428D6F8904ECA1C4937EB6A0D92F10	72B62F0BB21D0752784FA656094BB0B232893F55	43F0C0AB67603C27B83C9CFE207A75BE581F32F58D7115FDADFA5D1159C12907
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\art_gear.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 2, Create Time/Date: Mon Dec 14 11:31:22 2015, Last Saved Time/Date: Wed Jan 13 01:41:29 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	D731E1EDEDF3C2D23803D02E5C9F7A9E	9B793CCE37540242DA6E592D939E5BDE4E7BF53A	34B69FC085DBCD0C372937D930F786E7B239D40735DD692DE39617E660287FA7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\art_maple leaf.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 2, Create Time/Date: Fri Jan 19 12:28:52 2007, Last Saved Time/Date: Wed Jan 13 01:46:53 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	256C818F031E02A11B6A5C8AAC6C7D72	F6CC9D45D8C48FCC511040AC21632E5575766050	7BBC14B46D4D75ED97E27C3C0D81A131E1F95C61C0AEEAECC8624CC9E5A3B502
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\art_mountaineering.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 3, Create Time/Date: Mon Dec 14 11:31:55 2015, Last Saved Time/Date: Wed Jan 13 01:47:14 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	0456411DA067DE0FB9EEACDAE54BBFAF	B0201201894852D43BCB17FF099CF46A828B45BB	7A64ED746DA83EC126A6E0961BE7FF64632E0549B3BB7F4195FE58EED199C658
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\art_scarlet.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 2, Create Time/Date: Wed Jan 17 10:14:35 2007, Last Saved Time/Date: Wed Jan 13 01:47:52 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	0F8005FE48FD5476330CAFF8E5A08C20	AA3735C71625AAF45CCFCF41BB13C174FB756EDA	E0A3CA0834AD897BF3935297D22E6B55CCD917C5F15AF58886A74C99DBC91C4A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\art_tree.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 2, Create Time/Date: Wed Jan 17 11:34:57 2007, Last Saved Time/Date: Wed Jan 13 01:48:14 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of	DAE14BA9A23D59A049723D711C64407A	2E66C6CA80BF54887BAB9834E4BE1485FDE69E4E	F83BFAC82FDC3845B0A883E8F4CDE78D36531E8E7CE06E966D12A6DE06167C5F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\business_seminar.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 2, Create Time/Date: Fri Jan 19 12:28:52 2007, Last Saved Time/Date: Wed Jan 13 01:49:11 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	A3C5B3E4B7AA7E0E61FF8EC99626F9F9	6A2440CCFCA53DE248DF68A804F2120E113DB1E2	1D0FD64E22B8609066B46D9CB8DA93580B013BA6D03EE30EE54F367C724EA441
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\classical_teaching.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 2, Create Time/Date: Wed Jan 17 11:34:57 2007, Last Saved Time/Date: Wed Jan 13 01:49:32 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	B276D01798E157DA34F0A3B283E1A0CA	D13F38DE99C2930DF3F82CBE129BC5B7E13B6B4F	F5B016A1CD3D48F238F133B8C71571F2C258C170A77034DAE9832EA32277C96A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\classical_water lily.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 3, Create Time/Date: Mon Dec 14 11:35:12 2015, Last Saved Time/Date: Wed Jan 13 01:50:05 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	F5443A0DB021B6F8D0D8479707D802C4	9B0121852B42AEE93D2CAFBCB83B0FC1A588C52C	84685F13D04FC8095D3748B3B60673B726ADAD771CA767ECEF6F1E2CF11E75E6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\envelop.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Jul 10 14:57:36 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	FED3E967C3CC30B6C2E66C75CB4C3C56	AE55354C6603BA82AEAAF5E38C2D81796BC526F1	73EFB239FC1FF9C4025C3E8F1273C08454127E715B6DCCF0F44A4F943DD3733B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\fastener.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Jul 10 15:07:15 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	437E7F07F7B6EA818C5E110C8176371F	504DB3B7DBB5B708BFD6007ECB166C039D88A5F9	0F112ACCD8CCD0CB3BD34268EC8057F84B139731146EECBD740D21F6E70B4C8C
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\general_geometric figure.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Jan 19 12:28:52 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	18F9F7EDEAE3DA19FBF783E506F976C0	46119EF8C60A77A7CE2137183595E256A8923A08	5C90259D98625F55551B9A43CEF09EC004DEE058015CAAB91CFA42C1CB157C14
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\general_red.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 2, Create Time/Date: Fri Jan 19 12:28:52 2007, Last Saved Time/Date: Wed Jan 13 01:56:30 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	A36F124909B45F97A8CE962F4051D1C1	2A03FBE4596A19A28511B0524FCB54E411234764	16EC6A7E1089DA7C150D107D35FD746621E2AD9413A226B237DC15ADE36D79C7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\general_report.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 2, Create Time/Date: Fri Jan 19 12:28:52 2007, Last Saved Time/Date: Wed Jan 13 01:50:31 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	8C172075F1A8A430B85FF212866D857D	6B162A93954A130E115B874F5194447FEBFC8A7B	F00C93E29822B8DF3BDD8A0A24471D7C403A24901714689C1B22076B7A7CDB41
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\general_streamline.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 1041, Author: Kings, Last Saved By: suyin, Revision Number: 2, Create Time/Date: Fri Jan 19 12:28:52 2007, Last Saved Time/Date: Wed Jan 13 01:58:55 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	3E68DE88D3301579CEBAC22182429547	746C543A5FD3D0EB532016BF675D1E1B9313A8E4	38DC46E20B670DBF759BEEE745EF54AF68FB611553BA40AAAB9687970C4E7CF3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\grassland_view.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Jul 10 15:01:17 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	9198EB46BD83670913E0321599B14350	455B38C981DF2450494D5A284387D0979724ED2B	F082990469CD1C12376D347B574BE09082D16A574CDBA3998EC10C76E7E8AA12
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\player.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Jul 10 15:03:12 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	3B02DFC978A33D4A291040691BA4BFBD	B1D614FF5036E3368A9A11242113B916EAB22806	8225A331C460028A91D1B38FCF3BE85FACF054C44028EF4DBF3F91821576CB5D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\presentationdesigns\water.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Tue Jul 10 15:08:51 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	3732D1DE527553C8C78145748DFA549E	465F6BE56F787B3C8A519DA50C9F1163F76D2A23	0A59F51DF1D833BD7EEF1E0BF4E3C0A680CB4C4C6664F980DEAE5C7C67DA9B85
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wpp\business\Business Plan.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Thu Jan 11 15:59:42 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	F7640A73BCA5A672CEB3755124404CCE	E388BB674A03A71837C4EC8F0D6EC06ED217AF0D	FACF8F0EC3BE741207FE924D9A5B144A0B7A129BE018372F4C77A79D77294DE9
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wpp\business\Employee_Training.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, Code page: 1200, Locale ID: 2052, Author: Kings, Create Time/Date: Fri Jan 12 12:38:12 2007, Last Saved Time/Date: Mon Dec 14 11:38:49 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	BF60DC8C09FB4A64FAF2E8F21DF0E8C5	3CE2A3E579F7BC0D01A460BAC167378D9B2D27CF	6383123B7CAE20B86741A0F64EE59FDBA9F0AD06D106C4F9002027380995B41D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wpp\business\Financial_Report.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, Code page: 1200, Locale ID: 2052, Author: Kings, Last Saved By: wangga, Revision Number: 1, Create Time/Date: Fri Jan 12 15:21:44 2007, Last Saved Time/Date: Mon Dec 14 11:39:06 2015, Number of Pages: 0, Number of Words: 192, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	485CC9EC83B1F03E1E291E685C9F19A2	CE779A514597314FDB87EEA0606B5AA43FAA0044	1630F5129D862FB6D36FD602E2A59E89E3A5BE28F683442DC9EFDCD936E4A16D
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wpp\business\Introduce Company.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Wed Jan 10 11:08:16 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft Offic, Security: 0	53D304578B0B92A6704F1DB92BC76347	049D206958D3B85A0F27DD785AD3307B7E5814D4	295C503FE6C64B35D73CF7B7D68C0E12972D2060FB15C4AF5DEBEA46513A0CE3
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wpp\business\Modal_Report.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Jan 12 14:59:19 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	7B225B3EA9F92269C4CA8DB17737153A	3BB529348E37287B2B86B2513527EF046464ED72	ABE050544C08752C344642686C65501DFD38923A2FB12C9AF41F7A164EA8D95F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wpp\business\Product Introduce.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Last Saved By: wangga, Revision Number: 1, Total Editing Time: Sat Dec 30 00:00:35 1899, Create Time/Date: Thu Jan 11 10:16:12 2007, Last Saved Time/Date: Thu Apr 26 07:33:37 2007, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 549, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	C4468D311AA911011845D10438D17B97	55042CCD6E66E1E72E3FB69B1B8359D3B74EDC99	59745A572CC05A1A385DE86AD84BD488365842ED2C60BA2494D20FA912D223C8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wpp\business\Scheme_Suggestion.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, Code page: 1200, Locale ID: 2052, Author: Kings, Create Time/Date: Fri Jan 12 14:35:40 2007, Last Saved Time/Date: Mon Dec 14 11:39:49 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	A2B4DD6248CE6A0BE1E88A08D0708EE6	DBE021BC9FF3D27E185DD40DC5E7EEEBEC3619F8	20BEC64127F936732FB108207CA30B721C43A142C5322E00A8D057D7D722CEC7
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wpp\education\Back_to_School.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, Code page: 1200, Locale ID: 2052, Title: SnB, Author: Kings, Last Saved By: wangga, Revision Number: 1, Create Time/Date: Fri Jan 12 10:47:02 2007, Last Saved Time/Date: Mon Dec 14 11:40:10 2015, Number of Pages: 0, Number of Words: 437, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	E3F36E5B1C8DC27C77D293FE4A7AB0BB	512114C44BDC15ED9DE9EA46B88694C694E2920A	28092522CE7B79BD4BE47A89037F50650B1D340281F49780AE8D4DC467669107
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wpp\general\General.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, Code page: 1200, Locale ID: 2052, Author: Kings, Create Time/Date: Fri Jan 12 14:12:27 2007, Last Saved Time/Date: Mon Dec 14 11:40:29 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	A03462D7712C81575B99ADB6B22EEB5C	4521A98BD444CA59399B9B22D027DFEE66166484	B98F27BF9AF6E4A7E56FCB2214A59B442DAED8A45BFA60D6C7FE87B1326433A4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wpp\other\Project_Summary.dpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, Code page: 1200, Locale ID: 2052, Author: Kings, Create Time/Date: Fri Jan 12 13:36:16 2007, Last Saved Time/Date: Mon Dec 14 11:40:46 2015, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	9C07BAC0F4042E831E17C2D307F77BB1	4352BED10FD493038E1CA13AACB2ECA599947ACB	267CFC729FB136369CC4754A30791D5184EDF0CB5A55B60A5EFB522B94ACF631
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wps\business\business fax.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Thu Jan 11 14:06:35 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	B77851B2B99DABE32258E393B0850E0F	16490C04A00C0FDB39BA0CA37D588BED4091FE76	5EF4F5301BBC653E0800A4DBD7C767F0EC5BAA3D89722B44350D723434898A79
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wps\business\document between company.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: zha, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Jan 12 15:25:17 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	57D3836753DA87FDDE8B3CE11BA8B6A6	FA16A16986B5834E845351B89C98A7B5AEE6AA04	64AA2025D451DF9A7DC52ED26735ED49E2309B85CA11174CE88E5DBF1255CE22
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wps\business\meeting record.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Thu Jan 11 16:01:47 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	35FE705EA3BDB4CFD8125260CB59EDBE	9F782A59F4E8192789C28BC9AC1F07C27F014780	8F272AEE94A793CADA4B35A5A437177B95798BB27C5706451600DEFFB30F6DDA
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wps\business\memo.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Jan 12 14:49:36 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	9F3353A463B225EC5D68F3D63C782ED9	CFCEAC44D635CB29BC39A20CE6EA56C0481D2DC6	35B724FE0871445026A0A7176EF310B40F4E438AF428DBDBC4B3027573034DF8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wps\card\new year card.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: zha, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Jan 12 17:16:14 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	0CE7B829F93C52824FE38584A18D0583	5F46228067A3EA1E93FE039349A9806A034FFBC3	84238E23D90398050A79C6EFF83D8E695459658450C497D1617E9516439B53DE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wps\card\summer card.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Mon Jan 15 09:16:19 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	12ADC609FF0403A4BE23A39489BA21D1	BB0ACEA34E18E952E43C0FBDBF85F98C7422DDDB	240735E41BD07D3B35E79124C5BD60927B9D2C886857B01B80710C286404A07F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wps\personal\job resume.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Jan 12 09:30:41 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	4C5BE9BF2822D1B66089DEDA1B733422	C17178D74BAC8351ACCA2D921A39A43B04BB081E	505EFECE5F72342FA16641D856E42397EA4B14469EA7414DCADEEB43CBFA9C88
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wps\personal\message.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Jan 12 14:09:16 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	F6C629CD8B72402839C24A54F95B44F4	090B6548091D8E37575BF407BEFBE918EDEA8844	F2F7F57E37EF3BCEE2E836DA37C9181C4A7CB65B7CBBA9060791539383ED2245
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wps\personal\personal fax.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Thu Jan 11 09:21:10 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	5059E4EBBC33260DBECF1BDBBACF79A0	ECF53C0BF06295BCB376587C5293FD4CCCC5C205	BD116DAB285C184B582C04CEE7DFCEBE0D661750C41C93C10BAB8C7DD3CABB82
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\ja_JP\templates\wps\personal\resume.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Author: Kings, Template: Normal, Total Editing Time: Sat Dec 30 00:00:00 1899, Create Time/Date: Fri Jan 12 10:28:04 2007, Last Saved Time/Date: Sat Dec 30 00:00:00 1899, Last Printed: Sat Dec 30 00:00:00 1899, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Kingsoft, Security: 0	4D24FB57D8F647A8E98A8F20C836E5D9	7FB2B8F38F656852E6CF04AB32315AEB46271454	5CABD2F08AA8C3B0A751D43B5656C43F5A8B4FC45AD7E9816D05D02AFD54F903
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\config\datetimeformat.cfg	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	930AB28D9A9D2B64E886102D20A9AF5D	1108698726B6945F07CF8F2AFF19E3A03108455A	220470BBAF0AE2EDA824FB8DEE041664A2E2F69ED0486828E8C0809B940D94ED
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\config\numberformat.cfg	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	B5CFEBC0910D78EC078E5A242FF22206	7C63243B21B8FE8CCB2700BE6CC5950BD61798F5	5F298A55C7E10055AA6BCDF5660449D684F00935B76E3B29AE038D2034C7170F
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\config\replace_as_you_type.cfg	ASCII text, with CRLF line terminators	57B391028A64C5DFB0AD1F8A9227B254	4C2F5D89C2CCA85442903F31C687ECB205735FAC	00451A986862F4ED76C5D835AB7DA3BFB6A1468AB49E95AFE6B2D33C5B345EB4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\config\wpplist.cfg	Unicode text, UTF-8 text	55E49B4927C46ADF0085ACFC8D396227	090CBE97F3A86C2B1F83D0200A5C585C64BEA559	C4A4ED48AAAAF68F5F5EBA2AD4BFC68245EA1ECD975DC98307BAAEC309D4D6C6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\config\wpsfieldnumber.cfg	JSON data	7215CAD7132F83B0584F68F23C8EF9FC	85FCF2DF2A80C0A5F620AC613BD08109CCCFAF11	6AA058014FA3DCAECF193C53D1A862BB7FFE15C7818EE21749D392D8748ED6B4
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\config\wpslist.cfg	Generic INItialization configuration [NumberListGallery]	F1740ABF26CD7B5E45EE974AF13D543F	8940F58643766FAF6CBC8FB8D74F91443E470779	A1CE5D665728CCD721915EB96C1ABD30BD7880B0D013FF7442D02BBC11A11F54
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\lang.conf	Unicode text, UTF-8 text	0CA4B16A726C10218BA62E725648FFE4	7B576FEC15AEA6F8401E25410B0C6262C8C362DE	C2CDDCEA2AAC8DBA975BBD1615A5D643BE542E74B202A78B742D5CDD327011BB
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\resource\splitword\splitword.dic	CSV text	AC212552D86A6057628B08B6DEC9BA1A	A1196AF0A4C0692D954EC47640FD063BE3C4EB5D	37D65871FFF5D92B75B4EE8D590B31AFA1FFC23B8F449ADBA70B5F09D9976AFE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\resource\watermark\images\user_defined\addwatermark_buildin_wps.png	PNG image data, 102 x 134, 8-bit/color RGBA, non-interlaced	9E9D6B621512D433A3E0BA6EE753B757	648B20E755400AD019A48DBE6543F0EFAE20DBF2	82AFD4510E088447A241B79CEA3F1CD1E4F647BE489A795C75FCD6245D2E2940
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\resource\watermark\information\preinstall\ORIGINAL.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1200, Locale ID: 2052, Author: yubi, Last Saved By: 80, Revision Number: 1, Create Time/Date: Thu Feb 16 07:42:19 2017, Last Saved Time/Date: Wed Jun 16 09:50:30 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Office_0.0.0.0_F1E327BC-, Security: 0	49B54D2723A19038C8D21C889AACF4C8	4DF894BABF74A164FF897948ED33629DE57A5549	DB27B8BC9BCAE690372313E6613F7F1BD143919E05A140A6D676F6CDDB228F59
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\resource\watermark\information\preinstall\SAMPLE.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1200, Locale ID: 2052, Author: yubi, Last Saved By: 80, Revision Number: 1, Create Time/Date: Thu Feb 16 07:41:24 2017, Last Saved Time/Date: Wed Jun 16 09:47:13 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Office_0.0.0.0_F1E327BC-, Security: 0	D66ABB079E13B79C253D9DCA5A57B2AD	388941AB29E80B0F2AFE0F8B06ED70C8E5275446	4BC683C4182496426633B7C6F1BE1689C0849A5C73541E68456054FC3F6AD58A
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\resource\watermark\information\preinstall\TOP SECRET.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1200, Locale ID: 2052, Author: yubi, Last Saved By: 80, Revision Number: 1, Create Time/Date: Thu Feb 16 07:39:53 2017, Last Saved Time/Date: Wed Jun 16 09:40:10 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Office_0.0.0.0_F1E327BC-, Security: 0	240B3A886FE534AA4FCB589AF24931A0	A1631DBE2D54B40DAE07B034D9B2A9ECB35DB1BD	1BF5CFEF281A4F4FEF6299DB012A507EE8D0ECF6BB913F4AE8FC77C10D649360
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\resource\watermark\information\preinstall\URGENT.doc	Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1200, Locale ID: 2052, Author: yubi, Last Saved By: 80, Revision Number: 1, Create Time/Date: Thu Feb 16 07:38:29 2017, Last Saved Time/Date: Wed Jun 16 09:31:06 2021, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Office_0.0.0.0_F1E327BC-, Security: 0	CE7B80AADB1F24DBB343DF9E182C40B5	7E3AC4D40FAF404821271F6C56A3AE39E1F49322	65DC59DEAEA2260583CD8C96E38161CEFED7E1E8EB3BAB757FE230F7A783E47B
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\templates\Normal.dotm	Microsoft OOXML	7CD1C12DB942D9DE98F3B2EFEBD0524B	9B7AF776E5C7F1C7977A50BFA7FA4E512C2EF3EF	3119C644552D1EDBB26A9C74E707802B1008698E80EA2755B7C21496032D48A1
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\templates\builtin.wpt	Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1200, Locale ID: 2052, Total Editing Time: 02:00, Create Time/Date: Thu Nov 3 08:14:00 2005, Last Saved Time/Date: Fri Jul 7 04:44:00 2006, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: WPS Of, Security: 0	D81212AAADC9E0520BB0133045C6ECB5	5637F7A27E042F14F3E8E9C7985E8F1E08F70618	3F3F2F5D93AFAAD6F335B020E88D4381AAA132A8751BCCE2E0663097D01EE8AE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\mui\th_TH\templates\newfile.dps	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1200, Locale ID: 2052, Last Saved By: daa, Revision Number: 3, Create Time/Date: Fri Feb 24 05:00:51 2017, Last Saved Time/Date: Fri Feb 24 05:01:00 2017, Number of Pages: 0, Number of Words: 0, Number of Characters: 0, Name of Creating Application: Microsoft Offi, Security: 0	8135884D0798170240F252B87D737224	8A76F6C445E24057D1D6674AA193C24EE21BAF9F	8CEB6AC2FF8EC1C83DEB96A75259B79290C263108C2BB2B7A33E7F5906CACD12
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\qt.conf	MS-DOS MSDOS.SYS	351FDC16F8E5EC3105AEB289397A06BC	115BCF3E66703597EF4FB42ACBDF3BE37FFF221B	B54BCF83FA006BF38DC845507E31DD5AE559ED68D45ACC12AE1561142661A7D8
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\thirdpartylegalnoticesforpdf.rtf	Rich Text Format data, version 1, ANSI, code page 936, default middle east language ID 1025	BAF21DC0DD61098E7A45F5431D502C51	E65AE6C06A4E3B2BC9C8936A875C19A2C8F7655E	6B40B43BCFE17069434CA81CEC9CDECB72921E7EC76704B0E569E96CDFE7FA34
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\tmp\PDF\Security\Trustworthy\watl.bin	data	CB2015E5B6842C9964DDC58ED9219BF1	54E5C22E7CC4EEA4EBF44FACEC06E1115FB6F378	20D0C227AB4615B602E76CD0502FFFCEED5E12B89D42CBAA8AC524E80F223170
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\wpsart\quickstyle\3d1.xml	XML 1.0 document, ASCII text, with very long lines (24524), with CRLF line terminators	67ABE4221B2004E937EF41094D50BA33	2EDF6C3B3641AFCFBBB13869E11D9A3323ECDA58	30CC7B9F7203BFE03E782A98612FCCEA1738037A28B18B44D2A3D730ECF646F0
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\wpsart\quickstyle\3d2.xml	XML 1.0 document, ASCII text, with very long lines (28166), with CRLF line terminators	0708423770D7B7ABEE0C2683477AFF0F	7970DE619B3C57EA0D47FF4CD958521E4873D6CE	CA59A42E6842FE7D4D3F73BCAFE7CC131160A557A21DAF418F44863FD7262A07
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\wpsart\quickstyle\3d3.xml	XML 1.0 document, ASCII text, with very long lines (29794), with CRLF line terminators	FE21FD2C25025A6411DB3EC3A486E042	7C780925BE44FE4AFCDC70B6C6A23D49E933DA6D	0B7F05D17F487BC96DA737EF4EBD0B3CB0EE61352AEE6521639C3A77C73C6351
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\wpsart\quickstyle\3d4.xml	XML 1.0 document, ASCII text, with very long lines (25332), with CRLF line terminators	3421DE9F46CA8B854AEA977B482BFC4F	534DA2190F462AA0F73A0DCF02961B42D00372CA	986643D5F3EDAA537BB1DCA3499CCD91FBBE19BC490691F7FAE0B44511A12AA6
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\wpsart\quickstyle\3d5.xml	XML 1.0 document, ASCII text, with very long lines (24852), with CRLF line terminators	1EC0C6551CFE1015EB937CE7D2EA978C	A7CE15053943104FD9014AF37584AAFF4A1838E7	639F254F3455E2D309FE8BDBD75B1B03BDDDF332C688CC86F8A0B4CC3FA8C626
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\wpsart\quickstyle\3d6.xml	XML 1.0 document, ASCII text, with very long lines (24764), with CRLF line terminators	D3B84A0C0795508D5E9FFD831F74B9D4	26F9074670FE083BFFDC90046C39F38FEB4DE28A	93EFB710D6A36C562B9C8A61955B0EB1F71C1BC8BC43CDF05E3D27119B6E24AE
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\wpsart\quickstyle\3d7.xml	XML 1.0 document, ASCII text, with very long lines (26103), with CRLF line terminators	0D999F578DC279BFA90527DF5CA1C399	007944961F80320DB7C9E4EEDD7E4E850A773B01	28A84B59906A4026D9FEB66025B282A2785019E32A3341DAE5AD88E3EAA88B43
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\office6\wpsart\quickstyle\3d8.xml	XML 1.0 document, ASCII text, with very long lines (27839), with CRLF line terminators	BC875FE54AFF3D414B194A17C7781ED4	037A23F45DC74C1ABC3161E34FA042A5F80C44EA	300233864103C38C596F2CD2470843DE40F62F36EE1191BB8A719AA620F2E588
C:\Users\user\AppData\Local\Kingsoft\WPS Office\12.2.0.18607\utility\diffbase\office6\mui\default\templates\printTemplate.pdf_bk (copy)	PE32 executable (DLL) (console) Intel 80386, for MS Windows	B951011BA021C374455E8D1E18AF84D2	2D2E5E097BA5D92E6977CBB23AFCC60B2E1D1C8C	1C057286BDF0CB90F7DD1FECF5E8AFBCFF1E27F2A94612967C0634AE639CA43D
C:\Users\user\AppData\Local\Temp\konlinesetup\recommand.png	PNG image data, 1308 x 696, 8-bit colormap, non-interlaced	1BC2F7678AE9D9AE6461DD7C4BC8B142	571B62251DB6B4EB440C35A05C09959A86A910FE	EEE45D0D93A0A1D56E32F7C9C2B22EE78C187B6692A4F7F4F1624DA144FA9487
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\de_DE\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 text, with very long lines (328), with CRLF line terminators	ABCA83CD63A68C090B62F216C3ACAA80	9E7B74286DA6009047A9CEF0200D97EBF7B4A2C3	18027A5D71FE31D2DE47F6919820C71CFD3B389EE63F3D8681786AEFEE74733D
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\de_DE\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	034F37E6536C1430D55F64168B7E9F05	DD08C0EF0D086DFBE59797990A74DAB14FC850E2	183A140011774D955E9DE189E7A1D53CB4128D6ABED61C7BFD5994268EE5F384
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\106.png	PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced	83F3FA276CD75A78053372E32D83DB86	3690C57C62374B47C76007AC231E45316CFE44FB	F183BCB33059BDAC07040F210AF6ABEB94D2E42DBD3703815893D7AF2D6E49A2
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\Triangle.png	PNG image data, 9 x 5, 8-bit/color RGBA, non-interlaced	5ADB7B2A488CF2D9B1700A5BE293C312	57491297EF84F2CC2AB8AAD3EC4D1FE03A0D73B1	FB33597F6DDDD7F8B93E1C279383481E0BBDFC74249242ACC27775B904A40B1D
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\background.png	PNG image data, 600 x 640, 8-bit/color RGBA, non-interlaced	27B9C403FA884EBF4EA0CC23D69A42D7	DF29E5CEA6A07E6A42675C6EC8A3801C9D2189C3	5479C612C47D5CD3EBDAA11EBF897B6E84D95C364587133E03F778450A51412D
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\background_choose_mode.png	PNG image data, 600 x 627, 8-bit/color RGBA, non-interlaced	DFCD86EE5D01A98036E7FAB9634513B7	6B26F079C9A56E6F092965C4E8B69373267B697F	4E595667FFBC31321ED210169F37374123291623ADD8575D6BDD78A4026DA9C2
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\background_msgbox.png	PNG image data, 456 x 210, 1-bit colormap, non-interlaced	5E288BF431CFBE4205505D24D2DC295D	340895489EFE0A8C0C601CFE27CDA6B1C2033AFE	59AC8A457DD919C62821CCC395CBAADEB55A00BA4A7A7846F966083667476908
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\background_msgbox_xa.png	PNG image data, 620 x 210, 8-bit/color RGB, non-interlaced	B43A492B0223096B73DE9A2B29D631B5	9F89C701A265BF73D332A3ABEABC77B7EB17C259	AAFA36EF3DD914A1F00E0A4C9E7683E1AB2F160F0D5A88C8206C78EBA61DDF6F
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\background_oem.png	PNG image data, 600 x 496, 8-bit colormap, non-interlaced	481E9EC6D63B0D8979A5D5B4595134A5	41F5161879BF5C431CC68CE14E5BC667AAD57323	AF82FD27077BD7FF4892881A75E7A41780C7FDB9C274615C7AF96AC3A3CA38E1
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\background_without_version.PNG	PNG image data, 600 x 632, 8-bit colormap, non-interlaced	3205727D046D39384D2987D152D47775	5F33AF796C2067EB88F944C8CE01432B5A0441F9	2B0893B707B706E3B9BE9ABC43D0F961C37F24E2086E3B42979C420D35BB3913
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\background_xa.png	PNG image data, 600 x 610, 8-bit/color RGBA, interlaced	367C2059F78AB2055CF62C373A94876D	48F5D51A1EE622C5AE2EB9EE2CA798B67823EC32	89B8259727FA09E45DF119A1B812A3343EB0B7A5F86EB58D952934472E8F02B0
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\icon_international.png	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	52E983B4F384A4D3946459B9B2568DAB	2CDB84E49AF544A9BBA362977203B56A72C7BB7B	7334F889E680DA6AE42AD62F7C45A23969CF78F38B1B0CC9CE69D39221E74DC7
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\icon_warn.png	PNG image data, 32 x 32, 8-bit colormap, non-interlaced	8EE43FAB58F0C2E66305B769ADA3329B	38A222B93E319A7961249CBA6E76933220A28AC4	E3ABE5CC91D21F9F229E4443EC1C0BB901C016D14431A57C90DD8063647C7D6A
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\img_msgbox_shadow.png	PNG image data, 510 x 264, 8-bit colormap, non-interlaced	E3C14BC4E01CD00D271A1A0DA2970F65	05AEB506170D821EE246D8F1572A1D770FB4F08C	2A2201C32E06B7589D8D9E3E71F25AF501CC10C6D7DCD4A2EA59A0169D0E86A9
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\img_msgbox_shadow_xa.png	PNG image data, 674 x 264, 8-bit/color RGBA, non-interlaced	54010A9DA0A97F8638B4046CA71B453E	80E24B6A7DA35A3A9F4EAA9EE47CAAA16E23E5B9	6327BAE99366F6D86C29C74B78CCDE4AA303628656C7D59F3139417A984D5B50
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\img_shadow.png	PNG image data, 708 x 577, 8-bit/color RGBA, non-interlaced	43C017A76C2D85A0F7D360CD33439C45	62BDEA0C6806BC8C3E150DF65C12A7A3D4A25B87	10F377BDA61CF96173E64BEF2DB11505F636A4548CA5279D971EBDA98B7A0D6C
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\img_shadow_big.png	PNG image data, 708 x 720, 8-bit colormap, non-interlaced	F777C896E2C814D17728290B5F350C30	2834D7C27AFA7B22AB078E553C593522EBE1261E	73CE94025186B1E26D43B39DF4EDAB6255A8968EA8A589A5885CDC20F95EBD3B
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\img_shadow_choose_mode.png	PNG image data, 708 x 735, 8-bit/color RGBA, non-interlaced	599435F8EF815648CB93DD301B0E290F	A39A24D20A6E86FB479422BC7E404185FDE99C21	A0B4B8C2901BA79581C22BB6BCF411B1DD08539FB400FF04D8144548CA85A148
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\img_shadow_small_xa.png	PNG image data, 708 x 604, 8-bit/color RGBA, non-interlaced	D4F6C031BA45FC2020116107B228F05B	C6911C5445AD858315726A1DA803C136ED67EDAF	A6787B914FD81228B1850A285650E561570EBF4651107C24529F05CDB6F52110
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\img_shadow_xa.png	PNG image data, 708 x 718, 8-bit colormap, non-interlaced	B50AB57088A627E88DBF71E8009EEB74	D9B45CD8B709CDC388B9EEABC1E3BE95648679AE	30FE3FD6922680A148A0C1B5C17DB31665C86BF839B54E16BCFE3A24E644F902
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_browse.png	PNG image data, 224 x 32, 8-bit/color RGBA, non-interlaced	4B114CCA5A64496FCB587807DFE90C0D	EAD998337F01BA38C91EF2F07F5BF91AD3483B0E	FC0556CC810377D475BBFED61D16567A9CCD6ECFF0C44DF12825009CF1AD9412
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_check.png	PNG image data, 192 x 16, 8-bit/color RGBA, non-interlaced	1CBCBE2FB6BD1F707C3C714FF86C5C5B	5BCB398DC27539F2F40B65FD75DFC98481A0B1F1	9695BD59548A46DDE0C66F2E32B0222527FD8C51252DD8E2CB8B6B21199816DB
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_check_license.png	PNG image data, 128 x 16, 8-bit/color RGBA, non-interlaced	9D8ECD33DC6BADD55C9F21D31072D8B4	626168CA8020EDFD3D0DDC88E82C6A909FE821CC	506B622DCD214CBA083ACF874CE415536DD99C3CCCBF02BDA1C0111C1C5A1A47
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_close.png	PNG image data, 64 x 16, 8-bit colormap, non-interlaced	2818D3996780473EAF36C4B9A436795B	D16DF5303EA414B5FD9B7E150A9D27F1E832A8F4	0742D1B03B0BC28B133FDCA5C3E895FF5C9F715D0D890947DB7D9A71FE847C18
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_combobox.png	PNG image data, 1728 x 48, 8-bit colormap, non-interlaced	FA095A100A55F53AFCDAA42A2A2E7873	FEC0FEACB2EB99C3409528114D92927051081565	9CF20E6690B03F7A8BD63A5069295F584B2B7B0340148896B4B255214A57B0B0
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_install.png	PNG image data, 1200 x 94, 8-bit/color RGBA, non-interlaced	504C3443D90E8696F01B4364A919BA04	819C92A83C9E7362A6F716241DDB5B5878B6824C	89F3CFB9DA99D1D2E206DD600C7A7B8844F4C42379DC570827EF3740227DA6C0
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_install_xa.png	PNG image data, 1200 x 84, 8-bit/color RGBA, non-interlaced	EE9F573B1023041AE470AA2C0B726514	AED4631475FD9DD88620C3D91CCC7E24AB53F72E	A85BD974EA6E6A0C88132BBB29C1EFD4DE31A9088CB1F61B6E4B68825F444FEE
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_installpath.png	PNG image data, 1832 x 28, 8-bit/color RGBA, non-interlaced	9392E3D68AB4777B05B2E71613448864	A2D6A6003C59BC101D770F80682D6B5C5C28F0FE	298BCCB9C8723FB987A2DDBB48A5C26F93CE949C627C9D167441B6200CADAC0B
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_installpath_xa.png	PNG image data, 1884 x 28, 8-bit colormap, non-interlaced	51B3DEE7FF3C496E7794DCC045FC7425	4D0E63ABEA2BA4C1C6D59ED8AB1F23B35BF77D15	C66593D590B95C031E726790DEEDBB2112EC463C02507AD072C593B52ACB5B4C
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_moresettings.png	PNG image data, 192 x 24, 8-bit/color RGBA, non-interlaced	C7E1506EBF1A0D59C3340A37403871F8	8AAD7E259E541EC63D1A070A299FFB03C7E2B84D	E79C013C354EF6D2B317C4B25C2F577ADE629ABCB1997C82A1D59C3C0AB7DB70
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_msgbox_btn3.png	PNG image data, 544 x 32, 8-bit colormap, non-interlaced	37626BDB39AD0E684CCD1670DE5FEE10	7B82ED8D6CE68D63DC49F0DD7E5AE9FFE93996D3	BD76BE5193F5993542B787701E6588CD86F0697CC46F6E7A8A50955D5C08CFB5
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_msgbox_cancel.png	PNG image data, 384 x 32, 8-bit colormap, non-interlaced	AC5368878CD9425D0BCA4D7FDF617FE7	C5B6A5A91A77BD5E8B4E7FFDF273F65017F8EB68	8BE2E5A8279AC66C6ABBFF1E225C84FBC4FA98216AD674D2F09D0FAC6E8E7EA3
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\imglst_msgbox_ok.png	PNG image data, 384 x 32, 8-bit colormap, non-interlaced	F24A0B8BE194EBECBE9DF29133919A52	C1CC5D5E4A21A785EAD2D2AD9453ACCAC2778DCA	152A511F1E510D41E2450C70B334C8DDCF8BF945E69F437B6A7611C5A6D378D2
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\progressbar_bg.png	PNG image data, 23 x 10, 4-bit colormap, non-interlaced	9FF26774B8CCF283BA47E745EEAE4426	FAD595FE4F7EBEFF7F59AB9D66820B75A2242E5B	43F0BEA742604FE700A870D2A8B1ABC463BCECD4119BA0C5FFB8051E01A49C9A
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\progressbar_fg.png	PNG image data, 23 x 10, 4-bit colormap, non-interlaced	ED492CA46F3A689F70BEB2E3EFC0F440	5F6F5180790EF5F9ED1EE42F427901684904ADD7	900633BA5C80587F29447D4EB0F78FA16480BE3B1D8B246EE25C03B93B0811C8
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\default\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	CCF1058CBB3B0DD716952B409562AD03	183911BB319C44D902967A55BE833EC0C0927497	A9C100CE0A2D5014E976B42FF2E1DB24FE8BE1E950760C04E0939E2B4036A889
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\en_GB\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	AF8782FE698AE3A95B57FCE9EEE672E6	EDC53AB39CD3413D3B2D10E66BC1D4671493DB06	957AE3AD021DDE5E82D8703DBDFBB8C73FD433A98F25FB4031705BDF527017F2
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\en_US\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 text, with very long lines (305), with CRLF line terminators	46042433E9504287B9E4A242124DE755	3FFB9E635D3281EE51CAB8E97343679F6C22FBFB	42F0DE83C60FAAA33F5056C2DBDD5AD7758F4F7C01ED03607744EE59536A149F
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\en_US\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	394488B30107BCEBB84A97ED5D754CEE	69EBE17F7D577E9BF69C87CFF45C3251F0BBC86E	0F95B878D7AFB96E1AB1372B61B83B3C51C0AAAD4C2C5AF0FFE894845FE020B6
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\es_ES\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 text, with very long lines (303), with CRLF line terminators	37DB7D1A4FF86F0F696BC9AF7D92E74E	E670AB3B03AF18DA09B353E193B6AE6F17C129EE	B5F76B2C448E293C7CCE9931AC8E7A4E9C580EFBB97206AC53E11EE7C0959353
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\es_ES\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	034F37E6536C1430D55F64168B7E9F05	DD08C0EF0D086DFBE59797990A74DAB14FC850E2	183A140011774D955E9DE189E7A1D53CB4128D6ABED61C7BFD5994268EE5F384
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\es_MX\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	6ED67C5753761F682404704D2BEAB2A7	D9627F73216065C60CD550E5948D97DE03CA6BFA	4A43029AD0121EFC9E30D873684D523ADA50993766BE970FED66AF8183BA12BA
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\fr_CA\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	5EC78D7B405765EF0A8ADBA4AA2803E7	A8652FF748230EF05F36F23FDBF0BFE3E90EE319	BAE38D7B2BD2E9DF1E89A99C50319371B483A46C8BDB7D95D724123EA2A3173A
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\fr_FR\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 text, with very long lines (352), with CRLF line terminators	FE1FB26F984EDEE16BA660141762D34C	DD8AC2ECCC4BD4C5C89E118257AE30BA94B592BD	5C042334B04DBE8E77487CACC7E9EDF532C46051D7860DA0DBED7B581B381005
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\fr_FR\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	034F37E6536C1430D55F64168B7E9F05	DD08C0EF0D086DFBE59797990A74DAB14FC850E2	183A140011774D955E9DE189E7A1D53CB4128D6ABED61C7BFD5994268EE5F384
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\id_ID\langconfig.xml	XML 1.0 document, ASCII text, with very long lines (314), with CRLF line terminators	A58E4032AF6912F6C0F333A28C4EBCDA	D2062AD1868942152362488AD56C78221EA1580A	4B7C22BD16665CA01305A47C81C2D5444C0878B5F9B3CBBF1D8415BD51ADD7DC
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\id_ID\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	034F37E6536C1430D55F64168B7E9F05	DD08C0EF0D086DFBE59797990A74DAB14FC850E2	183A140011774D955E9DE189E7A1D53CB4128D6ABED61C7BFD5994268EE5F384
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\ja_JP\1001.png	PNG image data, 600 x 278, 8-bit colormap, non-interlaced	5EEEC3F5D97544FCDE962ABF2A0B13B1	3C4FC97676107844353BDDA6A073906B4995894B	0546DA7F432486E30F320D2BE0CBB9BBF9075CF2762D2A384FF5A6EA5B3DFC10
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\ja_JP\1002.png	PNG image data, 600 x 278, 8-bit colormap, non-interlaced	16AEFB6C1454D76A589385767C066433	2CFAA2FFADC84E3C00BEF85B598D7C6232BFDA04	E42774D8B3819C19F13294B917A93330104BCF33D269B1B8CB46A2865D97061D
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\ja_JP\1003.png	PNG image data, 600 x 278, 8-bit colormap, non-interlaced	2D808B698701B15B33BEC04710A4F7EF	33B50FB27AEB47967F6DEE63DE34ECBA6FCAEDB0	3CFD7FA737826AC37D44B79F688B4DD2FE7E61B790A3EB5B90081B7F77446549
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\ja_JP\1004.png	PNG image data, 600 x 278, 8-bit colormap, non-interlaced	46B7F99F4DF13B446570B0157A75C5EE	37139FDCBAA03CD482D1405237CAFEC2B617E5C8	CCEDD187E6A9F4A703395A539F0598E44C985F544EABFCDA96909ED66AE6BA0D
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\ja_JP\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators	5DFFBE123144CADFFEDFA348FC6D3677	C64A748DCA5FEC7C48C7A4D59F37DF762059857C	D7333DB9E7CD2CB66A54A666BB1160CDA87C0294C7DA2C4BBB1123CC5EA4A46D
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\ja_JP\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	780FBFFC3DF846C33B91884BA0F559D8	E6A03EF5F97EAB22980FC221E1321DDE83557A2F	4385818BE28495AAF230C241E4F888945CD6BDAE86936E1FD891A01BF39AA6C8
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\api-ms-win-core-console-l1-1-0.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	B951011BA021C374455E8D1E18AF84D2	2D2E5E097BA5D92E6977CBB23AFCC60B2E1D1C8C	1C057286BDF0CB90F7DD1FECF5E8AFBCFF1E27F2A94612967C0634AE639CA43D
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\api-ms-win-core-console-l1-2-0.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	C26D7D913FD245AFC0F0D658595447DC	B5E00A0516B6C8C6F6A51EA40FAE1BEBA3DD49BA	73E4264DD66696163FBBF868729841F2E9B86F5A59912E64FB9718A8C889A7AA
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\api-ms-win-core-datetime-l1-1-0.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	7435C7831C7B3B47E55701E5C6CCA67A	8E0FCC170F5D66BEEA796B38CD544A045375204B	7EA1C2902A47FCD4A30180A4FE5BA5800FCAD76B63DA5CA4494E24954CEA9BD3
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\de_DE\kpacketui.qm	Qt Translation file	1EC38DDEC2F4EE51FFA5FABA3041432A	179E0061F3CDBADFBD368634F0D4E79EAB82509A	64B834698890020D8CDAC099F67798912CDFD686F4FE20691C328541C27C891E
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\en_GB\kpacketui.qm	Qt Translation file	6B797EDCFF7A5DCCD2BBCC43B9F33E98	4F28A78F63EA1EE8E349D10CF760910927DEB46F	3702CD89306C6C3D98D22F56FC41D8566CE5EB1FCF736857F3F5EB57802009FF
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\en_US\kpacketui.qm	Qt Translation file	1A59AA4F478D8725DCF575F481946C69	651AA42B7FBB7BCDA13A903BFAEF7C6B6046A24D	52A390608B1D0DCFB2931D61A334F103AABDF3EA7651B52C96ACA40FD1C1FC0B
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\es_ES\kpacketui.qm	Qt Translation file	8157AE69FF29ABF9E26256D33894C35C	84F4808ECF4613EB25E6EE79DBEEC0E49FA61545	B94E9BAFE9ECAEC55D2DEC8C4F80F6903B96EB7EA3C5359C460A4727DD969DFA
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\es_MX\kpacketui.qm	Qt Translation file	B56B28159CAAEA287A5731F1CF8959DE	701B18C913BDFFA92EFE53C20504B6D0F87DE525	D09F8A4395639868EC5AA0F95023945A8B0D9B82EA2D2A1287D7A3A3613DD038
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\fr_CA\kpacketui.qm	Qt Translation file	B71896D5F5AD849072428F3668BCB8AE	E8B7FF2A12FF14F37095E17C51E67635FF234DD2	996FACD5470733F8FDC51DA897A29E2C8D0D43D52AC8310363614E501EC4ACE1
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\fr_FR\kpacketui.qm	Qt Translation file	03CDD5F1B78873F03CF6874F25365984	B96604CC96F168EBF3A981790382A16AF7AD50BD	6B7ED38E8D894AE3606547F012515C57D62C609C87235C40EBEA8C7A45680487
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\id_ID\kpacketui.qm	Qt Translation file	8255672E941906525943C6AF9AC0B801	062B799B88109FF03C954950C333447C83DA975B	22293DA17D1A158761D9CA8F23261E3285FA8FB200827B4041EE16EB3468F535
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\ja_JP\kpacketui.qm	Qt Translation file	7006E224C0DDDFBCDEF808DD604EF6ED	F57AE9E02543A2F34DA4E297DE1B3CA399AD8DC0	268BB91DC285B049F6A3E90ED0E57EACC5C39E732AA5D419DB0C591FD1BBDFCC
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\pl_PL\kpacketui.qm	Qt Translation file	8EE0582385C3D09BB9ECA2983721DA7A	58D004258341D39F618C006C88F3FC107943766E	B69E387BC4FE76358FEB0DCF932BFEF81E2C2716C26A51FEBD763DD284EF26A5
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\pt_BR\kpacketui.qm	Qt Translation file	D1067A7ECE10022BEE4B26EA30A89950	D8570AE983954516A21E5128082A7EBEA1DAF53E	402B0A9CBA68B0C541AB7A0530AC09429616AAED406856A7FC949101E1116E14
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\pt_PT\kpacketui.qm	Qt Translation file	AB34A66A19FD68D998594CFD5665F4D1	020F132550C5675DD58DBBA980032BC67541DC7B	C06723372DC9F2876B202A18EF1004EB4559E5771731F6CBBD1E288EF103F3AA
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\ru_RU\kpacketui.qm	Qt Translation file	357138AA147B0C4F97980CCB57BE0E80	7E123A58E6BC7E80F76CB70888AC37F3BC7D9E6E	2FF3E2C6DD57A023E782D8085B4018E28695C4D4A8864BE2D2A6FC5FFD8FDBC4
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\kpacketui\mui\th_TH\kpacketui.qm	Qt Translation file	746B7784AE3934AE29612920BA6A7237	144AAADBCFDFA2E51787BD277F953EC260AA95A9	DFDEC9AE6CD28CEE013E93B202A6BDF283FDB037317571DC086FE4397A6067E9
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\office6\qt.conf	MS-DOS MSDOS.SYS	B8C2D236D33227CF9C919BCD9255C502	4259C097E0B1D4DCA72B5AC8646DD32A64853B1D	38FC090C54C0794FAC4F0194639325EB3160D6CEFF6D400F4323140FA5D04B97
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\pl_PL\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 text, with very long lines (312), with CRLF line terminators	4FB558339AD51C988664C1A6C9007108	B6E649F96037745650FFD0986A077BC08574E18F	08A0DE0D395B87A57DE89B7F0FC89DA4700F5F519BB87743500E8B723D15597F
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\pl_PL\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	034F37E6536C1430D55F64168B7E9F05	DD08C0EF0D086DFBE59797990A74DAB14FC850E2	183A140011774D955E9DE189E7A1D53CB4128D6ABED61C7BFD5994268EE5F384
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\prereadimages_et.txt	ASCII text, with very long lines (4326), with no line terminators	67264F36C1B294D160031898FF68AFD2	ED7EA1949C8E4145389CB79460B66AD2B91381DA	9354B62B8E695C41BDA1D6B9B1A6BCBEAA977664E3917F033F80609999B1B9B2
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\prereadimages_pdf.txt	ASCII text, with very long lines (4542), with no line terminators	0BDD42813F01353EB8C4977656C737D4	93183BE8D834BB01978BDB99243140CA3BBEA5BD	6CC999BA84A1D553AEAFF3F070939299215E341748EB74F77773B128E338BC2E
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\prereadimages_prome_init.txt	ASCII text, with very long lines (1166), with no line terminators	7A21A50C1D3B99BE4431CE515FFBADB8	DCBD2445B130614098BF1ED6679A359E40C41A5E	D834D4CF0EC5F22AA95B60C44D182AA87AAE238AB607EBFA4900D189F71A6C22
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\prereadimages_prometheus.txt	ASCII text, with very long lines (5477), with no line terminators	1C84C3107D4B3E93A795106614343170	D3CB15BEBD73AE15B868BB427F138E0947A2C769	F1029C19A95BF64DBFFC62B5FADCF694545AFACF99781008B913D43F551C72F1
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\prereadimages_wpp.txt	ASCII text, with very long lines (3501), with no line terminators	C16CB0A94E9D4007C6B778251E55B5D5	89717821F6192082003F723002262A2355A5E93F	C3DDB255416FD64B30D5707F9E9E706E5E435F5D1B481B6DDBC9DCCCA6E03A9C
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\prereadimages_wps.txt	ASCII text, with very long lines (3797), with no line terminators	0887FE0C43BB219066358B5595514FB2	7B96DE305C4D9EB3AF0599C7723C6435EEAD38C8	D4227B5AEB84D1DC4C9D2120B9608FEA89EDD6B3A9B8A7A43EC4F34C8FF594C8
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\product.dat	ASCII text, with very long lines (633), with CRLF line terminators	2E743F3067FA75FF3BCAD5BAAFAFC8EA	57AB56038CA28FCF2CE3E519A1E8F858C8BCAAFF	3927A21159FCD0049A376D60ED74449F3690D2FF95F432A3BA4B5738A478818F
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\product.xml	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	B96BE50F5DF4E421CEB417FC1D9F7BF0	A2383F521A738D46816F9A623BFC7C49FB07CAA8	D9CB17AF7FBD1C893010A32CC49ECF28B0B2DAB227696F779244A079CC76D95D
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\pt_BR\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 text, with very long lines (302), with CRLF line terminators	5D4FA4BEE5A71F16C5D8AC39DF28ACA4	87454C9F93729145AB7988C93C8A0884AB27C361	22D208C21B20F3201FE1A23282A2462DBE0AA42F101A7CE886FC43555CBD3B74
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\pt_BR\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	034F37E6536C1430D55F64168B7E9F05	DD08C0EF0D086DFBE59797990A74DAB14FC850E2	183A140011774D955E9DE189E7A1D53CB4128D6ABED61C7BFD5994268EE5F384
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\pt_PT\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 text, with very long lines (302), with CRLF line terminators	D4DB4CCACEF198D98897EE4D86193A07	28C1CD81CE3625E412A126F000121D42F9E53D34	0C17508E7940D49201F4A4BF0182D5ACC600497F496173273DA8F477AA48A771
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\pt_PT\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	034F37E6536C1430D55F64168B7E9F05	DD08C0EF0D086DFBE59797990A74DAB14FC850E2	183A140011774D955E9DE189E7A1D53CB4128D6ABED61C7BFD5994268EE5F384
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\ru_RU\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 text, with very long lines (313), with CRLF line terminators	D982AD5A6893F4A1E5376A82A76ECDD9	936E82F65391BE8D1BE10C4D83D3E0CF2DEF0575	EFCC904A1FC08D4D6489CC6220560D1504758E845297B8DC1D44BBBDFAED85AC
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\ru_RU\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	034F37E6536C1430D55F64168B7E9F05	DD08C0EF0D086DFBE59797990A74DAB14FC850E2	183A140011774D955E9DE189E7A1D53CB4128D6ABED61C7BFD5994268EE5F384
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\setup.xml	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (319), with CRLF line terminators	18CA13AF26A927E5ED496A17197374FE	391DBF6256EE4EB69B4CBA2CCACAEC3D5A80512D	FBB53C40A97149CBC5A6DE3D1C745A7F50D89578602963B5A1059CBC90EFA4E3
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\th_TH\langconfig.xml	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	8D9A3FA362821D388EF5F293DC942726	C9AE4AD438F21B51A776F16964D06DFAE7B61F5C	209C1712C64AC9277749902027410793290C7DFBA4F6AD84C962BB8A5F7D3D8C
C:\Users\user\AppData\Local\Temp\wps\~4872e0\CONTROL\th_TH\style.xml	HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	000CDB5F24E88CB17169AF0D7F0BAA99	EA82E676F310532CBCEDDD4B3E54EB233B12B0FF	8F31742851B511D815EA3A62DF4238C86CCD2AA48B850677F3C6C21984D02108
C:\Users\user\AppData\Local\tempinstall.ini	ASCII text, with CRLF line terminators	645C049DE0B9585A307F3158B3E77F80	A6B195B0D6294E7E718CAFF64F4C2D2C294AC109	A9A27F6BEDE74BD65D392AFD5CBD272C12958E23E6E8FF64844BC8E5994F2E0D
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\21c8026919fd094ab07ec3c180a9f210_9e146be9-c76a-4720-bcdb-53011b87bd06	data	CD8FA61AD2906643348EEF98A988B873	0B10E2F323B5C73F3A6EA348633B62AE522DDF39	49A11A24821F2504B8C91BA9D8A6BD6F421ED2F0212C1C771BF1CAC9DE32AD75
C:\Users\user\AppData\Roaming\kingsoft\office6\configs\configure2	data	B3599C9AC2837012998955DB06D1B412	E8A423B92F26FB33DDE09BC920934B2E2BAD68F5	0D8ADA40472DF02AA1805C02616661237872DAF9AD3CA9C6554FF6FC47E92368
C:\Users\user\AppData\Roaming\kingsoft\office6\log\klogindex	ASCII text	76D566C6C6D254C7E20CA73250535099	218357C4BC19501CDE1B369581610A756D21AC81	B1A3441FD667437A4FBDC0A17AF98F480BBD4AB7BEECB2807D0BBFCF0A45B4A5
C:\Users\user\AppData\Roaming\kingsoft\office6\log\ksomisc\202410301147_ksomisc_368.klog	data	B08DA9946D300D48E56B35D168E6642E	D7A7BBEF18FBCE9EB552C3FE8A3337A737EB2E05	F4AB32A702F432671D9CC4A62D47A7B3B5C25676B4A1804F900A34A68F45A111
C:\Users\user\AppData\Roaming\kingsoft\office6\log\ksomisc\ksomisc_2024_10_30.log	Unicode text, UTF-16, little-endian text, with CRLF line terminators	1A74A9D9A21DDCB6181F66F63DCD277A	C9A8A8D4EB060317480FE237F15A5C63E15DDC85	8E286A9880D47CB5029C08617EC9F102F181FBD4B82D4A48F280B3533B892A88
C:\Users\user\AppData\Roaming\kingsoft\office6\log\logdata	data	5F7BAD38B4828424AC1F56A406D785B0	9D83293F7B2DA627A3ACF0D464E89E2C85B5EB9D	449FD8E5D56818CB4A2747D3D212370556D9D81A1CDC3C9D47536570DD18F9B4
C:\Users\user\AppData\Roaming\kingsoft\office6\log\setup\wpssetup.log	ASCII text, with very long lines (357), with CRLF, LF line terminators	C77D3A1F0C8C6DB27742ED07E9B8100B	2EE176F1E564F3239A268CCACDB8A4ED8D0FC678	2EB1A6C38BDC164414407DE1F4A1C11C399408C062A2515C6DD97BAEB3501C2D
C:\Users\user\AppData\Roaming\kingsoft\wps\addons\data\win-i386\kconfigcenter\kccsdkdb\kccsdkpriortydb\mdbx.dat	data	3AAC2595DCE43BF47C2E5992CDA7529C	685BF572BC606C203E2F0773953E980CEA47D9BD	0F46FBAB6F5F831A561CB34D126B99E8CE893BF0CE8088220E674FE7AA147E71
C:\Users\user\AppData\Roaming\kingsoft\wps\dcsdk\cache.db	data	D84632F85154BE4F85A40C739B871EF9	E53FF3DAA9720FF9114ECCB504933EDDCDDFB41B	3F2D3DF310D95430C0A72706F6252DF8FA40F660B2C086347A7FC7E7D4832A64
C:\Users\user\Desktop\wps_download\060656cfd1a6402a9035e6288b01ca4d-15_setup_XA_mui_Free.exe.500.2083.exe	PE32 executable (GUI) Intel 80386, for MS Windows	4A300FA35A277A4BE0455ECEEF3B4FDB	C58E2863706A31890A0B8D54D71178EE66FBF3CD	5D75023C9D7438C75545AE5BCFA89D654223C5743934D949919DDCAF3EC24AC7

ID:	1545519
Product:	CloudBasic
Start time:	16:43:36
Start date:	30.10.2024
Sample:	wps_wid.cid-735916525.1730301987.exe
Cookbook:	default.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	8d76bb0011099f752d1df93ad3f697f2
SHA1:	467d3da8b2fa7ff0d2958d30c3345c109647e09d
SHA256:	d19fe85036be98b74fff67bb43864b51c0e774085daac2fa09a3182acf08e772
Filetype:	Win32 Executable (generic) a (10002005/4) 98.81%

Windows Analysis Report
wps_wid.cid-735916525.1730301987.exe

Overview

General Information

Detection

Compliance

Signatures

Classification

Signatures

Cryptography

Privilege Escalation

Compliance

Spreading

Networking

E-Banking Fraud

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Windows Analysis Report wps_wid.cid-735916525.1730301987.exe

Overview

General Information

Detection

Compliance

Signatures

Classification

Signatures

Cryptography

Privilege Escalation

Compliance

Spreading

Networking

E-Banking Fraud

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Windows Analysis Report
wps_wid.cid-735916525.1730301987.exe