Analysis Overview
SHA256
b563b390391f9b98a77f8496dbddd6bacca557d449774282a3b6b079f4fa632f
Threat Level: No (potentially) malicious behavior was detected
The file 7e48667be09b085b2b65d8b6248a1ca9_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-28 20:24
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-28 20:24
Reported
2024-05-28 20:27
Platform
win7-20240221-en
Max time kernel
120s
Max time network
134s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 104209203db1da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{47D20A71-1D30-11EF-A1FB-E299A69EE862} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423089735" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000fe61a28b53d4e44bb48ee78193eb0905000000000200000000001066000000010000200000002ca47928abde8c1a5d0047fbbe6c54bf538575a2ca876062f9213070d345f8c7000000000e800000000200002000000028210a46dde2e84c1cf05b02b6d631acbd9c3e9285b9ce7f22b77f9ed211cbc520000000afe8b9fb7c07d891b804fed2d48ced474215ac65f54f80452930f9444d4e9f844000000014f33118aa513d6967cca44586cb0786c15242b73b3b29b1ca0d424505278ec52078305d195b0dfe4e501b80e1ff710580e059fde758b47b97f631d2809edcaf | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000fe61a28b53d4e44bb48ee78193eb0905000000000200000000001066000000010000200000000cd230d3830dce17e7cb0d80e098142815f57962c2aa98f46a454eb011e45b70000000000e800000000200002000000045ee4f932d416f0e11186170ff8ac1b13ea8d2f4e3bc30f8344fbfab6f56266990000000c19531577e6b886406eac29e398046936a1f955617f1d626c8ad8e493b3d193547a8face5a6443917cca86f4e2b8f56a3a1edd844e5bcdcad485e7f3452bb4c0ff3bd108f7d2505fc6991822d92d7b154e2f3ba3975fdd7d329a488cbc2f949db5560c909f16dd85f89e09ebb89c0a5f6ed602d323decfbdcf9f350a3737f516ca25d62357a94953389d89874b962254400000000bd56391b053c1d41c88ab8fccae4f1adbb15f8ff4fd32585b8926eb1774f18f2456372696d9cd02dd2fcd08860739c87bd0d5bceb3d1d11c263016abb667ddf | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2492 wrote to memory of 2944 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2492 wrote to memory of 2944 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2492 wrote to memory of 2944 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2492 wrote to memory of 2944 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7e48667be09b085b2b65d8b6248a1ca9_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2492 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | consent.cmp.oath.com | udp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| US | 152.195.53.200:443 | consent.cmp.oath.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| US | 152.195.53.200:443 | consent.cmp.oath.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| US | 152.195.53.200:443 | consent.cmp.oath.com | tcp |
| US | 152.195.53.200:443 | consent.cmp.oath.com | tcp |
| US | 8.8.8.8:53 | mbp.yimg.com | udp |
| GB | 87.248.114.11:443 | mbp.yimg.com | tcp |
| GB | 87.248.114.11:443 | mbp.yimg.com | tcp |
| GB | 87.248.114.11:443 | mbp.yimg.com | tcp |
| GB | 87.248.114.11:443 | mbp.yimg.com | tcp |
| GB | 87.248.114.11:443 | mbp.yimg.com | tcp |
| GB | 87.248.114.11:443 | mbp.yimg.com | tcp |
| GB | 87.248.114.11:443 | mbp.yimg.com | tcp |
| GB | 87.248.114.11:443 | mbp.yimg.com | tcp |
| GB | 87.248.114.11:443 | mbp.yimg.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Tar7FED.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\Local\Temp\Cab7FDA.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\Local\Temp\Tar81A8.tmp
| MD5 | 435a9ac180383f9fa094131b173a2f7b |
| SHA1 | 76944ea657a9db94f9a4bef38f88c46ed4166983 |
| SHA256 | 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34 |
| SHA512 | 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7e2c5e01ece3e14f91cf4ad7303640b5 |
| SHA1 | 63da57ab4cb2a2309e57c3f937f2aa65d72a3d7c |
| SHA256 | 01b53dea1b6c3d50d4b7bfb93e756854021dffdc153f945eae0c8818cb0e919a |
| SHA512 | 033b72278f1bfa685c16ad376148382a3b55647b2ce2916d6aec6c2e6b0efca398260cd5f3687f8556c8931c4399eb7b7dfb53501c0b865951f6e66d46d74b26 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3be6ccff58c352cef144dd46141f3279 |
| SHA1 | 6d06adf20262ca6e33f804e5bee5847659202f59 |
| SHA256 | 5e68758571e6f07c8a21706ca1bb8840990e16ad6785781487a3027886ae6512 |
| SHA512 | bc9b800a3bfaf29ac229e654a893a53ce49fd442666beb1a0bd8258bafa3cd1459403fb0c72a4c5d7932eda1ace643b76af27ddb516de381eed3198a52ca61cc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a7e30c92980e6a2867d93cad3b364fe3 |
| SHA1 | 628fa6908a05509d1d58184e537d19dd6e61dbaf |
| SHA256 | ffd1bb1c94c03287235ae321463a5c0bc34095a64dc64ea2a60adad2d43e9018 |
| SHA512 | b234cc0210e0a6822e11ffdc5f05397d26d136ba85c76f4373689cbea7d10b9e2df26acc38c114d2254dbcdcbd6894d9be689b99e61d369e65342237734a160d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3d5d92116ae476d2a778697b9857a62f |
| SHA1 | 3dd69da99aeb8a7a45cd9be7f7b3cde6ce0a65bb |
| SHA256 | a3683a9b41007ebd8f0bbd523ac6b62e20d224ec9b56bf91682aea815a223396 |
| SHA512 | 54ad28d06ab20e25873290790347543cdffb30db69ee212d26143ca54a1c11442b4ffd47bc97da88367214edf01da9083c8d2c9d3461a9b3f3b87f3c695b0abf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 73caf95f2f1f2388d259297cf47df095 |
| SHA1 | 417af2044ab822f34160f9fe2c4b2f568b51dcda |
| SHA256 | 27d6561287bb4a49a0c924e7d5e964683d87eca1bf2e4312a0418b9695826eaa |
| SHA512 | ac10a3fb1e96d106a935f91265b82d206a5d054ad2ae285ef12fffdde2ef8fbd85f1276430933a4b5c9ee27f97c1df7cfde96acbdaa1ff8515649b90683cda4c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
| MD5 | dd0c4df02d57d37bb7c52466a7521df6 |
| SHA1 | 902951a5c5ae280309ccfd0d453aabd6ba23041a |
| SHA256 | e50113d6d2952e99cbfdb7e14e8fb671df55d5fbb4e9b26a27448e2daba8fe19 |
| SHA512 | 7d6772f0a21acaf86a2f1d3cc84524841436402db092c1f1bc4f778e5ae87aa4ffe247368537835b0cc2680b57007d6db53104cfa0a149acc9d85727d6c70dc6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
| MD5 | 4e900589d74f77b7c198e1b09467d5ac |
| SHA1 | 48ed84ab781a380585a509c44d2d4b794507857e |
| SHA256 | b539acdaffa494d77bbc602cd92a811055e69c6a36702df4ce45a27eb1cd02c5 |
| SHA512 | d683729e6d4a5c8b76941762b1bf40da4074fcc365c39635dd0408e05029d637edd553237a6631f4bc680d4bf515c44e807baa6c26261b085570700ffba2014b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
| MD5 | cee6d89d9d3799f7ba9e065a2a8ff6da |
| SHA1 | cfc48d59d286b9962964efe886feb2589f26da6d |
| SHA256 | e5c2c427ec1d0099a862939d1ed86c9cb84ca8f44ff5efe2820bf1adefd330f4 |
| SHA512 | 5d4aba970bcb2630345bb03cc436cac2f184997f4d2439472cc20126a4958756b171dc1d736859aaab96a916c795263b4b4f21a1dd280e68c59a8ecf17ce360a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8c1651b1cfef72795caac614accf6785 |
| SHA1 | 7ab8c53cf57807f38855e55655e21947603d6bb2 |
| SHA256 | 56eb25775576288038eb44afc9e4a241be220b883682f1bcf09176fcedfc134e |
| SHA512 | 11d92a69bf79a14c2f0f90276048f0b75a4bffdeaa635b16910eeac458f2714c146a978b835a3fd906673ca904212d56a0ae015eee5ce33423f51fd8736e50b3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bea02021d80bfe85d462935a7a804388 |
| SHA1 | 22f5ed18d95882467890f285ddb0482536b052e8 |
| SHA256 | c1cb31c93638e6a78aafdd3e8f402024be31a0a0a81cd50cd124e2184f4ace10 |
| SHA512 | 27a0395b9e4b1858020e39ea385ed873bef13673ac2d0016830116c55928b98110513ebffb1ca91c1b1f7d2d9f21a690c85b36e4735492e7a6e60861e83ece96 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 86a95dc72c48bf22196a18dabeaf8190 |
| SHA1 | 478a946bffb5906b7e137d74f8672b4e4c7afc55 |
| SHA256 | f0cfa5a7c2eb2f7a772d6f0ba34ec009d94a0cf41ea000b292af9aacd956dc50 |
| SHA512 | 6f7896c6d2530d2b9dbda140f0f4a0788f9ab124ff747ec2d225ee5d44f4f9d0316363f2fc0f89f823ba3bb59060d904044279c96b2e607420f7ebc8e5875215 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f21a2f77b765542a8ccec4b256361731 |
| SHA1 | d157211adf6c95fc031fe7a31ea7787b709407b6 |
| SHA256 | 48ed102a08a5b74849b8560128623d5c38e04f00b41380da4f9ac9c99b950b16 |
| SHA512 | 53d56f9fce6410d32f13a5eaadc4678cf334ed76b7d97de305fb1880f5522b38ceab6427f861194dde2ac0834c6e09c812e7202489f09fa2f7650340998bbbf4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 639ad51d3d61e26fcf96b8ef6b6ac383 |
| SHA1 | 86efe7eaa95a4c4a401897a2d6e65f85b7caa069 |
| SHA256 | 359d665dcdb25a9b11b08d41c501cb096e2d0470638763dd17c649f80303373e |
| SHA512 | e893188b78c29918e2e4c968f6a2766d43128d0b84844bbf73ff16223ab0b6843b22045c00580f94594348e1f3b9ec84a462719f44db245b4f40ef19c184230b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a01511a81c7cb9aa68b5c6d054dc88b7 |
| SHA1 | 1bdbfeeda3625ae2ad3c66b4a7199769579954d8 |
| SHA256 | db035d46ce872e6594d01fe3fac1e42a3f971cf24e5d949d709724cb8b6a84cf |
| SHA512 | 64654aca4807675392696c971ee1c84c1d6888a3eec25f042ae3946e20dec1517581245bffd29b945400326c2131e068491a80824b987034e7fffbb5b9f13853 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7766b368b94f8ade83cd732d7107aa27 |
| SHA1 | 3f066ad2dc6b341fd2ea69df698b1c3bf03ec411 |
| SHA256 | 1dbbe24a970c705b35703ea51db1a82e70046a172fac421537a748713c0a0a61 |
| SHA512 | a991e88f28b7aeb3034f07dbb6df1c6e41cd9211693c32f32ea287d5896cf63694e51f788aba27727d68f4cfb1ac118d5854a4fb6607f49035bc61028ee6315b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0e18039a037e68751dd3c5eade93d2e9 |
| SHA1 | de6c4935e5f3f62301c900f99f75c7745d46dd9c |
| SHA256 | 227c2e27f094f616c9c3c153d1576caed4bccadb2b931d07b175dae7bf959755 |
| SHA512 | 87a60a9a91e08a87d5594b34f983db37ee55558ded78c525bd27aae4df5f86acac4052df65f2da6e801fe243dd37153544b3d9a2e5950a8abb34c3a539151d9a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5ee997fa6df28122a4565021dabfa458 |
| SHA1 | 3b0d54bcb6cc5a98f84283d5c35494e33bd2e3e9 |
| SHA256 | b556fc8a77e3a18febd2de570038e6b81eaa9e8f02fabbd3bebbbcbef4ba02e9 |
| SHA512 | be5c202ef757598a3b67ae59242e18c3ca62c333604386942565e7d9ab5541a1f807ef42fcd17cac5d0512859e12b39072ec4a6a47335357e3b3fb975e62d914 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f4e6880eef2bc86452bd5ea569fc7837 |
| SHA1 | 1b1e93c41ba7294885627684d9013a774c10e405 |
| SHA256 | 4ee4cacea9687b9b561d16b5f48da2a9aeb453a4a4fe11d4dce906cba7426999 |
| SHA512 | 1a986fe9c48084cf8cd75fe76d603a1d08a3b55e216905799e07d03b420d33bdde0c17392b5185f150c00c87af082e3341152d26d55210e31761545ff8469aa2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 232c440ea2e50b2af12ad3de1b4009df |
| SHA1 | b3b4060dddb7ae4475233010d78f7a8519436027 |
| SHA256 | 3f35e1d775c0ca6f1e20a9457bd933f996f7fd38b3d52dbc43b577f7187c93cf |
| SHA512 | 0aef8acfccb2b1d4739fcc971ddfa7406d7a9905698d9f4b50dba257224336b58449ab020e28d336a88bde6f1680c94dcf68fb818b518ae716a39e016d6395c3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e4cddbef4ce42245d78cd59f9bad117b |
| SHA1 | 2d12df745d1325159cd2d2c34c60b45937aa4af5 |
| SHA256 | 406f3e89caee13b0cd5936ce2caa8cd1a9372626aa869816e132c68fddc7af30 |
| SHA512 | 66e6f591ed4b95ef291f3bd550e6ebd9d7a29b3abcdf9dd70016b3338305d6a8cd83799d2d04be3171fe1d549ffca3a5660a2cd91efa1e058b57ffa4178bb401 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3af646256f84fe66ea7055000e0873d9 |
| SHA1 | 635ac55f40d4c87ed91a9cba6aae0bf9a65c49ad |
| SHA256 | 13af0f2ff55ab2856da6e261b52d2056c8585316089be30b723bbab57267d0a1 |
| SHA512 | db69c38a3f3eb30a693617d8202c8a2d0e45b6db4ada5a3ac351e2031d89047766d4319ef46117ff1e11ec5d75f07809d78397dea951cf225e5fa0ab18f81fcc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 580f13088f6cd58afed39ca4a6251ab7 |
| SHA1 | a3734f5fd16a2867aa0f05365988935d7e39a78e |
| SHA256 | 4b292701a4605b85a07a3ca8454def3f1ab09f746f0ea7ea1a3493ffee5736df |
| SHA512 | d11cd18f3084d54c5f3d8b54cb8626ad919d792c47efdbfe4730d77e5182c8fb6f0e5a357b42f2d3f8225baa5031ca00a0080600cc8ec68cc21e873a9b389985 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 711c25598fd0a07ac40313433e302d86 |
| SHA1 | 4e603b8a0a66d5efc1fa0ff35c95b1d65d435f9b |
| SHA256 | edd05ed5c57fcae5251cf5b4fbfcaf2fd02fc149988bb4c5630b01eb1e9006f8 |
| SHA512 | 3604b5b5c5de0fd0b387140025ef09ecfd54a0802ab8a3edd1161a3c7fed43b787b3fd30a51654b6a47dc808864c2508f4edf0e01459f2f086c79a259c321279 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0eea1329d2f6c1100ca3cebfad0baaee |
| SHA1 | 8fe451351d43f3362d2b95c40b18675817c81279 |
| SHA256 | aca3150954321d09f8f2cb6f8120b20ad036428c00b7504727eaf8d5eb684ddb |
| SHA512 | 56ccced8d38e7c892e466963b784725827f6dbbd0ff9fd8cd95f3049532f331ca7f15be2a9b716c1b0762c27102aa7fef214dad611095fc2b91cf82699d07dc0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fc6ee2dc475356122972ae691395ed8c |
| SHA1 | 066c43a9d28713e4a9fdbe54d48a916e6d7bdbed |
| SHA256 | 2976d143a612d3c4b05cfc378daada6ebf020b577af6750defb8beb25ea57ed9 |
| SHA512 | 430ac6dd7d12551c76d22f9e0777c820bc47d2bcc23603a5735ea5f9082628776158b7657fd1b515c298de6cc463d5b5024738601894abc6aea9005305a06918 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 56e2fa416597d6217b0035cb73ad3a88 |
| SHA1 | 58f2bee93c162d043ca27a1986680a1bb9bf2d4c |
| SHA256 | a936daec7bc4d0e71540827578308715cc2fe6851b31556df38c35f637fc5f69 |
| SHA512 | 641242abb0fbf2ce8e0c998890cf2c11029b6e1eb9ae25395fa19b0e9421cace217de82fe9a40af12e5245cb2c5c18f8a71f52e3eca59a98ff79c1f049f726ae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d289fa5b0c8b2a2cbfac5b1bb2c486e1 |
| SHA1 | ab5ce60029e93f95c270f452ba9fd1ac89c3392a |
| SHA256 | 2b52d8a452337c0b119b0791a4b3d066b6616557b42fea2d4cc4c8be6fd92a67 |
| SHA512 | 2cedfeb64b6d6572fb33d7e8a102059117e1b89906c956d5a8254359ac0e4b321f1040a8a0d39f69d4f02e0e98cc4e97cdce229f7124b12183f58f3e5eab301a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5ab96965f53f4700452afcb8397f2bb8 |
| SHA1 | bb64421b7348911e5926dd772564672cc5821495 |
| SHA256 | c01af228245c11ad58a76a2e9596719bea0f991ad4d261fc29b9e572806d1135 |
| SHA512 | 1f001e2ae3e82339e2ec2e51e2cbce2e5bc4c41c518e58c3ff48cb0465d3270ef01d2631445d8abe2cfd385f64cc34b559c8c0a0d76551f4ffef5bfb6d2d2dfe |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b6af9aa7006cfe2f3b81b9f781d69715 |
| SHA1 | 08d09b6078bbf118907e090adba9f803e8875c2f |
| SHA256 | 9d3a87b921487f1bb05726c35eb0a49d122206024c3a66649dc10711f1cbcdba |
| SHA512 | e5c205ad832b092e474bd151670fbefc740d7fdd0df28ce8678ff4cba377330b8b82382976d1c73386bdac9741c3cd9818c83aa65d0b5fcbc0eaa4d0f59d0a54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 350d09ff01cc294e2532293b43a94ccd |
| SHA1 | 3bc09ecc1f914ec78127edc9c7d4cbf458dc04b2 |
| SHA256 | 6235892332f742233ac5dac7e5eaa6de421af3774e15d6e32e0969e188b0a673 |
| SHA512 | 07c60dca3c1d3a82825129f57587b6ddecb169d0c275d1c2985d53209c83fec6c9346ef4873776daace38094702822175412db0709e99b2d7f55096987f46ead |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3c2a5cedf1e89736b6a91b322feba0be |
| SHA1 | dcba4d5d07c9b0f66a64e956d4a253fc63f4596d |
| SHA256 | 367ee5493e4e0b2ac8cded944d795ad9bf735ae2848ba3301db7a49a1f785677 |
| SHA512 | 3f03d9ef5d62bbb622d9634378d797c747365accd0dbe521eb230426e2c45752718b93703d7cfc80109a632427800b39683d1541f67286821d5e0a70e442a460 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bafa124869fd0da8f2298a94c8b2bc43 |
| SHA1 | e5073d8600166c2623e1cda3c25d351ee3d98460 |
| SHA256 | d86735feb7874658dc5fe16ec41ab511ae9a02ba48397dc0e749331e17b49c81 |
| SHA512 | ac3be459366ee4f1076fc8c73efab527eb3a67245c1a741b88b8e8ef0c3d7bfe66330ba94d838476285d2511df9bc6de659c25f819ad31075dcaa7c1a13217f7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b2ff23e226954645bb525a49a06b78e4 |
| SHA1 | 11337448b47683ee1b9a98fd10f7f1240410a9ff |
| SHA256 | 750dc89baf4159b7c1864e7007d14c1e447115c5cb759141a1b646bcb86aa830 |
| SHA512 | 3ea64a8da8eb4692b105a898efd47af7491a9c392c8994c8f5566203b2a5ea3ca23d6bcef66cc5c77c323d1b524611ff7a915c981379206b2144fa433cb2477a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ac2414bbf7c1ff81dbf542f9864018f4 |
| SHA1 | 21a9fb535433c075a25076d72509475298921d13 |
| SHA256 | cc37c8036f1fc153775530eafe091651310164c4227d555b33b9c40953629294 |
| SHA512 | 2e4d66e1e76099ae33ff9b047a71e4481c4e18d1ab0e6e48e136bc38e9177c057ea1a7d5b41d40945d65d2ef7b4cf0f80146519e2c174047f6cec7afcb0c9c1e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 263f10e5b0ce77cd7e86557d05342d5a |
| SHA1 | 1f3a95edb23008d31fc1b9102a8798d5bb4fd52c |
| SHA256 | 42bb84c04c6a3aa1d1431fbc5fded9bbfe526212fb32e09cb6081146a4ae667a |
| SHA512 | afe5cea6f189f061b9f62587434b55f047cd29c62d8457254db064c6acca34a14020c84947369601131320b5f2a807e2775c2d1f4c5e226bae0b8897af0218a1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bf1a2e9e7b0cfbb65e6f284b1f9245dc |
| SHA1 | 99594215835724bd3f12caf0df46dd7c0a61a0ac |
| SHA256 | 7cd3f916cd177bdf7356afb60cf705d0d03c65ea8cb38c595f58d4de98b94aaf |
| SHA512 | 4ed6e8a3ba302349207e35c55d1a69ec3db58b6f9f27bfaecfcd8171f96245e5a505948f532c3273bff794f9ed075c69d905476f7f761c6adb297dce6829b84f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 7a3e57c9845e23fef4075a3e9546fd2c |
| SHA1 | 28f837b37a4f5714ad5c4697ce73ac502fb5e622 |
| SHA256 | e751c80377a10827c010ded590d8d20b9b195ffe781f55e49fb82a09008e14d7 |
| SHA512 | cd1677df46f935d30f536fd7dbf242bb87472011725788d73bc244601e76c9d6ead58ac098a0d4b53092b9eac204f28f0c090f534c5bdca88e62aa9f52ab241a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7eae973baf11ebb74c4aaea2e1c04eef |
| SHA1 | a579d1fb1a1321bb663b6fad8d02c0b31af97631 |
| SHA256 | 0614c1595f6b8a45945ff9388accd5b980fc45890494cfaa8fcba60e13de9937 |
| SHA512 | f0b552a1b081d617a24758aeb3b291adb4cff8db5cc381581d84663d9cc2d78a6de0df7af4b7ef70f0944959dc869c6f6567b90d2896343711ac6f7e58a79ec5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2984e0ad7b77a898c4e0579ee5d37e7a |
| SHA1 | ecbe5a2579ff4b05cbe1d85e7042f7a8b9595679 |
| SHA256 | 25cec05771b70d504ba3131ea11a5ad98e4f9f1d57e72a87f26659e99ec4f9e8 |
| SHA512 | 068097b1a817aba464e95c12a97341732398d4302e0493dee44290912f4e2055a51273b71f46c3591e47185ba557289e0b315c0e26c262a0cee8c17848bab577 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c957abea9d2e0a4208d68a059e72982e |
| SHA1 | 25453862805f769dbbdeca8749ab0bfa9fc00761 |
| SHA256 | 4311550a89eac6de82753ef8e6e9aef86b9505878f88b89a33a7ac572c10130f |
| SHA512 | ed19170b783fe6eb27e313bb07f17408b92572f0880778124e02df30a943c083cdab89fbdde45a6251163222e5fd9d3834a87a4db3a3cc00d4a89ba9d7386007 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 814d1807a841bf397cad653f9a45616f |
| SHA1 | b158009b79540cd63ac084ee893a3cb5ceaa489e |
| SHA256 | 7bd6c714ce8e9155b2cbf392bee42430508c34ec7767729e604b8c928ef3ca33 |
| SHA512 | 596a5c27b8da9e1c46b5186522e54286370c2afd3db3a21d8beb41a6d3c186bfcf550e3bc8170d478879e7f2b95b6e393e3ad78adc72324e7ded4b1aeafb3861 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2e678467d3e3336fafbf40ff553c1aa9 |
| SHA1 | e178db8a9adfa9e319b5d6969ad9f25e860e654b |
| SHA256 | 4d945ce898cff47d3809774d6c72cfba3ccd905ca58f7546de46d45c000e7d2d |
| SHA512 | 4f97f624651dcedf363c6d19a068cca30595ce0b1a0823ad66b4493a4a79d7a4eeedf882704348062a10c18d9b8350251e84dd312b1c52c30b8b164e47784093 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2abcb7d8462a1b7439500c3aa68658bc |
| SHA1 | 2c5e003b105637d1744af12a79579bcc9aacecf2 |
| SHA256 | fe99fd7678f31db8a487a150e80dc8d2ddc29d33392cd97501ec3e56764c30fb |
| SHA512 | 864c8d305ac882c8992de6071eeb89c57e8fbd74dca6d9bb376761b960f512a5ebd8390e8e9b04b0815f9683e23827cf84a3d88b308abd063b09679fa536072d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9012172c11a019a1847ba661ff2afd39 |
| SHA1 | ff13f48f896e7d6131fbce0a1f4e249879955700 |
| SHA256 | 996d97870b1261a55fc96ac713da7dce88a7d7947ef745377e005d995d36f76c |
| SHA512 | 71b25661fc6ca67c9155574ef63195184ca10188eb0a32f8cd0dbd854bd4ce103b9d70e7210a1c856718a11445f78d5c3bb4ca59f02a84c976767358d58e1dd8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | f492f58c89c307e54571dbaea0945873 |
| SHA1 | 6cfc943dcd614581bab716b122290b4ea8077432 |
| SHA256 | 9d3180f1a7b083bd8a1fc5676458af0b77af5890c75ffb624a456d8349458201 |
| SHA512 | 8f21e413ee723c4d74276259ae87c13e5bac49f55dad3a1c0849bded5b867f229dab0c7dab8cc0a8d18f8c6ebd0f1fdd9c2bffcb4fdfb5c922535a5a4eb83438 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d19cc137a6aef24306ac3511fc79da4d |
| SHA1 | d72438f6e5fac31a15e3822b510db21d929b9697 |
| SHA256 | db577c4de5f619a4dcb9337dd9290d69659874b83410e3304ea320a2ab435fff |
| SHA512 | f4c2747b1b7f26652027fb0e873d10ead76f9e8e91581259071482ce83f360ff67415e46e8ef78fdf565cf4c042b1314026d53570b796dec7e652fd8546c9824 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eb2608b246156451b3447374cc71c653 |
| SHA1 | e27dd63100c03e580dc0bb11f85a05c51e244be0 |
| SHA256 | 569c2606fb8e4a5b3aa6c4ad0868ace09a52f562a27fd95210de79fdf7737772 |
| SHA512 | adac6ce9f54e49ceaf545eb3990a74f06ea30d9dc15cff9c43491f46ea0741911e02918f9735ad0ed3f0b0d64d15bc6f87a5e9d5dcdad2785cb7169bff21636a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0856a0b51cb43869567ba47cb2806a91 |
| SHA1 | dac203cb8a7c2bb5c51b6205702df2f12b5011bd |
| SHA256 | a72c03c44e0393420f384e0b03df7bf263069ed98cc5144401e671ca37f9a79c |
| SHA512 | 0466f94115d391044983c0db05ee702b27cef22ae75d36e74cb846eb46864630c1ba03c49fc91978cfa8c745c70df083cbe3542af929621351db1fdeae6afe1f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 953a0048b1831247e66e6fc9de1029ec |
| SHA1 | 53fb405cf6e1650076b63eb2b58f78d8c40483d6 |
| SHA256 | bf6ab1c570fb2da0fb9c589373a073f91180c27ee462d8ac75fa1028c0d953a8 |
| SHA512 | 990d5b70fdb888972d8cbd47002bd0d1c9bdcf17f27d1b0bd7a2f18db205e9bee00ea70565e422296296c3befe10f07f429c84aac4021e7c012e91c32d15be24 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-28 20:24
Reported
2024-05-28 20:26
Platform
win10v2004-20240508-en
Max time kernel
134s
Max time network
142s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7e48667be09b085b2b65d8b6248a1ca9_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3756,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=4416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4028,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=1316,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5428,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5500 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5436,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5532 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5888,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=6056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5816,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5644 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| US | 8.8.8.8:53 | consent.cmp.oath.com | udp |
| US | 8.8.8.8:53 | consent.cmp.oath.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| US | 152.195.53.200:443 | consent.cmp.oath.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| BE | 2.21.17.194:443 | www.microsoft.com | tcp |
| US | 2.17.251.21:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.53.195.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.17.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mbp.yimg.com | udp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mbp.yimg.com | udp |
| GB | 87.248.114.12:443 | mbp.yimg.com | tcp |
| GB | 87.248.114.12:443 | mbp.yimg.com | tcp |
| GB | 87.248.114.12:443 | mbp.yimg.com | tcp |
| GB | 87.248.114.12:443 | mbp.yimg.com | tcp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| NL | 23.62.61.168:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 168.61.62.23.in-addr.arpa | udp |
| NL | 23.62.61.115:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 115.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| NL | 23.62.61.75:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 75.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |