Malware Analysis Report

2025-08-10 21:52

Sample ID 240526-dst9ysdf64
Target 742b38f79b52d89a96f674afe13ab059_JaffaCakes118
SHA256 13afbc07610360f1f69f2fb25c17b6ee90ca6e478ef383c323487792272b26b8
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

13afbc07610360f1f69f2fb25c17b6ee90ca6e478ef383c323487792272b26b8

Threat Level: No (potentially) malicious behavior was detected

The file 742b38f79b52d89a96f674afe13ab059_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-26 03:16

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-26 03:16

Reported

2024-05-26 03:19

Platform

win7-20240221-en

Max time kernel

141s

Max time network

142s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\742b38f79b52d89a96f674afe13ab059_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "18" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e7f6fa69ea8a2c46983f0b8039276f9c000000000200000000001066000000010000200000004a57d827d90be88629fc8ff84def10d2dac24958a4713b37866de34d09b777c3000000000e8000000002000020000000c12bc42404eddf7bb10949782789e318412844689ea74fc81ed9d2df830447cb20000000913f1b49bbc651632099971d503fdba5f6e500bb13b4efbf2e9d22df5552f568400000009010d6fd5a7a184b89005ddaffd7b137f9d83ac7695e64da842c1fd861699c62245d1d39dda83af7a6b42ebb34f3ce5aad1475cde70c244426bcb6ddeda03005 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "18" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0820c391bafda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{6117AB81-1B0E-11EF-B826-EA483E0BCDAF} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422855272" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com\ = "18" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e7f6fa69ea8a2c46983f0b8039276f9c00000000020000000000106600000001000020000000e0c97c9bf81e21063fadf3c09097a5f8c297098c6feb41c1a5886d64c5bfc5b4000000000e8000000002000020000000a9366132a7124f45ace0bbf0ae7deb99cbbf2f00ca1911a00e110e0fba1ae6d3900000000f2248a61abc15418277714b68b92ad0a91ca53cd11fbb78ffc92cd77935fb4051b45659310913ad2825b775a487e390237121df510cb3cf4f79429e32c67838a2d13834b1be62e2e4249a567d1c89b479df1b28442ef87b891ae7e5320451b4ce68a8441e213f859d54255fdf033cc6baba47d7afa27ef5092a1ff5556681f8517a0ed3215bd318cabea0ff082e1b1c4000000020e6d8ecd8928110b9d1f5728b5c0363ee2197af11fc50e9eea80d3dfbb623b452dae06953c594339211c2fe90b2c5cea0ab35ac4480b0b00a4c90bcdb9c9ae6 C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\742b38f79b52d89a96f674afe13ab059_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2956 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 yourjavascript.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 resources.blogblog.com udp
GB 172.217.169.2:80 pagead2.googlesyndication.com tcp
GB 172.217.169.2:80 pagead2.googlesyndication.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 13.248.169.48:80 yourjavascript.com tcp
GB 142.250.200.10:80 ajax.googleapis.com tcp
GB 142.250.200.10:80 ajax.googleapis.com tcp
US 13.248.169.48:80 yourjavascript.com tcp
US 8.8.8.8:53 aquitatodo.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 widgets.amung.us udp
GB 163.70.151.35:80 www.facebook.com tcp
GB 163.70.151.35:80 www.facebook.com tcp
US 104.22.75.171:80 widgets.amung.us tcp
US 104.22.75.171:80 widgets.amung.us tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 aquitatodo.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 fe0.google.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 9de1ca6a9df6f18bed9b9b16edd7157e
SHA1 c21796e3d593931bdabcc0b0a41525ba7df75ee8
SHA256 bc665ab9573d6eba464f2b4c84d2c8178f285183ac77b0fa32ce9de6c7a577c0
SHA512 50709cacbf181826cd8373f4b553bba6fe1e29b7a81f722d2c0f7da321421cac8927903c9f86ac069b5a3a34ffc9f90c8f0dd13a9460a343e287698f43b3be26

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 dd3850d9ce5a33ba453ba4d1dfb4ba51
SHA1 df05b044dd14e7d009aad0398686bbfd6fff1491
SHA256 e9e041a83d7f3dbd6adfeda50b7ff9d3fd1abfcfb4fc5906d481c33db7072b85
SHA512 ec27ccc61d0133a76a612d5ddde2c6193f96302e17f66a75da8e1ad18ee871fe6b307e535317726449dc724331d4f48376d03201ad8d9dc2985aa0420d45b8e4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_02C4C6ED250727F9B08935C0A9565568

MD5 bbd8a22bce8e235ff71c32a1c69268bb
SHA1 bf9d0b7346510ab10023a7432e1462dd8a314668
SHA256 1cb9f8b414abb33992f9db36b33cc6de31155449b134b719c1ebd38a90f3aee3
SHA512 31fd88f0a24bdc81ba3cd2a4a1ca61064bce259009f1ca10261adfb8ffa6ecb2c9776a136caff03670a4f8a3a6d87cb91e4f2409ca57be1a8deef80855f0e688

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\jquery.min[1].js

MD5 e85aed5c30d734f1e30646e030d7a817
SHA1 b8dcaa1c866905c0bdb0b70c8e564ff1c3fe27ad
SHA256 8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
SHA512 a5b7c4911b530b4b550838f50ceda9d9382d86aad7cb4ff13c897c269bc7ff350ccf01487534882f294749bc19f3398f0b338e1d8b03af3dba1ef382168ecc9e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\f[1].txt

MD5 d8daa39564bacab698d7c3235c656522
SHA1 8b134c2b099f0661c9db0c699a4cfa38c54e9b07
SHA256 7631f893c05a2ce0a20f10ca2e658cf2c2c39af037f4659236d445e6607bbadd
SHA512 29b02d5bf6acdea08cfa3ffb4c215344d7908f0251df494ff4c0fd72d877f3edd07d140c115541bbaaffb0df9c59df3c2670d01e177886405f88e259b3b549dc

C:\Users\Admin\AppData\Local\Temp\Cab281C.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\Tar282E.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c7051f69beefc05cc54a46d434ff2885
SHA1 9afbad049e5a948a49b947b20992c0ad7dcedd92
SHA256 08a8bd2288aff907054a6ca004f566b7d2c729d2f4dd55d9d7170fbcd8221993
SHA512 00f78af8e34db992b0da282425d4c5c71905ae58d9b28631ae44f6e7e8fcef809b6a9eacda9b8c24d60687136659221f5296145e2b4c5a9fe2c6857de65c0b25

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\platform_gapi.iframes.style.common[1].js

MD5 7ef4bc18139bcdbdd14c5b58b0955a67
SHA1 afe44fd9a877f81a3c36f571c0fc934324c6cbd7
SHA256 192bc707852c5986f930528442d88a79e5bcf4513aacc2b722a3c5e964501838
SHA512 6c2920e80e4d5059588a32f75bc2b5dcc19f8d68224c0935d74f9fbf49476ca5b1ce43c279768f3d36871dfcec39f36db3fcad559c2f93cc540154cdbb04dec2

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\cb=gapi[1].js

MD5 4d1bd282f5a3799d4e2880cf69af9269
SHA1 2ede61be138a7beaa7d6214aa278479dce258adb
SHA256 5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693
SHA512 615556b06959aae4229b228cd023f15526256311b5e06dc3c1b122dcbe1ff2f01863e09f5b86f600bcee885f180b5148e7813fde76d877b3e4a114a73169c349

C:\Users\Admin\AppData\Local\Temp\Tar292E.tmp

MD5 435a9ac180383f9fa094131b173a2f7b
SHA1 76944ea657a9db94f9a4bef38f88c46ed4166983
SHA256 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34
SHA512 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 29f65ba8e88c063813cc50a4ea544e93
SHA1 05a7040d5c127e68c25d81cc51271ffb8bef3568
SHA256 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184
SHA512 e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b0a6d8fe5af1b3b22b13ea2ac5a5b693
SHA1 4630324127662bf1119c2c4d27cab4a84ae658d6
SHA256 43e2f2523ce0662b9e8e1b8887c6b570b9b8c4f772a5deb12fced13cb1ad7579
SHA512 fdec4e79d3a835e3b2866fe722ba93f8a650784ac36920f45ef4f86fe4ad4f369f8b802bf79d79026a8be5e304015126ce80501a29d0a40b8c604f7259c47783

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 da7783d5b7423515ab92313939b924f9
SHA1 21c61ac9bf575f7d598a617e79d9692308721ef4
SHA256 da80ca2f9cc2717c9b71890c981dca06060fa50dc967d8c7ea444900e52b8031
SHA512 b48417c004a8eb65dcba12846f1a314ecb2500ab1500d38cedbd96373cc3eb0e27b2e66e76609650fab98e20c3f08fa3738d591bfd3aa70c171f661303072ef0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c88177dfd3ed2276d8754f9e03c650d6
SHA1 2c2082199f4d801d552085fe530b913eba8bfc72
SHA256 16a9f62c92079c662bffcffd883156715822691e3598839b2d00fdf06e708f9a
SHA512 43684f28957b17a19da157dc5f7e7a220d21fd813245b7ae1db26887793096b907ed09e6b307819b4e15706340e48d1b26265af823f6f8bed7453a8c0d472565

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c9e54ced423358c49af64a13d7c5312d
SHA1 75119cfe82294391b54cee9aa8f3a605e680e9d8
SHA256 b493b1f55d5582a448c90fe251fdc1a37cf5e0cd31775249f7d8310875e01b7f
SHA512 d6a36b1e217ce549928506f86d42b8f4674614a5b4e68dbd93d4631956eee3cc52fd2159850aa7122c7c0bffc603f0dfec2f32fb5eda24a7f7dacf14bac20575

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 431a7e23fc3900324d8830e16a61de2c
SHA1 14ed41e625cd0bcac043eb6cb24ef51dbcd0e745
SHA256 6a0bf5c591000b387cece63decdacfccca15b913e5b7d851a1fadf5b146a0cce
SHA512 d94b9a983176be2795c7cf7a00d746a9d3511222cee237a750862313ccc92e459be5591f692c6e9f4a89da74c27f215596d23e7d1655c4854786c6a141b0d139

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0fe87469f6f1d967370cfd304875cc2f
SHA1 b5544f7740f744748d82c0ee6d053cb848c1e426
SHA256 87677d22ac81c6830f55ac7723f23a5300389bf120e5986756353101bbc41a49
SHA512 bd109ee0fe9e376f51c8c28756e0a192be3d566c324283414ab02eb8d9a64df25a014dc2a83fe0007b3a2e34878bd2f8f174b02ec79c7039556449e61f7df1af

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4f164f1931fa0e72bf379fd81bd94780
SHA1 13fdbe61effc7248489f005188e5437861d01a78
SHA256 47f8615945ff2c4330b1d0afdb448886a8e7e9461d77c81699e95e71570b4d92
SHA512 44330b54328853dd3dca94137bded90da900618bd719ee328f6e1e41ccdb6d13d6feb886bd552efb62719ec6614baeec8d71cc4d1d311b777d215596cca1dd50

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d32932cae1d5aa7ac9ae8fef67a989e0
SHA1 843ec3c77e4944e840898a6de1c0a619864bf8f1
SHA256 4894e0fa69a44f4947d771712da5bd2a872538c779ffb40928da5696bb525ce8
SHA512 0e956a3dcaab8978637d5324d6bc9ece6902fe073719c5e85e9d8d6f240e2bff22e51ad6fa69203fd62c2b512d345e24efceccf9183857e610afb3e44a27fd2e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8417327d585af6beaca6f9d4bf1eaeb2
SHA1 7599309f5652230d587e1ecae1c8857d8cb6d236
SHA256 3ace7d65e3d3d315c76c7b5553d2f1d402ea62c34e4eb8f1b2bf616e72bc0ce9
SHA512 7d9a62d6b01da926038e9a1398210d94154e2b7a0acc8aca3a8addca230e1b007428e04b8f01bc6bccf6d843767d3d90c85f7d82ce5160e6dfc1bb45c3a3e782

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 534537c8d1703b7ee3344b30a41dfe7c
SHA1 b8de5b256426fe1ea61ffcf235519e4484195fcc
SHA256 48afd6ee09d5b8428669fb23646dae12f1ac7512d35c5d31760f46d458eee8cc
SHA512 61017f4f04f3d103adbb6613cae6ddd93c3f9352d57fe8a7f17646d90e8ee44dd3ac58ab0b9c5c3bb31f062a044b56b5edae76d9ef67933e446a10a5abedeb9a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3018d9d74fc3ad9103859e603bc6263b
SHA1 e8723a82ce73a2a7d00a1b2ebc3dd6b29c4d3652
SHA256 119058703c149b94b183e1f944d503639a3c616703614e78a62732f039786b7e
SHA512 ebf94a9becca45cb734eae134835d66a2a93d29aa908b4feb9dd63e41457f609c3adac6d7e1931df858baaf09e409781fce7d4a3379be717c5b943fdf8b4a382

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1dc4da06c60ee411a39dd2170a776f9c
SHA1 7ab4279e74b6ae39edd82a2f64555394a659af4d
SHA256 859e1ce1a9fa9e061d8dd7dd340ac49da41b5e81d689ea5f897eee0c76a36bd8
SHA512 78f471d162201d5c3c719fc2f56477b408b9d4da4c442d0997aa8f28b185ba3c960395090765bbb16ce6e449d5b7ea1a7e94cffb7c744597e86f6f8598bd7230

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 de96c3f7dc6b698b84bc215edbce6f00
SHA1 4429329616fb00fde34a503bb8a0046cc1400567
SHA256 08f0b0a305bef61f0a550ed8d91b0e721fd8fdff0b44ecbc76335fb65f65152c
SHA512 db49cd33508cdec33b8d01255122c2ef35df307dfd195815d475d4dc4fc3ab77333c07388aa42209e90dd61f8ca5100a0ecfeceb7c88e980a0d550de34317c57

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8dcf1114a370af3a664857d5d0f1bca6
SHA1 d29c0af932634a18e50f307ebb2c1f77b6aca359
SHA256 e327f341db50c006b30d7b9799dc3fddcb81ed807db44528a5c9cf84008df177
SHA512 ef3f5eca3679aa26b4508d63df71ef6ad80e9278a5549fe4189a7d29cd61d1ab236336e6a8a73f1a75b2bcc90fff5626999cb663b5853d6a6f569f092b204fa0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 be4c1fe10a1af31682e8136d5652b942
SHA1 e2d432a0f2a8e1cfb390e8426c6109381aaf43c7
SHA256 8038f0d9cbd0b848a5369dbc2029011c28dad6f9515f4156f675f2472973af22
SHA512 012fcf8d995e26f900af6d13333fabb797dbb82e8b58de842ec871f931c82e6de4d7e33d6021f5a7cc9a1e07c213e81c454be7ddb324d217b554e66ef06d4042

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bc50956fcc959a780018ceaf34be7395
SHA1 837eab42277f2e2337329d0d8ef2df38f51a6360
SHA256 0df6a59ab4833b4dce8018b0b9f8f35a839199b917a29359be1f3d24cead1efd
SHA512 856fd5d33deb5a8762ee2fb84ae498cf60ee0d5cc9cb829adaddf696a021c6ff7b1892d230cc84454461d95758e07facaac256ad9ebfc4506259f23460480597

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b1907faf38da4677c364b25111548ffb
SHA1 3205e0f7dce6f1661ad847e955eb139ba5e42464
SHA256 aa79c3308d630a03a0df84118095a56ea087bef1a128c2ff4153a9a8dd05314b
SHA512 c2e8d71ee3511c7b3c533dcfcdbe8b3c926c4e0e79bf19bb8f9206bbb62c665d2c163d6c3ed1e174e6d83c92de844e1dafbbbf067297b047ea64187246196c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 99636d33cf7cfb38b1c0414d4b59cb70
SHA1 246c3cb0f5810fe7a23a0d2f20c2b346c81d1819
SHA256 cc8ccdec8c206cb6fd8625b60ea0cd68b5276f31cc1bae469f71fb21688cf57d
SHA512 91bfde49ab35a874a544f097e982fbe93e1542cae2d725aafa508e62792bdb5b137a1017d901c1de229778090de690b7b0e6822d57f0e29ecef0dd84438fc00b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 edf9c7ca775b53585d639d6b68af94da
SHA1 bf47a49835af53ee4c8de0dbddea89e8d7444b5c
SHA256 5d4045a94dbe0336d80bab7a13879cc548665e9e819529f32a31a64b67a6047b
SHA512 c0efda78406742d29720e30f07d74d9c57a6b09701513f1352c2d27a7a48c6bb9dbaead5dc24b1c0c61234dc39b49ce6d6a3504546569de0bb9423ea4e0cfd48

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 260e227ba32100048066dae0a7379fe8
SHA1 d20a318d0f4ee7fded15dc583c89a8ac54861281
SHA256 6518698acbbcc0a98839a7f87c6880d91b597074b3029538c54b149d27031148
SHA512 b19d354b639e63373e5242629690473b9e666fe673eefc14f904b15c6b0b570ffde909cb56d18943bd41d4a2879c4f8642904512e8adb9be037e7bd47ae135d8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a2b7d17deaa282b332e647e4795362c0
SHA1 eeb1be23508390e7272ee101c2f63bf92abae1ba
SHA256 452d9d275a9d4619110c2f8a023e599483dc6a467569e0edb73799c31a8c5fa0
SHA512 74e191a126fb7ce808ac9e4d97d39283413a77e1324bbba12927eb4a69989d3d350e779a4408c916697c3fff5b961d97c2dae5a7e7dd137c2fb339807f49a0e3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 94f528844d9369284f3da1fe3b957e75
SHA1 1488397754e1f77336d4e59d4db2c1e094e42285
SHA256 c5adbcf1e6097833edf99022607cd837bcc122ea6c8b9878c792d3f2a9214841
SHA512 f198eac396f60f2e1db923499e0c87b77b4987d53c9844791a0843b703af038113a07134bded3a4f66e32021daf09a17bc5f69e9ab075b6f39ad2e2f6a530aaf

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-26 03:16

Reported

2024-05-26 03:19

Platform

win10v2004-20240226-en

Max time kernel

140s

Max time network

150s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\742b38f79b52d89a96f674afe13ab059_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\742b38f79b52d89a96f674afe13ab059_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=5256 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4940 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4604 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5608 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5832 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=5436 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=5548 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6176 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=5756 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4372 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6792 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 13.107.6.158:443 business.bing.com tcp
GB 172.165.61.93:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 yourjavascript.com udp
US 8.8.8.8:53 yourjavascript.com udp
GB 104.91.71.140:443 bzib.nelreports.net tcp
US 13.248.169.48:80 yourjavascript.com tcp
GB 142.250.200.10:80 ajax.googleapis.com tcp
GB 142.250.200.10:80 ajax.googleapis.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 172.165.61.93:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 172.165.61.93:443 nav-edge.smartscreen.microsoft.com tcp
BE 23.55.97.181:443 www.microsoft.com tcp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 aquitatodo.com udp
US 8.8.8.8:53 aquitatodo.com udp
US 8.8.8.8:53 aquitatodo.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.178.9:443 www.blogger.com udp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
US 8.8.8.8:53 aquitatodo.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 aquitatodo.com udp
US 8.8.8.8:53 aquitatodo.com udp
US 8.8.8.8:53 aquitatodo.com udp
US 8.8.8.8:53 aquitatodo.com udp
US 8.8.8.8:53 aquitatodo.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 widgets.amung.us udp
US 8.8.8.8:53 widgets.amung.us udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 widgets.amung.us udp
US 8.8.8.8:53 widgets.amung.us udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 9.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 140.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 93.61.165.172.in-addr.arpa udp
US 8.8.8.8:53 48.169.248.13.in-addr.arpa udp
US 8.8.8.8:53 181.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
GB 163.70.151.35:445 www.facebook.com tcp
GB 163.70.151.21:445 connect.facebook.net tcp
US 104.22.75.171:443 widgets.amung.us udp
GB 142.250.200.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 171.75.22.104.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 t.dtscout.com udp
US 8.8.8.8:53 t.dtscout.com udp
DE 141.101.120.10:443 t.dtscout.com tcp
US 8.8.8.8:53 connect.facebook.net udp
GB 163.70.151.21:139 connect.facebook.net tcp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 10.120.101.141.in-addr.arpa udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 91.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 67.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.189.173.22:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 22.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 216.58.213.10:443 chromewebstore.googleapis.com tcp
GB 142.250.200.34:445 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
GB 172.217.169.2:139 pagead2.googlesyndication.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 whos.amung.us udp
NL 23.62.61.194:443 www.bing.com tcp
US 172.67.8.141:445 whos.amung.us tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 104.22.74.171:445 whos.amung.us tcp
US 104.22.75.171:445 whos.amung.us tcp
US 8.8.8.8:53 whos.amung.us udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 ehqueunoehlindoo7.blogspot.com.es udp
US 8.8.8.8:53 ehqueunoehlindoo7.blogspot.com.es udp
GB 142.250.200.1:80 ehqueunoehlindoo7.blogspot.com.es tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 ehqueunoehlindoo7.blogspot.com udp
US 8.8.8.8:53 ehqueunoehlindoo7.blogspot.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 142.250.200.1:80 ehqueunoehlindoo7.blogspot.com tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 1.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 205.201.50.20.in-addr.arpa udp

Files

N/A