Analysis Overview
SHA256
c035445ed9c3ed2ea55f5c65462f3e5c360f49e15a640c617f202e0fdc3bd780
Threat Level: Known bad
The file 2d60fe0398e9a063eebcccb2573a2359_JaffaCakes118 was found to be: Known bad.
Malicious Activity Summary
SocGholish
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-10 04:37
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-10 04:37
Reported
2024-05-10 04:39
Platform
win7-20240508-en
Max time kernel
142s
Max time network
143s
Command Line
Signatures
SocGholish
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000be7fa73d65dcdbaa29d3a9022c40568f645ab42be9bb8857c5d72937d48090e4000000000e800000000200002000000043af6833675d1adf610bdcf5f1a91b1eaba67f03be0475bd7a9173d538f6c8b520000000611262ac35b054c908cd081abb2ba8ba88248cec0e560d6faa73c336b80aa6774000000076ceee97e2f8cbefe6ee975b50de8496ecf031a45d39ac0c9d3bbb45702ac00174f64c138c443fc2cfc22ed705e38e451fc1d794db81f6baa02e051f0aac1ddc | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e9361000000000200000000001066000000010000200000009362886c7e200c34c56deee6d8648db5f812ce2e0531a89892ef8f25ff0871c6000000000e80000000020000200000003a021e30616be8177395b7c99979ff4e4b1bfd8de33ca8b02fc670fd574c60a290000000a363a40a5b816b16436fb7097dce177e2ccb68c22287021c69ab924bfc1657a09aac84f0cbc6b81fde8de1176c6f6b676e05ced7ceb5e340c1bb0fc25e5215c0dede52936ebacb5f09737f3b085af8a1851c7b9f5e7564251f0d453660a2a8bd87a8924d5801d53c84d0c143f4e470d18c1e0d4ee69910acb60f80a7ea777ee13867a74e492718dc7ca87a432fa5b6384000000074ec4581fd6a51393ae0cda3021fd43dfb662b5f4b24ea3f56d88d03038bd6ee250b6af7656e6b6c98d18888af25dc0afe973aa7ca52b1e3b5667f6f57bc8511 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{FFDF1801-0E86-11EF-BE4D-CE57F181EBEB} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c0441cd693a2da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421477712" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2120 wrote to memory of 2112 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2120 wrote to memory of 2112 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2120 wrote to memory of 2112 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2120 wrote to memory of 2112 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2d60fe0398e9a063eebcccb2573a2359_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2120 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | img2.blogblog.com | udp |
| US | 8.8.8.8:53 | www.linkwithin.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | widget.supercounters.com | udp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| SG | 118.139.179.30:80 | www.linkwithin.com | tcp |
| SG | 118.139.179.30:80 | www.linkwithin.com | tcp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 142.250.200.9:80 | img2.blogblog.com | tcp |
| GB | 142.250.200.9:80 | img2.blogblog.com | tcp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 142.250.200.10:80 | ajax.googleapis.com | tcp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.200.33:443 | lh5.googleusercontent.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 216.58.204.74:80 | fonts.googleapis.com | tcp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.200.33:443 | lh5.googleusercontent.com | tcp |
| GB | 216.58.204.74:80 | fonts.googleapis.com | tcp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 142.250.200.10:80 | ajax.googleapis.com | tcp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.200.2:80 | pagead2.googlesyndication.com | tcp |
| GB | 142.250.200.2:80 | pagead2.googlesyndication.com | tcp |
| US | 172.67.154.41:80 | widget.supercounters.com | tcp |
| US | 172.67.154.41:80 | widget.supercounters.com | tcp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| GB | 216.58.212.195:80 | fonts.gstatic.com | tcp |
| GB | 216.58.212.195:80 | fonts.gstatic.com | tcp |
| GB | 216.58.212.195:80 | fonts.gstatic.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | ammachiyudeadukkala.disqus.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 199.232.192.134:80 | ammachiyudeadukkala.disqus.com | tcp |
| US | 199.232.192.134:80 | ammachiyudeadukkala.disqus.com | tcp |
| US | 104.22.75.171:80 | widgets.amung.us | tcp |
| US | 104.22.75.171:80 | widgets.amung.us | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 199.232.192.134:443 | ammachiyudeadukkala.disqus.com | tcp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh6.googleusercontent.com | udp |
| GB | 142.250.200.33:443 | lh6.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh6.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh6.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh6.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | a.disquscdn.com | udp |
| US | 199.232.194.49:443 | a.disquscdn.com | tcp |
| US | 199.232.194.49:443 | a.disquscdn.com | tcp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 199.232.194.49:443 | a.disquscdn.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | b6e71adf7324685d8f60c97bdb99f892 |
| SHA1 | ac45dd58c3dfb5d68ffdbc27817f1e5ad5720830 |
| SHA256 | 40a181e9a8b85b862afc89a604eb290be3b5cd68937feb9ccfc467d3589e8e5c |
| SHA512 | f864a712e300632059c0678ff5f54412fc7f7a1db02e469bcdc77be452886b55cd3d08ff51076278d1a21b091b2fc459e30c53b0d8e8855dbfefa59f0ee4cea9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_F82FCC341F124F6AC9D153F6ECE89FFA
| MD5 | 172831834ea62b24f27ae09586544041 |
| SHA1 | 1bb2f6eb9c319fe96051c9a7db6cc4b882912471 |
| SHA256 | c88fedc9c4ce58c474cbda40048f9c60ea139d81438401ca3f9f38de59e57319 |
| SHA512 | ab2e156cf49e575074aabec3dc76df497408755944acb34ea9a67f85eb75bfd1fc4eb898b445cab38d6cfb799288668ca6ca9338422de9d774264dffcda4de44 |
C:\Users\Admin\AppData\Local\Temp\Cab2252.tmp
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\Local\Temp\Tar2255.tmp
| MD5 | 435a9ac180383f9fa094131b173a2f7b |
| SHA1 | 76944ea657a9db94f9a4bef38f88c46ed4166983 |
| SHA256 | 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34 |
| SHA512 | 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4a41b1eb83cc83d35ce4925408c32600 |
| SHA1 | 3656e9be837804dbdfc0657f51fc90edf2ddb443 |
| SHA256 | 48d09a5edb257891ecb663ca408184187b74e4486807dbd4496091a57627b4da |
| SHA512 | e6d4b19b5ae043d8a6404dfd6ccf60cb54f8efa3c4cbfa044e728ac6bdbce5d57506c35321627bdc45a6a9883e432ad2973533fa5b6fbdb426439ddbf3c894b5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 49d96f7217c1634db6f9d93bb89b2fb5 |
| SHA1 | 63551ec8414af41013c2dc18ed9778361501a691 |
| SHA256 | 225bf2e886a55fac4cc2ee81e5b9ed83758269b6ea1ca10900b67df1946f9f29 |
| SHA512 | c198d7be71f2ab70c2ffadc48e895bad9724dd3b4421ac9727fbba5434c96c7d36aa6a2a97df98cd97223a3a7adf0d3a92b5d94cf0015bd966696a15a56d9f9e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ed4b82a1612a9a6acedd51afe75e45d7 |
| SHA1 | 69a3bf58ef6f7b27c99db52ae8cf0db48face919 |
| SHA256 | 009690b80831659bf416c2d1206f124f6d881c3a1fd80090d504574078239b49 |
| SHA512 | 5208022ff04579bdac18701b40af9253e30915a1a12b4f41bd0ce24326676617011687a6677f52d4ade2636c8e9782228eab15d88e7cff7e8f0120c45aaea7a8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 11e4e01f5ee2d51c58bf297416bb0bc3 |
| SHA1 | 2f412dc36b00b7df07f480a7dfd06345604a76e9 |
| SHA256 | 0b458fd9c1c209fec5c01333ad835aab3a2efda8fb94e33264bfb7f9b3c86632 |
| SHA512 | 7ea4f3c908006dce7de25a5b7e6a8bd96de130bc7c20a763304bb507bfd9fc1c51fb760876f521b5923db94babd8eaa0ffbda53b28f5a5ecf2ed3a494119de9f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5f2a9f3070680ce8031f1c545ff767e8 |
| SHA1 | 3b8859ff06473ab0f13097146f25da58cf8acb84 |
| SHA256 | b221117396297da15d2c6331f46df24e61f296a5df0277888a1bcbb9947c438b |
| SHA512 | 60f257e011a20200d909b52358810a568332d3f823fe6201aee0e33db1bfd357fb5949cbb4bbce0ff08f2b958253b37baf6730b1930f4e25226698c79371e34b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 35831b0ef9c685071f1c26cad1983ec0 |
| SHA1 | 3ea2c513ee12f53e1aa1162daa3531a09f65a06f |
| SHA256 | 0f5e8954d81db22c12f2e241727bb3dae2b884bd9b27aa1795457eff76c18692 |
| SHA512 | 81f1c30513a3a3062744234d732e227d98832cddda42cd205ea4b61a62e4147eee0b5c0ec335812d0bd491ab4da4f58cb2977092b8d86422345514d3b9ebb722 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | accd4e7db14669fc9e95ba5591d5c4f2 |
| SHA1 | c1e06c8e209d95d64abaa4a091ec549e3a91fc39 |
| SHA256 | f4932b4bd12aa0272b02343f7aff12aa634b421b342d1dae6f34db462286892e |
| SHA512 | 18a2455b9f50bdbdeddfc64f8dbd8254fd90f185196537fb44aad08ed7c5d4f3b95d9347d7a741a7ef2e2904e8f9dcdc2adfb2ac526442e19f348c47c3956cdd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | 5b5171324e0c89b0105316b4a3443e28 |
| SHA1 | d320580e727787eee9f1ec423dae5ff5d831cc1f |
| SHA256 | c98a2942ae842ddc01a845eb4394a8b17756f2f05ea55f122a306a232984e296 |
| SHA512 | ea6493481348fd310ef99175bca684fe8c72c9f8799a822124af37035bf150b0635ac723940cffb01ff44093fcbb47cf1cc1067ecc806b44559acd8396cdca90 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | c5dfb849ca051355ee2dba1ac33eb028 |
| SHA1 | d69b561148f01c77c54578c10926df5b856976ad |
| SHA256 | cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b |
| SHA512 | 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 83673667adced67c4fa2d4df0d306bd2 |
| SHA1 | c1f8386ab34381edb5cadd6c7b89ad442f238a87 |
| SHA256 | a247a58b0cba3564c2e2cfc8a2f3ee824fc53f3cac67162b24572f4f8116778f |
| SHA512 | 46764055d5766211007c276c8db28a2380f3274077a2204c72a368b4f7d3a3ac3fc0b3c27a0afe5b54a29536b531a41e58eded970cc5567c042ea80a708a1f06 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MNCIS1YI\cb=gapi[3].js
| MD5 | dce1011360b966da40f760b23df1b72e |
| SHA1 | 4a463114391945d341c29c85892a20d1dcf5eea9 |
| SHA256 | a5e8a84b045d2b31be72de1f96c9f21afc6cc2d80d361ef1485d3e0697600e9f |
| SHA512 | 462a924c0689da10edf417dc9ff7176dab361251d18bd173adf175588c329684ae136ffbdde5a9da459562784c40443121cf5f73b52f86a1431fd4a23da0d563 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | acefd8e325ce75a230c31e39fea95c12 |
| SHA1 | a347c0c8f243b03560001a0c67ac686e62da5583 |
| SHA256 | fc9f1b75493219a6eff2a93ef7cd8aa180ec90e960e42e42266759a20523a84f |
| SHA512 | 64ddcc82989764d25bcc9e1aab0c8e51671f7a330fb09275e85b9085e9afebc746da15d9ab6750a6ae35a355eb496b85fddf940880380088e47b65e8cf1e1c42 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c3191a8d36f8fa7a6e7560316cd5adc6 |
| SHA1 | fb0e6502a8e9e6ebe6b1860e8456ce6792eff9ba |
| SHA256 | 2db3bd33727ca26aa589d74577e25bc09120ebe187bfc32d26faa008d79a9b1c |
| SHA512 | 36b29c0358d71d3dbdd2dc80b1ac553dc709af77028368652d25689ecbe6650b792899960eb32d3e641ab94783078fb03f45a01fe7268ce57692ef30a50a35f8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 86c8727f563da1685bed1190d76b515d |
| SHA1 | 62ee42876952d8d4af95c0b07ab68d4e9e15b370 |
| SHA256 | 3cdd69915a3c57c267874c42fe4ce5d4e5bc00b6b4b49734127b1220d2c00224 |
| SHA512 | e172ff662861b53629a0c0db120b663e50e8c70400d608db1d3551b7e16f12c7015a89867a0efd8aec7528df791d93b93bc68e983a442ac708f06094af0b68a2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d79aa7d2a2dd514ed9cf9d6574652b1e |
| SHA1 | d04cf31789de8cc9b12e54ad461b1cf29a7d3649 |
| SHA256 | a0d5d2475664d30f771c83d11a766c00a7ee75176afffb696fdf39bdfa6564e6 |
| SHA512 | 24576e0a539a7ef4bf87241f685d13b60414f48495a0f90ca12db20bb565f26b0a936d9dfe0af300b168e38a798158e4d4a4233a1c9e68cba627217308b9d0b4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fa53519fa3948f3cfb74ffccfaf2539c |
| SHA1 | 8e23c66df50805af6155a02d35ee772b5044c95f |
| SHA256 | b8394401b614797e43d0a704498d1fd80db376f42b09a6488ee897ae8ba000cc |
| SHA512 | 1c09ebee552a7bd17f098f3b84ad279ad09f66dfec638f4db2ef6f7db769af3fa6458754553af20b537e7224c7fff8095ec0d3634cc6b2579f270b629530aad3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7af05706c4bd84874540fed100fe6a79 |
| SHA1 | 3f8cfb2527fdd3944ffcd539e2b8fd2df45daa23 |
| SHA256 | 4da02b714f99723e913bf343d80e25528d4aa33d2014b34e9caac49acd5a579c |
| SHA512 | 5880df6e6b29ea94203f6fad19b4b4431b3c63b205323642d4f84381053ddf1ffb66164984c0b867be57bd95f3a99bd05a360357010f297c3c289c3adecb030c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 379dfb80f53ef905665deff773d227a1 |
| SHA1 | 43c4549b0d205617eddde3e752555cdf0c1d5f34 |
| SHA256 | 45972e5c4428d7dfe1f5cbb38b74e167b7cdde7bf96541ef84e9f9c1a654b46d |
| SHA512 | 56daa2e35f741cce608748cfea148422f1de575efb9b479928334a0494be2ce85eac1fd9714442e47717cbe1a2762631842b0db729c801926c2ea9ca8676d971 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8ebdc45b09c898fc6e5305bb885188f7 |
| SHA1 | 452e402f28cf5e1e714abcc6283dbbe015397b38 |
| SHA256 | f3c8c3f684bd782fd528c34f90e793371a141529456f5a9cf560b59a2b20b3e0 |
| SHA512 | c44339654cc9570128f244ca47115ff5e229a0ac6e6d026bea4955d3a4e59171fd631c9ba06c7d549ecbdcdeaec70abf9b9899d8ce26c838905e46ef829f0ef9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0885f6090bc87c36d64b89c86a813e20 |
| SHA1 | bf01fbff3b48f5131bc500842783b1ec340931e0 |
| SHA256 | eac8c0d941482f48983584a643dc1fe8e9ff76fae6a72de3c1d09f4008b4d1db |
| SHA512 | c85a73e6c068bdf1f4bbdaf211c24cea4373d4125839c7bb4463c194f88d0845f246c6a6c45375afe633fd1096edd26e56a975d0fd45d2c9b6669e14f21c9782 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f0787409bd0a2a73a8466ff603b4fb6f |
| SHA1 | 2b19457f42407393c3f1ec358ec02a23f38651f1 |
| SHA256 | 7789e5b21424bd97248a56c519b670789e1a88522717e4823ae914aa518c26c8 |
| SHA512 | 0fc40553a22b56b7a04bee9742a5f86b7e71d76b716581ec992d1fb426aac1bb23897800b00a7f0e779b1cb8f21565f802e4f4bf9554218ab841271cccab7b2f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bcba3f385a227da0254ca46aae58e643 |
| SHA1 | 466eea4796bb0715b1fb4344771484e3bd41ca51 |
| SHA256 | 8898c4236deb501f1105f0cc71ee43b8aa4e21d5db9f451c16f08a990746bba2 |
| SHA512 | 4dc36506ffa01581152e2c095bcfecfc5da1d204d967daf78bee0d84425787fb52b1b74c51f88a045236201d251abe6c099f1599fe24b6e8834c1499e7d9aae9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f44ef1322d6412aced0cbb20369ee5c7 |
| SHA1 | f13bacb1eb29d58ee9bb5b06eba5a4b60776be57 |
| SHA256 | 77170a64f585d7b281974cfb587991fdfd081ce71dacd0e8df34262eca84d842 |
| SHA512 | 65ae425fbc8c57407e4653935ac5c8897eb9a5cb9c1e514963338de08686de8bddd5ae59ba8dc3e5b4b514f699750985db129c4315b575b1030072b4ebd9a4ae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d4d0f1b8846e3df16491c3b802b48f3f |
| SHA1 | be8810a4595290bfb88b6ff8c1228a8e3596ebb9 |
| SHA256 | 9fe3a11c9c4b165a650964bc00a4ba62013dbf7fcf018d286c1eed1958cd53e7 |
| SHA512 | 7dc6eff087bb7d52888758e7622c37028b2fd6395c12fdbdd1ca1668c76691208d7436cc7468c8843f1cc9fa1a38dad830ac6f427f7881a1b9393d79b34cba4c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ea8081331968fb9985cad314092367cb |
| SHA1 | 9d12e375212b9bf6121d1c125e8e137ab0be5d60 |
| SHA256 | aa5f1e304739a97e87e026f2ec6201a7d5ecd4fb17b5ad38d184e98a28d39ed8 |
| SHA512 | b0c2fbf3adc7fe2265e77de96a8f7785487b4c2a3de76711674465156e11c1e1e5cd945d84310c5a19edc9fa4cc76f1761e7eee52fb0e2d9ff1d8d81769bafa2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 26135a1e56d91a2a1e170cf8924a7cbd |
| SHA1 | d329f1ed9609102943c2240f9b707da392be803f |
| SHA256 | a9563b5e2c514dfbf119c28b8252bdae2c772264974b0ccf0f738663d0db43ca |
| SHA512 | 443901830db1c2e0342cce30bb927993968ff9a67fea71327a2d99a9dfd8fa8de2f9820154b574ed784700f2edd6cb5250a794419df1d9b7bfeb7df0099e590f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ebe35e6154afaa8808c7fc6fa66c567f |
| SHA1 | 88cedf95762ab9389f5f038a7d7988be934a8910 |
| SHA256 | a1b9ce941cae047e45d7c4e244b4adeee9f52b179eca9e7742172efa4df0dc9a |
| SHA512 | dca18347495e12856b164962b50ed6e50f1f84dfbc6ade7a4f85d9d1c43d2e12c87be7a2ac5037b6d8638adaba98c4f5f624300644e4eb76aeced89f18b556a4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a23ccfa4fe31bb48e40b59eaa443ef2b |
| SHA1 | c11ed01556271376b0ae427a0f320449bf06960a |
| SHA256 | 01b7b47497d51afc2d6737d89023572f0f2cd1a3f0f3ef7e952a651a024c0c05 |
| SHA512 | c98394e1e223510740e6042753ac50bd7cccb9f6c044123a75588c6b48f9e5267b71b46e35d72d9e7a67afbb723894a021c186754e07f30e7411b0018c8a91c7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5294a4ee58d1a8122c6ffdf8221e7488 |
| SHA1 | 81a975f4b6333698b0b7f0aa7c6a5bbd405b666a |
| SHA256 | a454928d312ca3d2e1c6de0fbc391c808036f803051c075f87ff2306678a500b |
| SHA512 | 774bc648e20f21eda3dc963f63625e063f1e9440ed2054a9b93e95f6d208f33be117557fd2d8deb32c1b258e18b482429d38a377fa062827528eb10f8bdf19cb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 97edde14192bfff0dd434bbf54627a01 |
| SHA1 | 930d2675089701011673218c4d7f8e71f862baad |
| SHA256 | c8d135e385297491726f915f08a3a0c30d3019430565502a488b7c1253784753 |
| SHA512 | 99d944b862f706d52f64ee79613b76bf6bfd8bc5755917947ab403cb56ce89c1d96a159ec92f4d1b0f8771d330a7b50a1c6fdff0feb4a1595cf56e86e207ab35 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 020ff600d76d6e0b1e5ce2405218f788 |
| SHA1 | 68e326c0b5f4401d58168f0f773e914d9ce562b7 |
| SHA256 | 6f90c2bea2c6d8a5ee7e901b07406e3c70fd71b772e4b640d29de35252703dc2 |
| SHA512 | d0ea749fd2c9d2defa2a1a94364e9ca258c4066ecc5df66d751826aff432d5759617f2c1f7244d7cb1fd44eacc7b41790cf6f45600e7d25f034b4a72761ad3b3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5e0667fa75232ec5649634a997b17116 |
| SHA1 | 10290b360731be8f4c2b82b788ba5a7c170b6ae5 |
| SHA256 | 66cd9a1feb45fb8f3ebcd8a9819aa37e3766ff7066a721bb21eeece5f433393b |
| SHA512 | 401945f0fb56bf3188cb00cd498cda6bd73a587e3c2c286de253c5bc2ff8c4e0293211164d9a3c567b9c68cc3cb198073513f320ac733541fdc76b2cdb0a6f85 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 46d83aaa3b031ffa679c53f58b610501 |
| SHA1 | 4fede0d22e8fac4bf95ed45f295eab1d857d26d0 |
| SHA256 | c0c6af3035f50e1a791049da41ac61049fbb7d3dc503d1dee231c42e5ff3e45b |
| SHA512 | a651dbe78c44c8c8cf8d72d8c674da9478059facddafe2afd6a99eb6fbb51c8bacdcf901ecb2bb14e4692c8811d9edbae900bcc2fc859861ffca2716a10d93ee |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-10 04:37
Reported
2024-05-10 04:40
Platform
win10v2004-20240226-en
Max time kernel
141s
Max time network
148s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2d60fe0398e9a063eebcccb2573a2359_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=2200 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5064 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5112 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5516 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=3672 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=6016 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=5328 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6160 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=5488 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=5452 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=6484 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6852 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| GB | 216.58.204.74:80 | fonts.googleapis.com | tcp |
| US | 13.107.9.158:443 | business.bing.com | tcp |
| GB | 51.11.108.188:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 142.250.200.42:80 | ajax.googleapis.com | tcp |
| GB | 142.250.200.42:80 | ajax.googleapis.com | tcp |
| GB | 142.250.200.33:443 | lh5.googleusercontent.com | tcp |
| GB | 142.250.200.9:443 | www.blogger.com | tcp |
| GB | 142.250.200.9:443 | www.blogger.com | tcp |
| GB | 216.58.212.195:80 | fonts.gstatic.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| NL | 96.16.53.149:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 23.55.97.181:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.9.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| GB | 216.58.201.98:445 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| GB | 142.250.178.1:80 | 1.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | www.linkwithin.com | udp |
| US | 8.8.8.8:53 | www.linkwithin.com | udp |
| SG | 118.139.179.30:80 | www.linkwithin.com | tcp |
| SG | 118.139.179.30:80 | www.linkwithin.com | tcp |
| US | 8.8.8.8:53 | 149.53.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.179.139.118.in-addr.arpa | udp |
| GB | 142.250.187.226:139 | pagead2.googlesyndication.com | tcp |
| GB | 142.250.200.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | widget.supercounters.com | udp |
| US | 8.8.8.8:53 | widget.supercounters.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | img2.blogblog.com | udp |
| US | 8.8.8.8:53 | img2.blogblog.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| GB | 216.58.212.195:80 | fonts.gstatic.com | tcp |
| GB | 216.58.212.195:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | widget.supercounters.com | udp |
| US | 8.8.8.8:53 | widget.supercounters.com | udp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.178.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.178.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.200.9:80 | img2.blogblog.com | tcp |
| GB | 142.250.200.33:443 | lh4.googleusercontent.com | udp |
| US | 172.67.154.41:443 | widget.supercounters.com | udp |
| US | 172.67.154.41:443 | widget.supercounters.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.154.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| GB | 142.250.178.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.178.1:80 | 4.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| GB | 142.250.178.1:80 | 2.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| GB | 142.250.178.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.178.1:80 | 3.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.189.173.20:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.173.189.20.in-addr.arpa | udp |
| GB | 142.250.187.234:443 | tcp | |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | lh6.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh6.googleusercontent.com | udp |
| SG | 118.139.179.30:80 | www.linkwithin.com | tcp |
| US | 8.8.8.8:53 | ammachiyudeadukkala.disqus.com | udp |
| US | 8.8.8.8:53 | ammachiyudeadukkala.disqus.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 199.232.192.134:80 | ammachiyudeadukkala.disqus.com | tcp |
| US | 8.8.8.8:53 | ammachiyudeadukkala.disqus.com | udp |
| US | 8.8.8.8:53 | ammachiyudeadukkala.disqus.com | udp |
| SG | 118.139.179.30:80 | www.linkwithin.com | tcp |
| US | 199.232.192.134:443 | ammachiyudeadukkala.disqus.com | tcp |
| US | 8.8.8.8:53 | a.disquscdn.com | udp |
| US | 8.8.8.8:53 | a.disquscdn.com | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.192.232.199.in-addr.arpa | udp |
| US | 199.232.194.49:443 | a.disquscdn.com | tcp |
| US | 8.8.8.8:53 | ammachiyudeadukkala.disqus.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 199.232.192.134:445 | ammachiyudeadukkala.disqus.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 172.67.8.141:443 | widgets.amung.us | udp |
| GB | 172.217.169.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.9:443 | www.blogger.com | tcp |
| GB | 142.250.200.9:443 | www.blogger.com | tcp |
| US | 8.8.8.8:53 | 49.194.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.8.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 199.232.196.134:445 | ammachiyudeadukkala.disqus.com | tcp |
| US | 8.8.8.8:53 | ammachiyudeadukkala.disqus.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 199.232.192.134:139 | ammachiyudeadukkala.disqus.com | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| GB | 142.250.200.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | t.dtscout.com | udp |
| US | 8.8.8.8:53 | t.dtscout.com | udp |
| DE | 141.101.120.11:443 | t.dtscout.com | tcp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.120.101.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | service.supercounters.com | udp |
| US | 172.104.29.90:445 | service.supercounters.com | tcp |
| US | 8.8.8.8:53 | service.supercounters.com | udp |
| US | 172.104.29.90:139 | service.supercounters.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | whos.amung.us | udp |
| US | 104.22.74.171:445 | whos.amung.us | tcp |
| US | 172.67.8.141:445 | whos.amung.us | tcp |
| US | 104.22.75.171:445 | whos.amung.us | tcp |
| US | 8.8.8.8:53 | whos.amung.us | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | iamjustinlove.blogspot.mx | udp |
| US | 8.8.8.8:53 | iamjustinlove.blogspot.mx | udp |
| GB | 216.58.201.97:80 | iamjustinlove.blogspot.mx | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | iamjustinlove.blogspot.com | udp |
| US | 8.8.8.8:53 | iamjustinlove.blogspot.com | udp |
| GB | 216.58.201.97:80 | iamjustinlove.blogspot.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.143.182.52.in-addr.arpa | udp |