Malware Analysis Report

2024-10-23 17:24

Sample ID 240510-m27fbadh23
Target 2ec5e7d60accf0644b452896b83dd12c_JaffaCakes118
SHA256 f57e68d5fba1f21a3647723716401cea821d777b49acb61c5f1fd63e5d7026fa
Tags
socgholish downloader
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

f57e68d5fba1f21a3647723716401cea821d777b49acb61c5f1fd63e5d7026fa

Threat Level: Known bad

The file 2ec5e7d60accf0644b452896b83dd12c_JaffaCakes118 was found to be: Known bad.

Malicious Activity Summary

socgholish downloader

SocGholish

Legitimate hosting services abused for malware hosting/C2

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-10 10:58

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-10 10:58

Reported

2024-05-10 11:01

Platform

win7-20231129-en

Max time kernel

149s

Max time network

150s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2ec5e7d60accf0644b452896b83dd12c_JaffaCakes118.html

Signatures

SocGholish

downloader socgholish

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A sites.google.com N/A N/A
N/A sites.google.com N/A N/A
N/A sites.google.com N/A N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "282" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "282" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10209" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10209" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{44412031-0EBC-11EF-A140-5ABF6C2465D5} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "282" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "197" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10209" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421500591" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2ec5e7d60accf0644b452896b83dd12c_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1632 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 ahlikompie.com udp
US 8.8.8.8:53 www.insidethemagic.net udp
US 8.8.8.8:53 www.thefloridahotelorlando.com udp
US 8.8.8.8:53 lpmpjateng.go.id udp
US 8.8.8.8:53 pewresearch.org udp
US 8.8.8.8:53 www.myhotspots.co.uk udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 yourjavascript.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 img2.blogblog.com udp
US 8.8.8.8:53 images2.tempo.co udp
US 8.8.8.8:53 images.messara.multiply.com udp
US 8.8.8.8:53 uniqpost.com udp
US 8.8.8.8:53 sehatkufreemagazine.files.wordpress.com udp
US 8.8.8.8:53 humorsingkat.files.wordpress.com udp
US 8.8.8.8:53 i.okezone.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 klimg.com udp
US 8.8.8.8:53 0.gvt0.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 nyunyu.com udp
US 8.8.8.8:53 farm4.staticflickr.com udp
US 8.8.8.8:53 3.gvt0.com udp
US 8.8.8.8:53 informasitips.com udp
US 8.8.8.8:53 www.memobee.com udp
US 8.8.8.8:53 www.tabloidbintang.com udp
US 8.8.8.8:53 nasima.sch.id udp
US 8.8.8.8:53 l.yimg.com udp
US 8.8.8.8:53 sites.google.com udp
GB 216.58.201.110:80 apis.google.com tcp
GB 216.58.204.74:443 ajax.googleapis.com tcp
GB 216.58.201.110:443 apis.google.com tcp
GB 216.58.204.74:443 ajax.googleapis.com tcp
GB 216.58.201.110:80 apis.google.com tcp
US 8.8.8.8:53 data.tribunnews.com udp
US 8.8.8.8:53 t2.gstatic.com udp
US 8.8.8.8:53 images.detik.com udp
US 8.8.8.8:53 www.info-regenten.de udp
US 8.8.8.8:53 bloggercilacap.com udp
US 8.8.8.8:53 pub.mybloglog.com udp
US 8.8.8.8:53 cdn.wibiya.com udp
US 8.8.8.8:53 bloggergadgets.googlecode.com udp
US 8.8.8.8:53 www.linkwithin.com udp
GB 142.250.200.9:443 img2.blogblog.com tcp
GB 142.250.200.9:443 img2.blogblog.com tcp
GB 142.250.200.9:443 img2.blogblog.com tcp
GB 142.250.200.9:443 img2.blogblog.com tcp
GB 142.250.200.9:443 img2.blogblog.com tcp
GB 216.58.204.74:80 ajax.googleapis.com tcp
GB 216.58.204.74:80 ajax.googleapis.com tcp
ID 103.30.180.77:80 lpmpjateng.go.id tcp
ID 103.30.180.77:80 lpmpjateng.go.id tcp
SG 172.96.191.56:80 ahlikompie.com tcp
SG 172.96.191.56:80 ahlikompie.com tcp
US 13.248.169.48:80 yourjavascript.com tcp
US 13.248.169.48:80 yourjavascript.com tcp
US 192.0.66.2:80 pewresearch.org tcp
US 104.16.151.108:80 www.insidethemagic.net tcp
US 192.0.66.2:80 pewresearch.org tcp
US 104.16.151.108:80 www.insidethemagic.net tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
US 104.26.10.22:80 www.widgeo.net tcp
US 104.26.10.22:80 www.widgeo.net tcp
US 104.18.160.83:80 www.thefloridahotelorlando.com tcp
US 104.18.160.83:80 www.thefloridahotelorlando.com tcp
GB 142.250.200.9:80 img2.blogblog.com tcp
GB 142.250.200.9:80 img2.blogblog.com tcp
US 76.223.67.189:80 www.myhotspots.co.uk tcp
US 76.223.67.189:80 www.myhotspots.co.uk tcp
US 172.67.183.110:80 uniqpost.com tcp
US 192.0.72.21:80 humorsingkat.files.wordpress.com tcp
US 172.67.183.110:80 uniqpost.com tcp
US 192.0.72.21:80 humorsingkat.files.wordpress.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
US 104.18.31.212:80 i.okezone.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
US 104.18.31.212:80 i.okezone.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
US 192.0.72.29:80 sehatkufreemagazine.files.wordpress.com tcp
US 192.0.72.29:80 sehatkufreemagazine.files.wordpress.com tcp
US 34.95.124.251:80 www.tabloidbintang.com tcp
US 34.95.124.251:80 www.tabloidbintang.com tcp
GB 87.248.114.11:80 l.yimg.com tcp
GB 87.248.114.11:80 l.yimg.com tcp
HR 65.9.190.84:80 farm4.staticflickr.com tcp
HR 65.9.190.84:80 farm4.staticflickr.com tcp
SG 35.247.151.7:80 klimg.com tcp
SG 35.247.151.7:80 klimg.com tcp
ID 103.49.221.102:80 images.detik.com tcp
ID 103.49.221.102:80 images.detik.com tcp
SG 118.139.179.30:80 www.linkwithin.com tcp
SG 118.139.179.30:80 www.linkwithin.com tcp
GB 142.250.187.238:443 sites.google.com tcp
GB 142.250.187.238:443 sites.google.com tcp
NL 185.107.56.194:80 nyunyu.com tcp
NL 185.107.56.194:80 nyunyu.com tcp
NL 185.107.56.194:80 nyunyu.com tcp
NL 185.107.56.194:80 nyunyu.com tcp
NL 185.107.56.194:80 nyunyu.com tcp
NL 185.107.56.194:80 nyunyu.com tcp
US 217.196.54.25:80 informasitips.com tcp
US 217.196.54.25:80 informasitips.com tcp
GB 142.250.178.4:80 t2.gstatic.com tcp
GB 142.250.178.4:80 t2.gstatic.com tcp
IE 172.253.116.82:80 bloggergadgets.googlecode.com tcp
IE 172.253.116.82:80 bloggergadgets.googlecode.com tcp
US 188.114.97.2:80 cdn.wibiya.com tcp
US 188.114.97.2:80 cdn.wibiya.com tcp
US 192.0.66.2:443 pewresearch.org tcp
US 52.20.84.62:80 www.memobee.com tcp
US 52.20.84.62:80 www.memobee.com tcp
US 104.16.151.108:443 www.insidethemagic.net tcp
US 192.0.72.21:443 humorsingkat.files.wordpress.com tcp
US 192.0.72.29:443 sehatkufreemagazine.files.wordpress.com tcp
US 34.95.124.251:443 www.tabloidbintang.com tcp
US 104.18.160.83:443 www.thefloridahotelorlando.com tcp
US 104.18.31.212:443 i.okezone.com tcp
US 104.18.31.212:443 i.okezone.com tcp
HR 65.9.190.84:443 farm4.staticflickr.com tcp
US 104.18.160.83:443 www.thefloridahotelorlando.com tcp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 pki.goog udp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 104.18.160.83:443 www.thefloridahotelorlando.com tcp
US 2.18.190.81:80 apps.identrust.com tcp
SG 139.99.69.164:80 bloggercilacap.com tcp
SG 139.99.69.164:80 bloggercilacap.com tcp
US 216.239.32.29:80 pki.goog tcp
US 104.18.160.83:443 www.thefloridahotelorlando.com tcp
US 8.8.8.8:53 www.tealdit.com udp
US 8.8.8.8:53 www.atom.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 cdns.klimg.com udp
SG 172.96.191.56:443 ahlikompie.com tcp
NL 96.16.53.155:443 cdns.klimg.com tcp
NL 96.16.53.155:443 cdns.klimg.com tcp
ID 103.30.180.77:443 lpmpjateng.go.id tcp
SG 139.99.69.164:443 bloggercilacap.com tcp
US 8.8.8.8:53 x2.c.lencr.org udp
BE 23.55.97.11:80 x2.c.lencr.org tcp
ID 103.30.180.77:443 lpmpjateng.go.id tcp
US 104.22.72.252:443 www.atom.com tcp
US 104.22.72.252:443 www.atom.com tcp
US 104.21.72.39:80 www.tealdit.com tcp
US 104.21.72.39:80 www.tealdit.com tcp
US 8.8.8.8:53 s1.rsspump.com udp
US 104.21.72.39:443 www.tealdit.com tcp
US 64.98.135.66:80 s1.rsspump.com tcp
US 64.98.135.66:80 s1.rsspump.com tcp
US 104.26.10.22:443 www.widgeo.net tcp
US 104.26.10.22:443 www.widgeo.net tcp
US 8.8.8.8:53 mc.yandex.ru udp
RU 93.158.134.119:443 mc.yandex.ru tcp
RU 93.158.134.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 sehatkufreemagazine.wordpress.com udp
US 8.8.8.8:53 humorsingkat.wordpress.com udp
US 104.26.10.22:443 www.widgeo.net tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 widgets.amung.us udp
US 192.0.78.13:443 humorsingkat.wordpress.com tcp
US 192.0.78.13:443 humorsingkat.wordpress.com tcp
US 192.0.78.12:443 humorsingkat.wordpress.com tcp
US 192.0.78.12:443 humorsingkat.wordpress.com tcp
GB 142.250.179.238:80 www.youtube.com tcp
US 104.22.75.171:80 widgets.amung.us tcp
US 104.22.75.171:80 widgets.amung.us tcp
GB 142.250.179.238:80 www.youtube.com tcp
US 8.8.8.8:53 applify.me udp
US 8.8.8.8:53 accounts.google.com udp
DE 138.201.94.231:80 applify.me tcp
DE 138.201.94.231:80 applify.me tcp
IE 209.85.203.84:443 accounts.google.com tcp
IE 209.85.203.84:443 accounts.google.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 cdn.muslimah.or.id udp
US 8.8.8.8:53 arvigorothan.com udp
US 104.21.54.150:80 cdn.muslimah.or.id tcp
US 104.21.54.150:80 cdn.muslimah.or.id tcp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 104.21.30.34:443 arvigorothan.com tcp
US 104.21.30.34:443 arvigorothan.com tcp
ID 103.30.180.77:443 lpmpjateng.go.id tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
US 104.21.54.150:443 cdn.muslimah.or.id tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 0.gvt0.com udp
US 8.8.8.8:53 3.gvt0.com udp
US 8.8.8.8:53 www2.cbox.ws udp
US 8.8.8.8:53 i1045.photobucket.com udp
DE 195.201.153.71:80 www2.cbox.ws tcp
DE 195.201.153.71:80 www2.cbox.ws tcp
HR 65.9.25.31:80 i1045.photobucket.com tcp
HR 65.9.25.31:80 i1045.photobucket.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
HR 65.9.25.31:443 i1045.photobucket.com tcp
GB 142.250.187.225:443 1.bp.blogspot.com tcp
GB 142.250.187.225:443 1.bp.blogspot.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
ID 103.30.180.77:443 lpmpjateng.go.id tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
US 217.196.54.25:443 informasitips.com tcp
US 104.18.31.212:443 i.okezone.com tcp
US 104.18.31.212:443 i.okezone.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 172.217.169.66:443 googleads.g.doubleclick.net tcp
GB 172.217.169.66:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.179.230:443 static.doubleclick.net tcp
GB 142.250.179.230:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.180.10:443 jnn-pa.googleapis.com tcp
DE 138.201.94.231:80 applify.me tcp
DE 138.201.94.231:80 applify.me tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 172.217.169.66:443 googleads.g.doubleclick.net tcp
GB 172.217.169.66:443 googleads.g.doubleclick.net tcp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24

MD5 1779555b7f60921738aeba3dfa9110d5
SHA1 2a3baf1893d3934e8fb2971fee3a78d1702b1852
SHA256 375c6a542b5c0f0edfa3878bfc5bffac7ef5e63e86eb08c430dc72f3b430c9e3
SHA512 7492fd9276a2c3261d86530f34f1c5e3aee5e7c48132fa61cfece0c509ea1363bd139a54d0d7eb90ec5d2135d7a53a84f4a5c966f116257f1e737eb09de46323

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24

MD5 3e455215095192e1b75d379fb187298a
SHA1 b1bc968bd4f49d622aa89a81f2150152a41d829c
SHA256 ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99
SHA512 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd

C:\Users\Admin\AppData\Local\Temp\Cab1C09.tmp

MD5 29f65ba8e88c063813cc50a4ea544e93
SHA1 05a7040d5c127e68c25d81cc51271ffb8bef3568
SHA256 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184
SHA512 e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

C:\Users\Admin\AppData\Local\Temp\Tar1C1D.tmp

MD5 435a9ac180383f9fa094131b173a2f7b
SHA1 76944ea657a9db94f9a4bef38f88c46ed4166983
SHA256 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34
SHA512 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8388e2ed65a1582f7a332d57fea30644
SHA1 7ab4049b2ce4a9d5a728ed48e77f01fa3808ab6d
SHA256 e8fe117816a17f7230c49a90f2bc1ecda792d03602e6a719ce3ee4941100322a
SHA512 7dd2f285408b3b8c4131693bdb634dea2c966157b8b8f03f2f28f7ec503f8d19e252095dedd79f70d6d85ab57910829118845d8fbd105a45b02f8213f2a91df1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 9cb8b4bfa5e219bd0ebfcd76a2686ae1
SHA1 53b9d149f5d4a8f649d6533fc29b898d48c55039
SHA256 4626f68db80e51e6431a2f7f044dd25a18e14175ac42c3e2b3193a7e6d192a29
SHA512 b52027b841c9ff2a98ba512083c677e3924fffad8baa9453413d8e444508e78585287c570e9b30d8489b29a9d33a343faa2c296d3d262e9247944ff08d8039d9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 0561966f7fe73dc0fee7c66d25f4d47f
SHA1 656b49b37aacd2aa33a8c32b067ab0f4151f73ff
SHA256 110c32eca928c9a3ab98ff6a7d6d791bea426fc78fe7df46c23be7ae0ea1f832
SHA512 8d3d9a52368ebac2a75251ef5d1c771a6d881e96b63c3242c849ef6579dcd4e949de7887ba1c7816910fecd3ead713a7bf94bf7a01447a81003e3627b3a402c8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ca1ae2edb27df001cd878ce20ff5ab68
SHA1 bde24a73fda7c0baaace468b005499eea636a24f
SHA256 a5308ec3112b1280ef743172e8990341f332e02e4ba9c90d771729a043f5c94c
SHA512 78a372b66bcad19ba008c1883dda87fa1d5bb059c5e603356e611cff012af29def1e655d0770bc1b89b42184cb444fc71fedc1b683090f14c12947a4ae265ba0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 a5684e3f113e071b6c33204e9b855bb4
SHA1 d2069beb1b21b3ebcb43d59d0980e19bfc069349
SHA256 466dd689b472a3418e86b42fdf72a3a8c32fb4983925e43d265421cfcbdfb153
SHA512 9b20abcd8fde388574228617018c7313b282b9a69f500c14dd7c8bc1a39b184d98ba657f5bcd91a624a25c37cb66554614197053241ab94e61a4af056a0942ca

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9a30d329040f7aa9cf8295c8cd1e6b7c
SHA1 41b777dcad807821119c5b50e879e3c6aa10efbe
SHA256 066ff427bc2fdad3612cd2a29e4ab9a7fc1f7d398a687dbfea908983a7a54a12
SHA512 146c23ee50ef422ecb88dc75e3bc72b92d159a9abeaafa8d88d717ac5f6f6218bb4fb482a6d3474787d68d2ec674ea72a4f1de7a878536a85296d1500e3cb393

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 fca8af0dc8436b9952fdf961f8c7f401
SHA1 ac194f887a84a4538985ece94daf59cea48fe65b
SHA256 477645c7b83bbde8bdcf6d066f0de596d5b02fd47c223f89dde7d86903338cf9
SHA512 ba0d8f654216d9530bec83aa011a3433cea27873be327ac60eb1244997995489db76e25077dead09fcd43009b05deda51fd37b30a33fff01c94ba3927e1c21d5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 80a7652c4d227eae4a4e7d67f5d1b056
SHA1 93c6d9375da82d038c21f3995faaec1cf8a5f61d
SHA256 a2ee7a64ab0fc4e10e711678c02fa3e02dc3275128f2efc132089bad9e90b669
SHA512 22fb6dff60118772675248e628dd046f91aa980d1501d826c9f0c366de3e7e3150dd483ee0d69ae3feaa83b276e2ca34d6433b57bf98f5b37e25845e58fe9628

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 b06ba8b0ff3b0b375ebf865712c6b98e
SHA1 c47ccbbc634cafcafa41ba7e0ee7d6192c72cadb
SHA256 524f6d03a1d85cacb77b1eaf976878c39bca8f1d4f3e591e3b4210e5d16ff00a
SHA512 41bd886ebbe726cf37eccef8f148b0283ac2d414afe6e66b3634b44c084d1ad7cf4036c770ad1d2a7dd2d3d8d020299bdee01ec78c2a95b40bb524bfd2e64f6a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 b5cf7d41599f21e229e75c7ccffd4a1a
SHA1 7f35fa69504093d663b5e23444d9dd07267693ea
SHA256 682274a1e5bbe3e9b619e1dafb080a8d3dce7f7ca60de9e443689832e63762df
SHA512 d77b5794cab31e632d5ef481484a8a0c57b65540aadc9c816d8bc3f78cb1999b4137ed1f4caa28d141886e2d05c7d826815b01bcec8aa387d2f65f26ad75baec

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 43dc9c323ea1d40217a75ad373338b5c
SHA1 c5c870dea8dc59fa8209ff8e3de19b9cc9effdbb
SHA256 e92eaf6a8be09f25db882ca030b06e302d2fc24c3f4048dc2d34d22ed491b3b0
SHA512 f90ea882a8e80e8ae64101a49cab0334ac2f60521d4de0a80612db29cbd1200920da48bfb956ed87d86f6ba8cac46c004791bf5ce5f406cd620bdfc5273c88f9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 d995ab26337952c46a3fea694357bca1
SHA1 52946063c9aa5e73c89d00573a384fe687ce3f73
SHA256 6409234ab51f0261b1d778b3d9b94c0963917e7ca56ac52c719cf2a2fab6867d
SHA512 47e605e5e5747774e632cfef21170bd55efa172cf0412e84b7406d20c870a56c56e21fcf2447421f23de88ea6614b5aa30ef64f51a179970fd51afa7aa665b0d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_F82FCC341F124F6AC9D153F6ECE89FFA

MD5 4389257558ed6ab76a4598d4067df02a
SHA1 11ababb3ae559ad46d7f08aff05ccef2b9fb4bff
SHA256 7173140ffbdcbf3778de66c2c28825cc0ce09632f761ccce755cd98542fef7fb
SHA512 50cfcadd5137a3dc2060c35517655d0785b63317451f7f24854ff5e97f2289e0f39ea9379aa8ccb2ce7ac15e9773766a8b93b44a208869daacd65634f1f88930

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_F82FCC341F124F6AC9D153F6ECE89FFA

MD5 172831834ea62b24f27ae09586544041
SHA1 1bb2f6eb9c319fe96051c9a7db6cc4b882912471
SHA256 c88fedc9c4ce58c474cbda40048f9c60ea139d81438401ca3f9f38de59e57319
SHA512 ab2e156cf49e575074aabec3dc76df497408755944acb34ea9a67f85eb75bfd1fc4eb898b445cab38d6cfb799288668ca6ca9338422de9d774264dffcda4de44

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2c1f57c2e1f6a557fe7fcc06c34a341a
SHA1 a41a73447a2c1a130f7e50c630950b3fdc9f312d
SHA256 7524393185f20d8af0859c185c2df4061387409634a98731da20a3186b0e2aef
SHA512 3b4c8315222dfef5a53c29797cb2ebb944ecab441151bdb50ed7d8a96834f70373ac563ae07a71cbf0e81522ec116e7a2f684b458e611346291f1e6740fee5ab

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M7Q5HQC\plusone[1].js

MD5 fb86282646c76d835cd2e6c49b8625f7
SHA1 d1b33142b0ce10c3e883e4799dcb0a2f9ddaa3d0
SHA256 638374c6c6251af66fe3f5018eb3ff62b47df830a0137afb51e36ac3279d8109
SHA512 07dff3229f08df2d213f24f62a4610f2736b3d1092599b8fc27602330aafbb5bd1cd9039ffee7f76958f4b75796bb75dd7cd483eaa278c9902e712c256a9b7b9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 df6414b0cf2f1f8f29415f5781eeecc1
SHA1 4274b5c9db78a7e8553290a3c3f0ec6df25c4f71
SHA256 ac97c1702ddc9e2e2fe5df17f7a994bc0901dc0bf5a839bfce90dac1a2bc60d4
SHA512 328d2e6bfc18aabce5dc736291acd71074f56685d557b586bf84beb4110ab881dffc24325e580cde4290b420237570ef5997a84bb18bdac424dfb1b1a4ba1814

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c7f163dc982c8d7563e5840e35da30fe
SHA1 7847d81866ecdcba16f7e158cf55468e89465174
SHA256 80322bb64be85b3fe342e7d28e37889c7e6c8192c1068664512e0d1688bb0267
SHA512 767e206de01d86a426673c45f533338dd00e7b33514b801b1ecc77fddf3275439fffcf64e3fc6cf2908d8978f9936affbdf511ff75e6b430ba227d1c18cec56a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 87f0113b9b43860454cd82c97e5ce19a
SHA1 a270f18848257f5dbf6fead728a7fa1feedbe49c
SHA256 9e48d6a87f80e3aa8e7fd8f21d1ee203cd0bccc39e1fd20b7e7ca9001c8a7e9b
SHA512 d17786656195150bc37a820ca648ca02bcdf4fdc1d098ac99b3407dd5a0e791aa721dd06311f28f153094d2ca6f687bbd23ecf8b9165240c1c4443f3a9571da4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M7Q5HQC\v1[1].htm

MD5 0104c301c5e02bd6148b8703d19b3a73
SHA1 7436e0b4b1f8c222c38069890b75fa2baf9ca620
SHA256 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
SHA512 84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 153d787910aa43bb21993ae15836114b
SHA1 2984babf2f375a54a69b1bd4b56469a80d932187
SHA256 ae49968834fd8b1156c93af16b47598173d4daf2bcf63d3b7792d081bc248435
SHA512 100f46c08def92ed11243046177d5a28088a41208a9a681de3c40dda428779cb9d33f1e0afba1f96fae70cf189a82d4c013c9a06f95398b940b4236400e5f2e6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 35a82d4bebefc87cf961cb443ac5963e
SHA1 9ce6ce546917bfe83a060a29b8f153f418b6677f
SHA256 a6152310d5825d88542f00eb80c6ce31302d31a91c81d46cddab73ad2903c245
SHA512 48a2da8c248e5aa9b5382bca4e48f418b5fa6c1e934a30001cf3c530ab34afb376a46884e1738ee952bce590ad45228efb2f068c6bb9b69913ad8dcea78db63a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4d1f2a462fe1dd2e53fde68352a6d4be
SHA1 a342b2f07d6668864d4c6731c904c3f0c518faca
SHA256 b5fa86bc8c9d1a1d6c2a9e60201ba98da0fbfd616834110d9ae9886bb66ee1a7
SHA512 6a080f409c800ff46bfb7b1fdbebf663dfc00077f51f4d332e681a0909a7fd5525767f4150e78b7ee97b33e85c492f10ef65c3eda9a42ccbdec815cf1ad770ff

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cb18964a770773c39567191c03b53f51
SHA1 95c77b6a20a5d586db7c4bc5ce749a1e0f8eb157
SHA256 dea6011979e061a96ce56fe6d448c95ad545382e733394c0bf064dfa5f62631a
SHA512 f6f22eeb88fdaaa4ba18a05b2c5fa6d9f48a49ebb0c26c50d4335a61e5b8c2173a4243b4374503a3fdc9eb929a063fb025cd7df61471dcd5bef5797114eb2348

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8c31616a433de559e10c381c52896392
SHA1 623b914b0c87c77e6b4904fbffa21c7d0e826659
SHA256 424856ee9e78ea446778cdd4bfe9e4460b2509e74710fa4aa98ed5fe484cb23b
SHA512 6f76ba93ac55da8f020d01981858ef745a477207e0d4924a4dab528d69c7285a5dc720b651ec48db99b01426627461f51faa3bab28826a9a0b65b79dfd5f12f5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 232d5be3b636293876f61be47c2ede41
SHA1 baef4e423df6fd34748d756d5f977cb574dbbbec
SHA256 136a0eec37045f9cd9451b7f8fba1649d3e26a8c129514f41a3b95944bf4c20f
SHA512 1810032b9b90e7e5b58043c88834ecfaa2ef5aa4a3bcf175288dc43c6ab4e4ce6f60b84958e398f2a6432c5ce1cc1d48c4acd1bd9e0f2665cb43175137663fc6

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOEMIIXD\cb=gapi[2].js

MD5 4d1bd282f5a3799d4e2880cf69af9269
SHA1 2ede61be138a7beaa7d6214aa278479dce258adb
SHA256 5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693
SHA512 615556b06959aae4229b228cd023f15526256311b5e06dc3c1b122dcbe1ff2f01863e09f5b86f600bcee885f180b5148e7813fde76d877b3e4a114a73169c349

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6784d7287dc81e1db741b6b203116ff1
SHA1 aec332ee2318222f3717aa7aedb8da1a9f832da0
SHA256 f2c1028468825775f5118a388b51fd9c4f91568217045480920de3bb9406726c
SHA512 3f5254d74e1faf80686e9f95397a95bd9488b53700d73fc02ec5ef542c9ae8854128e6caf792466ffc89e38237f1a77a431a98aed50a084f79c69f20fb2956c3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a4ccd942b2375dfbb3ff1b49be323698
SHA1 b05432b982abb7d4ee5a67f0648ebc719105a485
SHA256 e8138d1f5a8270fe09635f51378baa36cc7bbc90ce8743c59f9ad5ae22e53ef9
SHA512 949cef65217e5016970ce09e14d305906060235dc92b5dea590313a6069aabee214cd844c8d897280683c8fffac5a7a4a6e1e8da4d7da00c5338b3faef05ae71

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 98d9869baae3e8933cbee526fff7c548
SHA1 7390fd4d7408d61510edab2db61cdfe710e0579a
SHA256 2743cfb6b073841a31c025a811c98056e180dbae0e281b69fb3763dc62ac633a
SHA512 30d0e5a97ce2f7c0b23c4c86b8b860f891765596bcb6c3dcfd33281e54c724c24bc32b6e45742ad86b890725adb973cbd5410bfbdbd724a7798f1dc7b0656e67

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5be700f72403eed650e3ca15eaefcd37
SHA1 5cd3f3ef344e42bd308a7c711f3cf6022bbaeb7c
SHA256 9453e5d5851f0b48d99059a434784664862dee132d948c2df464662d465fb8a4
SHA512 42e4feee6f496e0083caefe7037b3b85b51e3c58457e5f7a308e02428165cea462eeb05dd81ffc7f79aace55af3381dc56506f6e0b935ef2bdd486221e3efae9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 96f16778f0151452973734f6ca376225
SHA1 18372818c6f51e04480bb468491bf5a18320c128
SHA256 8b031bb15c0f396f92d56057ee304fcc150af3b0a669afa01489828965235c6c
SHA512 7b7213384abffe1e63d211aa5351c53a5e3d27b5a04a833ecad649efee011ceafa3c9bd5e18e7116e7934135f98b773cd3f2d4c83d2685edc9999ae92d5a82d6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ee93382399ebd612c780a1b799093f43
SHA1 6b5297594e081f2cabe7b04d527f619d89887fb1
SHA256 17969fe355f3e7b0af6dacba413421c52f7a09a8e00744dc1d4b50d9e52e6b72
SHA512 6ab6f2838ff2d67d1d382b04758940ef79082058f1ba50707207d64bb366238b727261a086fc7186a6080ec1631e92b41dba189d9556aaf22e23f5d5c45cd057

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_C66311BFC31F329FE5E6FBB46563B719

MD5 b75ced05df31da08d32b89c1b27aae69
SHA1 62c61a8756b55e9efcd8e3cb52069ea4b57df063
SHA256 e61caebbc452136a095f35f8902e461602db957d41ba882c66d0acb317340949
SHA512 49a0781b80bd0b46ab7e20e030fa13185ffa90553ae63d55e8ad2558d227e3d720ce0682f324a95fcc1b57d4a2d496a8f7306c1394e8c443d63fdbf78ee91c3d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_C66311BFC31F329FE5E6FBB46563B719

MD5 8054872b37200a510f4c5402c9bc8613
SHA1 3134db147434a201795bb804ff6f71cbe7c60b0d
SHA256 b949dfd054405ef3e4d0f1764cf2f14352b53e6bd6e10012681ffc484756c813
SHA512 219f3968e6fdc10338973ca4c622ad46d8ef8c566e8ed641b9a2f5c70e5754618a90428db4782b31af99e92573b79a9eba2f1d274d6fa8eaa006ce951cb929f0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d0176e5dce8f2086cb88d2433ced475e
SHA1 2005796685c99418a080c91e7cda551378f34d25
SHA256 d8c1703623ec38cc0286e5d37ed2efcc5d00f096f747ed0def1459b24bbc3e68
SHA512 18b71791086bc247272d1ecbdd69a1f1b2e547c495678a04957f6f8a9305570eafc09be09467b44562ecca6ef39ddcb93be89bc54bea34d7cef8f30a8a32e619

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fd1b4573df3701aaddd870dac91cd928
SHA1 7da04c1fb4a5b71462e55a8af5206f826a04690a
SHA256 974c993f4906890a26b98f8eb01c3a16b691c7073322846d57c6f158ee11ba2e
SHA512 0a25a213b8a7a7533094020857ea102212824dda3c609666bfa48fc4ee6dfc4813429160d4d4c62f21d09bc981a0b77db042f5e7c0dc5a68618c609173562fd7

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 accece194482114ffb46aa74fcda3688
SHA1 31319e5cd88152563a19e1ed49985e2d8f990c72
SHA256 6e69611c7730c608d75e1c1c05b641b990b09eee8a9d29f1682ff5e425eda027
SHA512 548f1535bde0b4994d4729adf0e1e2b5b6b111f6a15f3121e9ef9245ffe9a9e1c9394845fe986c4553c5ad9a2fd0c199b1d19285dde688a0e23ee6388cb50db3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 19263b757056c8b3365cb6f8cf811a9a
SHA1 f9145d0820ba77fc9de6daa45a3eca2296d940e7
SHA256 8212f5cd7bb32239120301a9695b816bba9238b874193189e6f9308c2df2df27
SHA512 45fd2402d63efdb517896ec769feb4ca495032a44c529c2b000b0f589a5d0e916a77c8482f1c4d6be5d4956109d3f8328304d2a077b9f00701db8b3ec7c04ec6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 070fa72fe8b40e080eae7fe8dee8641a
SHA1 795549c37336aa611b83c50dc762644a10b9abea
SHA256 90703b28c7f143c942bb62a6d6fc78caeaff499ac48e62bdcde3a0d560da2be9
SHA512 2292712782eaa8700acbf8875caafacbabf4d36bdc116a6f47b7618ef8d5c1feb942ef4da7a3cb6fcf1405fffec917d37c929edea925db16ee9a7c0650d6eda0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 308ba2f514f6cbe69cad66485e0fb500
SHA1 7041665709dcab3a0b7f836e451fd64b0822e795
SHA256 9a9812bb39a36648f1e4c6279b3368dacf0cfcff480db58bae82f5ec5c9c880b
SHA512 d04a50af2b4bdcde66d50b2524ab39939338c21b0ba151e812dcd14c8269b283fce6ce95a53b1898fcfb35187796198cc0f9f0cba29e71ed94864a7414cf219f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d3e0ddebad4ae4de4bbf80e98f0f9fd3
SHA1 194e1089b45409f3ac498f093ef28497af8d1ed3
SHA256 e09d1a29e4ae28041bbd704e0e7f53f9ec0874937b1155502841f6510895a0f3
SHA512 13bec33c875f01edad88f6f49b7135376aa27052a7cc7bc7c6d4d5969f1f820f1b1c2827fce884f72d10dce57a52a1db9d15d443d37285dde2ace630cc9b0b24

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d2a259d9d0eac4ae67edd734b2dfdc07
SHA1 6c9c062c5b9a249708f6f6f9027803b1b26550d9
SHA256 3fa861556e91007e63487cd10907c9ff12b84905e1dba25687e6294a9a17c592
SHA512 f6a080a46627153734776fb6adaa089cea0ac032f0794e1510f00de3d2a718ca7f14fa28c394b358b2ca3753da28ae78e8972a47845c185ff34a5a0c8a300ac6

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml

MD5 4a8e79cfcb3ca8a80d9c5b03d4914704
SHA1 904962135197f81e04ec2da4f4bae24fc60bf32f
SHA256 101f4a64fde19893fdec1056844bba063bdca3dcff1689d9674e9f5a1472cb08
SHA512 e4e60f0c8e8829d247a0dadf56212d90c2b0dc37e48ecb8de4b2377f408a159b0a1008b5be5692b37ae1d3b46a88b5dde602823a4831c201120331daf07a0dae

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml

MD5 635e92c9a7d213bec60ec7c2bcf5efc0
SHA1 6d79694a84c32cd82c7e194682a99a68698df97e
SHA256 001c3f4c2663e91081c8c52236e37d9c28576d83f6857c5b12f6b11cc56844ff
SHA512 bfa3be25a9a176a467e51f136dbc9a5d77d0eb07c033d693b4bb175c9cbc91032338ac7528d7ebdc5d3360567c462f5172a0497d0e5ec140b9b4b8bce6a10e2d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml

MD5 3353beb87b27d19225a3dae8fd135973
SHA1 875fe0e4fa6bf2d76aca19a9fb5d8f53b1d3f222
SHA256 309d04a6b58313a41e26d4bdfd3e3c13dd4768c575b2e887487a4418eeaab4ad
SHA512 3a35544ab3526924d47ccf6a7622647d01325b131abae8498a137779d6cbe0a3df877b731b355e6806705a01c40906220cffc752560543a0d58d4d1d256df5c9

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml

MD5 0b54ce56f473b202feef9702d7463a55
SHA1 000c8259a1cefdd834cf96d47e88421b1d63f153
SHA256 b8e19ce7cd600e2aac26dfd4e006972beefa7a5fe927ea33a6ac2c91936df915
SHA512 62d45744a7b9411d4161db96d5cd63b4ca443a76992e919e4edee0a86cfa69114749aafc95834f2f2420fa5055d01190d04252b231d6435957db2dfc79342818

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml

MD5 d151eacf3ae1c48756a7b94f88ba741c
SHA1 4bba74befcc2eb996e6ace91767a423192905c59
SHA256 e230e78d40e1b5bac493ebd1fa26ec5446ac391bf65d3ac117331433332c0a1d
SHA512 6aab68e481231c9b6e5d9a6dfe9ec9c5c527775e2e63e1a4640ec11c43a35c5400f3c725901581601bfaa8bede1e0b5b2584927e1d96c190237bde29731cdeee

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0bf876a58ebe9001ab9f5856083c942c
SHA1 2fec767742d54ca72e703acfd2d273b50c976316
SHA256 787e33f4ac4a1af8878fdfca9e46496fe38f04ca5b30c5d19daa11a4d97f2d60
SHA512 20440bb98fb0a3fd92d0e655a8a3819bdf5ff6eafc6dab91bf411cc1698e4c0c0423321ae2684f04391592e15f37ccfa4e3dd0096d998dc311c98f2f274eba03

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 172f299f1eac4dd1e0f3d87ef04ce451
SHA1 4636ce230955549dfbc5c158721019b6962c4fbb
SHA256 bdcc4492f72ca744b8b3681fca7436b4ceccf5c6cd5319b661ffe71e5a04ec5c
SHA512 89296c1b72a748b325ad756b815a808efa09c59a59cd15282b995526c3baffd0eff8260a9ef4bd96c1a8a16139744d0c63b4c8b1dfe2ab3f79344665667c7926

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 02dd76f92c26f56dfae8128e5b2ec78e
SHA1 a87b696434dbda0a03e8398eb001d96a4ad834ae
SHA256 35a93e2df5a38adc22af39be6b143a981cdb0f5b84272b1df232b57e16fc53a9
SHA512 989238e84b2d781c3327ccb471f35504c34e73549dc14ea1a7b897880fd4a27c8abdd075d974d54ab5bdadeae234aa55206c9a1e42edefaa734f2bfc6982fd3e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6985ad488ce54758ba1cca3af9127598
SHA1 1f773044d7cf91033effa2f2172addd52fbed0e2
SHA256 2e04b6c3c7189bd96d109a4cb0ae8d0984bb09a92e229651ec0bb7d7f624bbba
SHA512 efcaea277f254763bdf97c1cbd069ccf3789b5f5823c51df414d582dced8225d4032d89fc6a0243287e6095e8b4feed9de73a4dec9938df9f19988986ba842be

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 64eb08788bc42b66b717bc80e466896c
SHA1 033ecfb47c009a9c6d006bf1ebaf53e3d79f2a76
SHA256 7a926045096b732fa6577df61cfc4b73886b2a0d7d27f43d71b9ce6d0671c5eb
SHA512 c75f44137b211d4da9cdb72c5737bd65bf1debf9527d0eaaa4ec98fb4327eedcd03f0e5b2f2d6b1d2093f8d2800c72ef4789c9618840397e09d85658d62c3628

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d1215239c1b9646c2933df4631f94793
SHA1 13bae0264b1ab64c21770c58bc36c20b46e1db1e
SHA256 9172a7cf99b36af7ddd940e21aaae5613a2699d1fd6ebb774c3ebe309dd68398
SHA512 b8fba87141aaf89d2d6d7f479fc973e8fa5f9e879c55e182661bd268033995a1309e860767a8e07f7ae17e5b0d538397ebb36197e4beefeabf8083aae0fe0609

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7f40de7effd22c9f22eb1ffa3d3fcd9e
SHA1 465c040e3e14cc5b4ee434db13e97024551d4683
SHA256 90e3e108378da960a289258b0384cedad2f51932127d24e5c8bffec89f84bab5
SHA512 a7f19327c173943e3381586ec3783a85c06c7530a5c9fde83b56570b2d267b7c1952d011cd37eb78dd0037aeafcbf7750d1ccd01282943450a0757ee87e97473

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 7dc9d4a28bd0517a616d525aa49fa397
SHA1 1ef59921190b87df79063f0a7af3ec9fb34f1d88
SHA256 cae3810657cf7a8b1cb9e6428a10eaa6bc122d37f7572a2e0f36f64a1a7aec99
SHA512 ed3e7dd9f116270b8f858f38c1152d2f906b2289e24b684c57e5343d8e766c20ac113642768597aaa0d949675032e50b2690a10c964ba578589ab847ce30d3ca

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a42f603ff4ce67317948d00f6d4b6eea
SHA1 92a30443a76984477f2d12d5fb130e2364b0a595
SHA256 b880d66b111e31d4b473fd97120cef7b05b5e0e9ea3e680ec36212e7ec7687f7
SHA512 88a770434e047cfb5b2c883672ed2cbb2721fdc200ee653a93886a14c408158bec92efd2538ee41bee1d1b145487dd88461c47bb16c743ca67e539138dde8737

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9f68dc8369796a47dd37485ad32f7ba8
SHA1 7cbb78dc8121528a28e90f2bc87f796ae2ca0cc6
SHA256 0c509d48b2eb2a415cfffaa65f777fdb21be4c74779148dedb6797dcf1bfa600
SHA512 6b40edeec331a48902d6cefbac3eb291a8f96f34bb174a30bf8505a839ed750b566c94542965d7367de63edbfe458d0e9b164c6deb753d903bb2bf2db6d564b1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 be197bafca6b25ebe657aa2a94c4ecba
SHA1 34dc3e37fe7ed377770aa86d8140b2bbb06f30ad
SHA256 203dd3368fa634079ce3a10a7a62d0d9c1903db63673167eacb56ecd9b4e6840
SHA512 51d2383f31d16ed865cadd905a4f70f71af51b95144e112e67dabf9459cc67b8e9c8b53429201d5cf8bb6d1c337ea64df17bd1fb163b541c46574b493d3e4b8c

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-10 10:58

Reported

2024-05-10 11:01

Platform

win10v2004-20240226-en

Max time kernel

145s

Max time network

153s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2ec5e7d60accf0644b452896b83dd12c_JaffaCakes118.html

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A sites.google.com N/A N/A
N/A sites.google.com N/A N/A
N/A sites.google.com N/A N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2ec5e7d60accf0644b452896b83dd12c_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4016 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5952 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4956 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5548 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5568 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=4032 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=3220 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6204 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=6360 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=6556 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=6312 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --mojo-platform-channel-handle=6764 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=7632 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=4896 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --mojo-platform-channel-handle=5452 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 239.249.30.184.in-addr.arpa udp
US 13.107.6.158:443 business.bing.com tcp
GB 13.87.96.169:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
NL 96.16.53.149:443 bzib.nelreports.net tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
NL 104.123.41.162:443 www.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 ahlikompie.com udp
US 8.8.8.8:53 ahlikompie.com udp
US 8.8.8.8:53 www.insidethemagic.net udp
US 8.8.8.8:53 www.insidethemagic.net udp
SG 172.96.191.56:80 ahlikompie.com tcp
GB 142.250.179.234:443 ajax.googleapis.com tcp
GB 142.250.200.9:443 www.blogger.com tcp
GB 216.58.204.74:80 fonts.googleapis.com tcp
GB 216.58.201.110:443 apis.google.com tcp
US 8.8.8.8:53 www.insidethemagic.net udp
US 8.8.8.8:53 www.insidethemagic.net udp
US 8.8.8.8:53 149.53.16.96.in-addr.arpa udp
US 8.8.8.8:53 162.41.123.104.in-addr.arpa udp
US 104.16.151.108:443 www.insidethemagic.net udp
US 104.16.151.108:443 www.insidethemagic.net tcp
GB 216.58.212.195:80 fonts.gstatic.com tcp
SG 172.96.191.56:80 ahlikompie.com tcp
US 8.8.8.8:53 www.thefloridahotelorlando.com udp
US 8.8.8.8:53 www.thefloridahotelorlando.com udp
US 8.8.8.8:53 lpmpjateng.go.id udp
US 8.8.8.8:53 lpmpjateng.go.id udp
US 8.8.8.8:53 yourjavascript.com udp
US 8.8.8.8:53 yourjavascript.com udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 pub.mybloglog.com udp
US 8.8.8.8:53 pub.mybloglog.com udp
US 8.8.8.8:53 cdn.wibiya.com udp
US 8.8.8.8:53 cdn.wibiya.com udp
GB 142.250.200.9:443 www.blogger.com udp
US 8.8.8.8:53 bloggergadgets.googlecode.com udp
US 8.8.8.8:53 bloggergadgets.googlecode.com udp
US 8.8.8.8:53 www.linkwithin.com udp
US 8.8.8.8:53 www.linkwithin.com udp
GB 216.58.201.110:443 apis.google.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 13.248.169.48:80 yourjavascript.com tcp
ID 103.30.180.77:80 lpmpjateng.go.id tcp
US 8.8.8.8:53 pub.mybloglog.com udp
SG 118.139.179.30:80 www.linkwithin.com tcp
GB 142.250.200.9:443 resources.blogblog.com tcp
IE 172.253.116.82:80 bloggergadgets.googlecode.com tcp
US 8.8.8.8:53 www.myhotspots.co.uk udp
US 8.8.8.8:53 www.myhotspots.co.uk udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
ID 103.30.180.77:80 lpmpjateng.go.id tcp
SG 118.139.179.30:80 www.linkwithin.com tcp
US 76.223.67.189:80 www.myhotspots.co.uk tcp
GB 142.250.187.225:80 2.bp.blogspot.com tcp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
GB 142.250.187.225:80 4.bp.blogspot.com tcp
GB 142.250.187.225:80 4.bp.blogspot.com tcp
US 8.8.8.8:53 img2.blogblog.com udp
US 8.8.8.8:53 img2.blogblog.com udp
US 8.8.8.8:53 images2.tempo.co udp
US 8.8.8.8:53 images2.tempo.co udp
US 8.8.8.8:53 www.info-regenten.de udp
US 8.8.8.8:53 www.info-regenten.de udp
GB 142.250.200.9:80 img2.blogblog.com tcp
US 8.8.8.8:53 images2.tempo.co udp
US 8.8.8.8:53 www.info-regenten.de udp
US 8.8.8.8:53 data.tribunnews.com udp
US 8.8.8.8:53 data.tribunnews.com udp
US 8.8.8.8:53 9.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 82.116.253.172.in-addr.arpa udp
US 8.8.8.8:53 56.191.96.172.in-addr.arpa udp
US 8.8.8.8:53 48.169.248.13.in-addr.arpa udp
US 8.8.8.8:53 225.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 189.67.223.76.in-addr.arpa udp
US 8.8.8.8:53 77.180.30.103.in-addr.arpa udp
US 8.8.8.8:53 30.179.139.118.in-addr.arpa udp
US 8.8.8.8:53 108.151.16.104.in-addr.arpa udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 images.messara.multiply.com udp
US 8.8.8.8:53 images.messara.multiply.com udp
US 8.8.8.8:53 data.tribunnews.com udp
GB 142.250.187.225:80 3.bp.blogspot.com tcp
US 8.8.8.8:53 uniqpost.com udp
US 8.8.8.8:53 uniqpost.com udp
US 8.8.8.8:53 images.messara.multiply.com udp
US 8.8.8.8:53 sehatkufreemagazine.files.wordpress.com udp
US 8.8.8.8:53 sehatkufreemagazine.files.wordpress.com udp
US 192.0.72.28:80 sehatkufreemagazine.files.wordpress.com tcp
US 8.8.8.8:53 humorsingkat.files.wordpress.com udp
US 8.8.8.8:53 humorsingkat.files.wordpress.com udp
US 192.0.72.20:80 humorsingkat.files.wordpress.com tcp
US 20.231.121.79:80 tcp
US 8.8.8.8:53 28.72.0.192.in-addr.arpa udp
US 8.8.8.8:53 79.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 20.72.0.192.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 i.okezone.com udp
US 8.8.8.8:53 i.okezone.com udp
GB 142.250.187.225:80 3.bp.blogspot.com tcp
GB 142.250.187.225:80 3.bp.blogspot.com tcp
US 8.8.8.8:53 klimg.com udp
US 8.8.8.8:53 klimg.com udp
US 8.8.8.8:53 0.gvt0.com udp
US 8.8.8.8:53 0.gvt0.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 nyunyu.com udp
US 8.8.8.8:53 nyunyu.com udp
US 8.8.8.8:53 3.gvt0.com udp
US 8.8.8.8:53 3.gvt0.com udp
US 8.8.8.8:53 farm4.staticflickr.com udp
US 8.8.8.8:53 farm4.staticflickr.com udp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
US 8.8.8.8:53 informasitips.com udp
US 8.8.8.8:53 informasitips.com udp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
US 8.8.8.8:53 www.memobee.com udp
US 8.8.8.8:53 www.memobee.com udp
US 8.8.8.8:53 www.tabloidbintang.com udp
US 8.8.8.8:53 www.tabloidbintang.com udp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
US 8.8.8.8:53 nasima.sch.id udp
US 8.8.8.8:53 nasima.sch.id udp
US 8.8.8.8:53 l.yimg.com udp
US 8.8.8.8:53 l.yimg.com udp
US 8.8.8.8:53 sites.google.com udp
US 8.8.8.8:53 sites.google.com udp
US 8.8.8.8:53 data.tribunnews.com udp
US 8.8.8.8:53 data.tribunnews.com udp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
US 8.8.8.8:53 t2.gstatic.com udp
US 8.8.8.8:53 t2.gstatic.com udp
US 8.8.8.8:53 images.detik.com udp
US 8.8.8.8:53 images.detik.com udp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
US 8.8.8.8:53 bloggercilacap.com udp
US 8.8.8.8:53 bloggercilacap.com udp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 142.250.187.225:80 1.bp.blogspot.com tcp
GB 87.248.114.11:80 l.yimg.com tcp
HR 65.9.190.84:80 farm4.staticflickr.com tcp
US 8.8.8.8:53 data.tribunnews.com udp
NL 37.48.65.153:80 nyunyu.com tcp
NL 37.48.65.153:80 nyunyu.com tcp
NL 37.48.65.153:80 nyunyu.com tcp
NL 37.48.65.153:80 nyunyu.com tcp
NL 37.48.65.153:80 nyunyu.com tcp
NL 37.48.65.153:80 nyunyu.com tcp
US 34.95.124.251:80 www.tabloidbintang.com tcp
ID 103.49.221.102:80 images.detik.com tcp
GB 142.250.178.4:80 t2.gstatic.com tcp
US 217.196.54.25:80 informasitips.com tcp
GB 142.250.187.238:443 sites.google.com tcp
SG 35.247.151.7:80 klimg.com tcp
US 8.8.8.8:53 nasima.sch.id udp
US 8.8.8.8:53 0.gvt0.com udp
US 8.8.8.8:53 3.gvt0.com udp
US 8.8.8.8:53 3.gvt0.com udp
US 8.8.8.8:53 0.gvt0.com udp
US 52.20.84.62:80 www.memobee.com tcp
US 8.8.8.8:53 0.gvt0.com udp
US 8.8.8.8:53 3.gvt0.com udp
SG 35.247.151.7:80 klimg.com tcp
ID 103.49.221.102:80 images.detik.com tcp
SG 139.99.69.164:80 bloggercilacap.com tcp
SG 139.99.69.164:80 bloggercilacap.com tcp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.189.173.22:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 11.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 153.65.48.37.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 251.124.95.34.in-addr.arpa udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 84.190.9.65.in-addr.arpa udp
US 8.8.8.8:53 25.54.196.217.in-addr.arpa udp
US 8.8.8.8:53 62.84.20.52.in-addr.arpa udp
US 8.8.8.8:53 7.151.247.35.in-addr.arpa udp
US 8.8.8.8:53 102.221.49.103.in-addr.arpa udp
US 8.8.8.8:53 164.69.99.139.in-addr.arpa udp
US 8.8.8.8:53 22.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 s1.rsspump.com udp
US 8.8.8.8:53 s1.rsspump.com udp
US 8.8.8.8:53 s1.rsspump.com udp
US 64.98.135.66:80 s1.rsspump.com tcp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 64.98.135.66:80 s1.rsspump.com tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 applify.me udp
US 8.8.8.8:53 applify.me udp
DE 138.201.94.231:80 applify.me tcp
US 8.8.8.8:53 66.135.98.64.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
DE 138.201.94.231:80 applify.me tcp
US 8.8.8.8:53 www.thefloridahotelorlando.com udp
US 8.8.8.8:53 www.thefloridahotelorlando.com udp
US 8.8.8.8:53 pewresearch.org udp
US 8.8.8.8:53 pewresearch.org udp
US 8.8.8.8:53 ahlikompie.com udp
US 8.8.8.8:53 ahlikompie.com udp
US 8.8.8.8:53 lpmpjateng.go.id udp
US 8.8.8.8:53 lpmpjateng.go.id udp
US 8.8.8.8:53 uniqpost.com udp
US 8.8.8.8:53 uniqpost.com udp
US 8.8.8.8:53 sehatkufreemagazine.files.wordpress.com udp
US 8.8.8.8:53 sehatkufreemagazine.files.wordpress.com udp
US 8.8.8.8:53 humorsingkat.files.wordpress.com udp
US 8.8.8.8:53 humorsingkat.files.wordpress.com udp
US 8.8.8.8:53 i.okezone.com udp
US 8.8.8.8:53 i.okezone.com udp
US 8.8.8.8:53 www.tabloidbintang.com udp
US 8.8.8.8:53 www.tabloidbintang.com udp
US 8.8.8.8:53 farm4.staticflickr.com udp
US 8.8.8.8:53 farm4.staticflickr.com udp
US 8.8.8.8:53 informasitips.com udp
US 8.8.8.8:53 informasitips.com udp
US 8.8.8.8:53 bloggercilacap.com udp
US 8.8.8.8:53 bloggercilacap.com udp
US 104.18.160.83:443 www.thefloridahotelorlando.com tcp
US 192.0.66.2:443 pewresearch.org tcp
ID 103.30.180.77:443 lpmpjateng.go.id tcp
US 104.21.91.254:443 uniqpost.com udp
SG 172.96.191.56:443 ahlikompie.com tcp
US 34.95.124.251:443 www.tabloidbintang.com tcp
US 104.18.31.212:443 i.okezone.com tcp
US 104.18.31.212:443 i.okezone.com tcp
US 192.0.72.28:443 sehatkufreemagazine.files.wordpress.com tcp
US 192.0.72.21:443 humorsingkat.files.wordpress.com tcp
HR 65.9.190.84:443 farm4.staticflickr.com tcp
US 217.196.54.25:443 informasitips.com tcp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 cdn.wibiya.com udp
GB 142.250.187.238:443 sites.google.com udp
US 172.67.143.66:443 cdn.wibiya.com udp
US 172.67.69.193:443 www.widgeo.net tcp
GB 142.250.200.34:445 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 cdns.klimg.com udp
US 8.8.8.8:53 cdns.klimg.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
NL 96.16.53.155:443 cdns.klimg.com tcp
GB 142.250.200.9:443 www.blogger.com tcp
US 8.8.8.8:53 www.atom.com udp
US 8.8.8.8:53 www.atom.com udp
US 8.8.8.8:53 humorsingkat.wordpress.com udp
US 8.8.8.8:53 humorsingkat.wordpress.com udp
GB 142.250.200.9:443 www.blogger.com tcp
GB 142.250.200.9:443 www.blogger.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 sehatkufreemagazine.wordpress.com udp
US 8.8.8.8:53 sehatkufreemagazine.wordpress.com udp
GB 142.250.200.9:443 www.blogger.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 172.67.26.69:443 www.atom.com udp
ID 103.30.180.77:443 lpmpjateng.go.id tcp
US 192.0.78.12:443 sehatkufreemagazine.wordpress.com tcp
SG 172.96.191.56:443 ahlikompie.com tcp
US 192.0.78.13:443 sehatkufreemagazine.wordpress.com tcp
IE 209.85.203.84:443 accounts.google.com tcp
SG 139.99.69.164:443 bloggercilacap.com tcp
US 8.8.8.8:53 www.tealdit.com udp
US 8.8.8.8:53 www.tealdit.com udp
US 8.8.8.8:53 www.tealdit.com udp
US 8.8.8.8:53 www.tealdit.com udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 www.widgeo.net udp
US 104.21.72.39:443 www.tealdit.com udp
US 8.8.8.8:53 accounts.google.com udp
US 104.26.11.22:443 www.widgeo.net tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
IE 209.85.203.84:443 accounts.google.com udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
IE 209.85.203.84:443 accounts.google.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
RU 93.158.134.119:443 mc.yandex.ru tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 www.youtube.com udp
SG 139.99.69.164:443 bloggercilacap.com tcp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 254.91.21.104.in-addr.arpa udp
US 8.8.8.8:53 83.160.18.104.in-addr.arpa udp
US 8.8.8.8:53 2.66.0.192.in-addr.arpa udp
US 8.8.8.8:53 212.31.18.104.in-addr.arpa udp
US 8.8.8.8:53 21.72.0.192.in-addr.arpa udp
US 8.8.8.8:53 66.143.67.172.in-addr.arpa udp
US 8.8.8.8:53 193.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 155.53.16.96.in-addr.arpa udp
US 8.8.8.8:53 69.26.67.172.in-addr.arpa udp
US 8.8.8.8:53 12.78.0.192.in-addr.arpa udp
US 8.8.8.8:53 13.78.0.192.in-addr.arpa udp
US 8.8.8.8:53 84.203.85.209.in-addr.arpa udp
US 104.26.11.22:445 www.widgeo.net tcp
US 8.8.8.8:53 39.72.21.104.in-addr.arpa udp
US 8.8.8.8:53 22.11.26.104.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
GB 142.250.200.9:443 www.blogger.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
GB 142.250.187.225:443 2.bp.blogspot.com tcp
GB 142.250.187.225:443 2.bp.blogspot.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.180.2:139 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 119.134.158.93.in-addr.arpa udp
US 8.8.8.8:53 246.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
GB 142.250.200.33:443 lh3.googleusercontent.com udp
US 104.26.10.22:445 www.widgeo.net tcp
US 172.67.69.193:445 www.widgeo.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.180.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 cdn.muslimah.or.id udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.179.230:443 static.doubleclick.net tcp
US 8.8.8.8:53 33.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
GB 142.250.180.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 cdn.muslimah.or.id udp
US 8.8.8.8:53 cdn.muslimah.or.id udp
US 8.8.8.8:53 widgets.amung.us udp
US 8.8.8.8:53 widgets.amung.us udp
US 8.8.8.8:53 www2.cbox.ws udp
US 8.8.8.8:53 www2.cbox.ws udp
US 8.8.8.8:53 www2.cbox.ws udp
US 8.8.8.8:53 www2.cbox.ws udp
DE 195.201.153.71:80 www2.cbox.ws tcp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
DE 195.201.153.71:80 www2.cbox.ws tcp
DE 195.201.153.71:80 www2.cbox.ws tcp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 arvigorothan.com udp
US 8.8.8.8:53 arvigorothan.com udp
US 8.8.8.8:53 widgets.amung.us udp
US 8.8.8.8:53 widgets.amung.us udp
US 172.67.139.229:443 cdn.muslimah.or.id udp
US 8.8.8.8:53 i1045.photobucket.com udp
US 8.8.8.8:53 i1045.photobucket.com udp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com udp
PL 93.184.220.66:443 platform.twitter.com tcp
US 104.22.74.171:443 widgets.amung.us udp
HR 65.9.25.81:80 i1045.photobucket.com tcp
US 172.67.150.119:443 arvigorothan.com udp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 230.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 71.153.201.195.in-addr.arpa udp
US 8.8.8.8:53 229.139.67.172.in-addr.arpa udp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
US 8.8.8.8:53 171.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 66.220.184.93.in-addr.arpa udp
US 8.8.8.8:53 119.150.67.172.in-addr.arpa udp
US 8.8.8.8:53 81.25.9.65.in-addr.arpa udp
US 8.8.8.8:53 i1045.photobucket.com udp
US 8.8.8.8:53 i1045.photobucket.com udp
HR 65.9.25.18:443 i1045.photobucket.com tcp
US 8.8.8.8:53 glakaits.net udp
US 8.8.8.8:53 glakaits.net udp
NL 139.45.197.242:443 glakaits.net tcp
IE 209.85.203.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 t.dtscout.com udp
US 8.8.8.8:53 t.dtscout.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
DE 141.101.120.11:443 t.dtscout.com tcp
GB 216.58.212.206:80 developers.google.com tcp
US 8.8.8.8:53 my.rtmark.net udp
US 8.8.8.8:53 my.rtmark.net udp
US 8.8.8.8:53 yonmewon.com udp
US 8.8.8.8:53 yonmewon.com udp
US 8.8.8.8:53 www.widgeo.net udp
NL 139.45.195.8:443 my.rtmark.net tcp
US 8.8.8.8:53 sr7pv7n5x.com udp
US 8.8.8.8:53 sr7pv7n5x.com udp
NL 139.45.197.236:443 yonmewon.com tcp
NL 212.117.190.201:443 sr7pv7n5x.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
GB 142.250.179.227:443 ssl.gstatic.com tcp
NL 192.229.233.25:443 platform.twitter.com tcp
NL 192.229.233.25:443 platform.twitter.com tcp
US 8.8.8.8:53 syndication.twitter.com udp
US 8.8.8.8:53 syndication.twitter.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 104.244.42.200:443 syndication.twitter.com tcp
GB 216.58.212.206:443 developers.google.com tcp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 18.25.9.65.in-addr.arpa udp
US 8.8.8.8:53 242.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 11.120.101.141.in-addr.arpa udp
US 8.8.8.8:53 206.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 8.195.45.139.in-addr.arpa udp
US 8.8.8.8:53 236.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 201.190.117.212.in-addr.arpa udp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 25.233.229.192.in-addr.arpa udp
US 8.8.8.8:53 200.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
BE 88.221.83.186:443 www.bing.com tcp
US 8.8.8.8:53 186.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 connect.facebook.net udp
GB 163.70.151.21:445 connect.facebook.net tcp
US 8.8.8.8:53 connect.facebook.net udp
GB 163.70.151.21:139 connect.facebook.net tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
GB 142.250.187.206:443 play.google.com tcp
GB 142.250.187.206:443 play.google.com udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 172.217.169.42:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 static.addtoany.com udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 104.22.70.197:445 static.addtoany.com tcp
US 104.22.71.197:445 static.addtoany.com tcp
US 172.67.39.148:445 static.addtoany.com tcp
US 8.8.8.8:53 static.addtoany.com udp
US 104.22.71.197:139 static.addtoany.com tcp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 cdn.viglink.com udp
HR 65.9.25.4:445 cdn.viglink.com tcp
HR 65.9.25.10:445 cdn.viglink.com tcp
HR 65.9.25.16:445 cdn.viglink.com tcp
HR 65.9.25.2:445 cdn.viglink.com tcp
US 8.8.8.8:53 cdn.viglink.com udp
BE 88.221.83.234:443 www.bing.com tcp
US 8.8.8.8:53 234.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 whos.amung.us udp
US 172.67.8.141:445 whos.amung.us tcp
US 104.22.74.171:445 whos.amung.us tcp
US 104.22.75.171:445 whos.amung.us tcp
US 8.8.8.8:53 whos.amung.us udp
US 8.8.8.8:53 208.143.182.52.in-addr.arpa udp
US 8.8.8.8:53 kepingan-hati.blogspot.com udp
US 8.8.8.8:53 kepingan-hati.blogspot.com udp
GB 216.58.201.97:80 kepingan-hati.blogspot.com tcp
US 8.8.8.8:53 97.201.58.216.in-addr.arpa udp

Files

N/A