Analysis Overview
SHA256
13afbc07610360f1f69f2fb25c17b6ee90ca6e478ef383c323487792272b26b8
Threat Level: No (potentially) malicious behavior was detected
The file 742b38f79b52d89a96f674afe13ab059_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-26 03:16
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-26 03:16
Reported
2024-05-26 03:19
Platform
win7-20240221-en
Max time kernel
141s
Max time network
142s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "18" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e7f6fa69ea8a2c46983f0b8039276f9c000000000200000000001066000000010000200000004a57d827d90be88629fc8ff84def10d2dac24958a4713b37866de34d09b777c3000000000e8000000002000020000000c12bc42404eddf7bb10949782789e318412844689ea74fc81ed9d2df830447cb20000000913f1b49bbc651632099971d503fdba5f6e500bb13b4efbf2e9d22df5552f568400000009010d6fd5a7a184b89005ddaffd7b137f9d83ac7695e64da842c1fd861699c62245d1d39dda83af7a6b42ebb34f3ce5aad1475cde70c244426bcb6ddeda03005 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "18" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0820c391bafda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{6117AB81-1B0E-11EF-B826-EA483E0BCDAF} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422855272" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com\ = "18" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e7f6fa69ea8a2c46983f0b8039276f9c00000000020000000000106600000001000020000000e0c97c9bf81e21063fadf3c09097a5f8c297098c6feb41c1a5886d64c5bfc5b4000000000e8000000002000020000000a9366132a7124f45ace0bbf0ae7deb99cbbf2f00ca1911a00e110e0fba1ae6d3900000000f2248a61abc15418277714b68b92ad0a91ca53cd11fbb78ffc92cd77935fb4051b45659310913ad2825b775a487e390237121df510cb3cf4f79429e32c67838a2d13834b1be62e2e4249a567d1c89b479df1b28442ef87b891ae7e5320451b4ce68a8441e213f859d54255fdf033cc6baba47d7afa27ef5092a1ff5556681f8517a0ed3215bd318cabea0ff082e1b1c4000000020e6d8ecd8928110b9d1f5728b5c0363ee2197af11fc50e9eea80d3dfbb623b452dae06953c594339211c2fe90b2c5cea0ab35ac4480b0b00a4c90bcdb9c9ae6 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2956 wrote to memory of 2144 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2956 wrote to memory of 2144 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2956 wrote to memory of 2144 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2956 wrote to memory of 2144 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\742b38f79b52d89a96f674afe13ab059_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2956 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| GB | 172.217.169.2:80 | pagead2.googlesyndication.com | tcp |
| GB | 172.217.169.2:80 | pagead2.googlesyndication.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| GB | 142.250.200.10:80 | ajax.googleapis.com | tcp |
| GB | 142.250.200.10:80 | ajax.googleapis.com | tcp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| US | 8.8.8.8:53 | aquitatodo.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| GB | 142.250.180.1:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 1.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| US | 104.22.75.171:80 | widgets.amung.us | tcp |
| US | 104.22.75.171:80 | widgets.amung.us | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | aquitatodo.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 9de1ca6a9df6f18bed9b9b16edd7157e |
| SHA1 | c21796e3d593931bdabcc0b0a41525ba7df75ee8 |
| SHA256 | bc665ab9573d6eba464f2b4c84d2c8178f285183ac77b0fa32ce9de6c7a577c0 |
| SHA512 | 50709cacbf181826cd8373f4b553bba6fe1e29b7a81f722d2c0f7da321421cac8927903c9f86ac069b5a3a34ffc9f90c8f0dd13a9460a343e287698f43b3be26 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | dd3850d9ce5a33ba453ba4d1dfb4ba51 |
| SHA1 | df05b044dd14e7d009aad0398686bbfd6fff1491 |
| SHA256 | e9e041a83d7f3dbd6adfeda50b7ff9d3fd1abfcfb4fc5906d481c33db7072b85 |
| SHA512 | ec27ccc61d0133a76a612d5ddde2c6193f96302e17f66a75da8e1ad18ee871fe6b307e535317726449dc724331d4f48376d03201ad8d9dc2985aa0420d45b8e4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_02C4C6ED250727F9B08935C0A9565568
| MD5 | bbd8a22bce8e235ff71c32a1c69268bb |
| SHA1 | bf9d0b7346510ab10023a7432e1462dd8a314668 |
| SHA256 | 1cb9f8b414abb33992f9db36b33cc6de31155449b134b719c1ebd38a90f3aee3 |
| SHA512 | 31fd88f0a24bdc81ba3cd2a4a1ca61064bce259009f1ca10261adfb8ffa6ecb2c9776a136caff03670a4f8a3a6d87cb91e4f2409ca57be1a8deef80855f0e688 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\jquery.min[1].js
| MD5 | e85aed5c30d734f1e30646e030d7a817 |
| SHA1 | b8dcaa1c866905c0bdb0b70c8e564ff1c3fe27ad |
| SHA256 | 8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a |
| SHA512 | a5b7c4911b530b4b550838f50ceda9d9382d86aad7cb4ff13c897c269bc7ff350ccf01487534882f294749bc19f3398f0b338e1d8b03af3dba1ef382168ecc9e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\f[1].txt
| MD5 | d8daa39564bacab698d7c3235c656522 |
| SHA1 | 8b134c2b099f0661c9db0c699a4cfa38c54e9b07 |
| SHA256 | 7631f893c05a2ce0a20f10ca2e658cf2c2c39af037f4659236d445e6607bbadd |
| SHA512 | 29b02d5bf6acdea08cfa3ffb4c215344d7908f0251df494ff4c0fd72d877f3edd07d140c115541bbaaffb0df9c59df3c2670d01e177886405f88e259b3b549dc |
C:\Users\Admin\AppData\Local\Temp\Cab281C.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\Local\Temp\Tar282E.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c7051f69beefc05cc54a46d434ff2885 |
| SHA1 | 9afbad049e5a948a49b947b20992c0ad7dcedd92 |
| SHA256 | 08a8bd2288aff907054a6ca004f566b7d2c729d2f4dd55d9d7170fbcd8221993 |
| SHA512 | 00f78af8e34db992b0da282425d4c5c71905ae58d9b28631ae44f6e7e8fcef809b6a9eacda9b8c24d60687136659221f5296145e2b4c5a9fe2c6857de65c0b25 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\platform_gapi.iframes.style.common[1].js
| MD5 | 7ef4bc18139bcdbdd14c5b58b0955a67 |
| SHA1 | afe44fd9a877f81a3c36f571c0fc934324c6cbd7 |
| SHA256 | 192bc707852c5986f930528442d88a79e5bcf4513aacc2b722a3c5e964501838 |
| SHA512 | 6c2920e80e4d5059588a32f75bc2b5dcc19f8d68224c0935d74f9fbf49476ca5b1ce43c279768f3d36871dfcec39f36db3fcad559c2f93cc540154cdbb04dec2 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\cb=gapi[1].js
| MD5 | 4d1bd282f5a3799d4e2880cf69af9269 |
| SHA1 | 2ede61be138a7beaa7d6214aa278479dce258adb |
| SHA256 | 5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693 |
| SHA512 | 615556b06959aae4229b228cd023f15526256311b5e06dc3c1b122dcbe1ff2f01863e09f5b86f600bcee885f180b5148e7813fde76d877b3e4a114a73169c349 |
C:\Users\Admin\AppData\Local\Temp\Tar292E.tmp
| MD5 | 435a9ac180383f9fa094131b173a2f7b |
| SHA1 | 76944ea657a9db94f9a4bef38f88c46ed4166983 |
| SHA256 | 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34 |
| SHA512 | 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b0a6d8fe5af1b3b22b13ea2ac5a5b693 |
| SHA1 | 4630324127662bf1119c2c4d27cab4a84ae658d6 |
| SHA256 | 43e2f2523ce0662b9e8e1b8887c6b570b9b8c4f772a5deb12fced13cb1ad7579 |
| SHA512 | fdec4e79d3a835e3b2866fe722ba93f8a650784ac36920f45ef4f86fe4ad4f369f8b802bf79d79026a8be5e304015126ce80501a29d0a40b8c604f7259c47783 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | da7783d5b7423515ab92313939b924f9 |
| SHA1 | 21c61ac9bf575f7d598a617e79d9692308721ef4 |
| SHA256 | da80ca2f9cc2717c9b71890c981dca06060fa50dc967d8c7ea444900e52b8031 |
| SHA512 | b48417c004a8eb65dcba12846f1a314ecb2500ab1500d38cedbd96373cc3eb0e27b2e66e76609650fab98e20c3f08fa3738d591bfd3aa70c171f661303072ef0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c88177dfd3ed2276d8754f9e03c650d6 |
| SHA1 | 2c2082199f4d801d552085fe530b913eba8bfc72 |
| SHA256 | 16a9f62c92079c662bffcffd883156715822691e3598839b2d00fdf06e708f9a |
| SHA512 | 43684f28957b17a19da157dc5f7e7a220d21fd813245b7ae1db26887793096b907ed09e6b307819b4e15706340e48d1b26265af823f6f8bed7453a8c0d472565 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c9e54ced423358c49af64a13d7c5312d |
| SHA1 | 75119cfe82294391b54cee9aa8f3a605e680e9d8 |
| SHA256 | b493b1f55d5582a448c90fe251fdc1a37cf5e0cd31775249f7d8310875e01b7f |
| SHA512 | d6a36b1e217ce549928506f86d42b8f4674614a5b4e68dbd93d4631956eee3cc52fd2159850aa7122c7c0bffc603f0dfec2f32fb5eda24a7f7dacf14bac20575 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 431a7e23fc3900324d8830e16a61de2c |
| SHA1 | 14ed41e625cd0bcac043eb6cb24ef51dbcd0e745 |
| SHA256 | 6a0bf5c591000b387cece63decdacfccca15b913e5b7d851a1fadf5b146a0cce |
| SHA512 | d94b9a983176be2795c7cf7a00d746a9d3511222cee237a750862313ccc92e459be5591f692c6e9f4a89da74c27f215596d23e7d1655c4854786c6a141b0d139 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0fe87469f6f1d967370cfd304875cc2f |
| SHA1 | b5544f7740f744748d82c0ee6d053cb848c1e426 |
| SHA256 | 87677d22ac81c6830f55ac7723f23a5300389bf120e5986756353101bbc41a49 |
| SHA512 | bd109ee0fe9e376f51c8c28756e0a192be3d566c324283414ab02eb8d9a64df25a014dc2a83fe0007b3a2e34878bd2f8f174b02ec79c7039556449e61f7df1af |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4f164f1931fa0e72bf379fd81bd94780 |
| SHA1 | 13fdbe61effc7248489f005188e5437861d01a78 |
| SHA256 | 47f8615945ff2c4330b1d0afdb448886a8e7e9461d77c81699e95e71570b4d92 |
| SHA512 | 44330b54328853dd3dca94137bded90da900618bd719ee328f6e1e41ccdb6d13d6feb886bd552efb62719ec6614baeec8d71cc4d1d311b777d215596cca1dd50 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d32932cae1d5aa7ac9ae8fef67a989e0 |
| SHA1 | 843ec3c77e4944e840898a6de1c0a619864bf8f1 |
| SHA256 | 4894e0fa69a44f4947d771712da5bd2a872538c779ffb40928da5696bb525ce8 |
| SHA512 | 0e956a3dcaab8978637d5324d6bc9ece6902fe073719c5e85e9d8d6f240e2bff22e51ad6fa69203fd62c2b512d345e24efceccf9183857e610afb3e44a27fd2e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8417327d585af6beaca6f9d4bf1eaeb2 |
| SHA1 | 7599309f5652230d587e1ecae1c8857d8cb6d236 |
| SHA256 | 3ace7d65e3d3d315c76c7b5553d2f1d402ea62c34e4eb8f1b2bf616e72bc0ce9 |
| SHA512 | 7d9a62d6b01da926038e9a1398210d94154e2b7a0acc8aca3a8addca230e1b007428e04b8f01bc6bccf6d843767d3d90c85f7d82ce5160e6dfc1bb45c3a3e782 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 534537c8d1703b7ee3344b30a41dfe7c |
| SHA1 | b8de5b256426fe1ea61ffcf235519e4484195fcc |
| SHA256 | 48afd6ee09d5b8428669fb23646dae12f1ac7512d35c5d31760f46d458eee8cc |
| SHA512 | 61017f4f04f3d103adbb6613cae6ddd93c3f9352d57fe8a7f17646d90e8ee44dd3ac58ab0b9c5c3bb31f062a044b56b5edae76d9ef67933e446a10a5abedeb9a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3018d9d74fc3ad9103859e603bc6263b |
| SHA1 | e8723a82ce73a2a7d00a1b2ebc3dd6b29c4d3652 |
| SHA256 | 119058703c149b94b183e1f944d503639a3c616703614e78a62732f039786b7e |
| SHA512 | ebf94a9becca45cb734eae134835d66a2a93d29aa908b4feb9dd63e41457f609c3adac6d7e1931df858baaf09e409781fce7d4a3379be717c5b943fdf8b4a382 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1dc4da06c60ee411a39dd2170a776f9c |
| SHA1 | 7ab4279e74b6ae39edd82a2f64555394a659af4d |
| SHA256 | 859e1ce1a9fa9e061d8dd7dd340ac49da41b5e81d689ea5f897eee0c76a36bd8 |
| SHA512 | 78f471d162201d5c3c719fc2f56477b408b9d4da4c442d0997aa8f28b185ba3c960395090765bbb16ce6e449d5b7ea1a7e94cffb7c744597e86f6f8598bd7230 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | de96c3f7dc6b698b84bc215edbce6f00 |
| SHA1 | 4429329616fb00fde34a503bb8a0046cc1400567 |
| SHA256 | 08f0b0a305bef61f0a550ed8d91b0e721fd8fdff0b44ecbc76335fb65f65152c |
| SHA512 | db49cd33508cdec33b8d01255122c2ef35df307dfd195815d475d4dc4fc3ab77333c07388aa42209e90dd61f8ca5100a0ecfeceb7c88e980a0d550de34317c57 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8dcf1114a370af3a664857d5d0f1bca6 |
| SHA1 | d29c0af932634a18e50f307ebb2c1f77b6aca359 |
| SHA256 | e327f341db50c006b30d7b9799dc3fddcb81ed807db44528a5c9cf84008df177 |
| SHA512 | ef3f5eca3679aa26b4508d63df71ef6ad80e9278a5549fe4189a7d29cd61d1ab236336e6a8a73f1a75b2bcc90fff5626999cb663b5853d6a6f569f092b204fa0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | be4c1fe10a1af31682e8136d5652b942 |
| SHA1 | e2d432a0f2a8e1cfb390e8426c6109381aaf43c7 |
| SHA256 | 8038f0d9cbd0b848a5369dbc2029011c28dad6f9515f4156f675f2472973af22 |
| SHA512 | 012fcf8d995e26f900af6d13333fabb797dbb82e8b58de842ec871f931c82e6de4d7e33d6021f5a7cc9a1e07c213e81c454be7ddb324d217b554e66ef06d4042 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bc50956fcc959a780018ceaf34be7395 |
| SHA1 | 837eab42277f2e2337329d0d8ef2df38f51a6360 |
| SHA256 | 0df6a59ab4833b4dce8018b0b9f8f35a839199b917a29359be1f3d24cead1efd |
| SHA512 | 856fd5d33deb5a8762ee2fb84ae498cf60ee0d5cc9cb829adaddf696a021c6ff7b1892d230cc84454461d95758e07facaac256ad9ebfc4506259f23460480597 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b1907faf38da4677c364b25111548ffb |
| SHA1 | 3205e0f7dce6f1661ad847e955eb139ba5e42464 |
| SHA256 | aa79c3308d630a03a0df84118095a56ea087bef1a128c2ff4153a9a8dd05314b |
| SHA512 | c2e8d71ee3511c7b3c533dcfcdbe8b3c926c4e0e79bf19bb8f9206bbb62c665d2c163d6c3ed1e174e6d83c92de844e1dafbbbf067297b047ea64187246196c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 99636d33cf7cfb38b1c0414d4b59cb70 |
| SHA1 | 246c3cb0f5810fe7a23a0d2f20c2b346c81d1819 |
| SHA256 | cc8ccdec8c206cb6fd8625b60ea0cd68b5276f31cc1bae469f71fb21688cf57d |
| SHA512 | 91bfde49ab35a874a544f097e982fbe93e1542cae2d725aafa508e62792bdb5b137a1017d901c1de229778090de690b7b0e6822d57f0e29ecef0dd84438fc00b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | edf9c7ca775b53585d639d6b68af94da |
| SHA1 | bf47a49835af53ee4c8de0dbddea89e8d7444b5c |
| SHA256 | 5d4045a94dbe0336d80bab7a13879cc548665e9e819529f32a31a64b67a6047b |
| SHA512 | c0efda78406742d29720e30f07d74d9c57a6b09701513f1352c2d27a7a48c6bb9dbaead5dc24b1c0c61234dc39b49ce6d6a3504546569de0bb9423ea4e0cfd48 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 260e227ba32100048066dae0a7379fe8 |
| SHA1 | d20a318d0f4ee7fded15dc583c89a8ac54861281 |
| SHA256 | 6518698acbbcc0a98839a7f87c6880d91b597074b3029538c54b149d27031148 |
| SHA512 | b19d354b639e63373e5242629690473b9e666fe673eefc14f904b15c6b0b570ffde909cb56d18943bd41d4a2879c4f8642904512e8adb9be037e7bd47ae135d8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a2b7d17deaa282b332e647e4795362c0 |
| SHA1 | eeb1be23508390e7272ee101c2f63bf92abae1ba |
| SHA256 | 452d9d275a9d4619110c2f8a023e599483dc6a467569e0edb73799c31a8c5fa0 |
| SHA512 | 74e191a126fb7ce808ac9e4d97d39283413a77e1324bbba12927eb4a69989d3d350e779a4408c916697c3fff5b961d97c2dae5a7e7dd137c2fb339807f49a0e3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 94f528844d9369284f3da1fe3b957e75 |
| SHA1 | 1488397754e1f77336d4e59d4db2c1e094e42285 |
| SHA256 | c5adbcf1e6097833edf99022607cd837bcc122ea6c8b9878c792d3f2a9214841 |
| SHA512 | f198eac396f60f2e1db923499e0c87b77b4987d53c9844791a0843b703af038113a07134bded3a4f66e32021daf09a17bc5f69e9ab075b6f39ad2e2f6a530aaf |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-26 03:16
Reported
2024-05-26 03:19
Platform
win10v2004-20240226-en
Max time kernel
140s
Max time network
150s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\742b38f79b52d89a96f674afe13ab059_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=5256 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4940 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4604 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5608 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5832 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=5436 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=5548 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6176 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=5756 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4372 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6792 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| GB | 104.91.71.140:443 | bzib.nelreports.net | tcp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| GB | 142.250.200.10:80 | ajax.googleapis.com | tcp |
| GB | 142.250.200.10:80 | ajax.googleapis.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| BE | 23.55.97.181:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | aquitatodo.com | udp |
| US | 8.8.8.8:53 | aquitatodo.com | udp |
| US | 8.8.8.8:53 | aquitatodo.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | aquitatodo.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | aquitatodo.com | udp |
| US | 8.8.8.8:53 | aquitatodo.com | udp |
| US | 8.8.8.8:53 | aquitatodo.com | udp |
| US | 8.8.8.8:53 | aquitatodo.com | udp |
| US | 8.8.8.8:53 | aquitatodo.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| GB | 142.250.180.1:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.169.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| GB | 163.70.151.35:445 | www.facebook.com | tcp |
| GB | 163.70.151.21:445 | connect.facebook.net | tcp |
| US | 104.22.75.171:443 | widgets.amung.us | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.dtscout.com | udp |
| US | 8.8.8.8:53 | t.dtscout.com | udp |
| DE | 141.101.120.10:443 | t.dtscout.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.151.21:139 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 10.120.101.141.in-addr.arpa | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.189.173.22:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 22.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 216.58.213.10:443 | chromewebstore.googleapis.com | tcp |
| GB | 142.250.200.34:445 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| GB | 172.217.169.2:139 | pagead2.googlesyndication.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | whos.amung.us | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 172.67.8.141:445 | whos.amung.us | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 104.22.74.171:445 | whos.amung.us | tcp |
| US | 104.22.75.171:445 | whos.amung.us | tcp |
| US | 8.8.8.8:53 | whos.amung.us | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ehqueunoehlindoo7.blogspot.com.es | udp |
| US | 8.8.8.8:53 | ehqueunoehlindoo7.blogspot.com.es | udp |
| GB | 142.250.200.1:80 | ehqueunoehlindoo7.blogspot.com.es | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ehqueunoehlindoo7.blogspot.com | udp |
| US | 8.8.8.8:53 | ehqueunoehlindoo7.blogspot.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.1:80 | ehqueunoehlindoo7.blogspot.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.201.50.20.in-addr.arpa | udp |