Malware Analysis Report

2025-08-10 21:31

Sample ID 240528-y6vg4aah4w
Target 7e48667be09b085b2b65d8b6248a1ca9_JaffaCakes118
SHA256 b563b390391f9b98a77f8496dbddd6bacca557d449774282a3b6b079f4fa632f
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

b563b390391f9b98a77f8496dbddd6bacca557d449774282a3b6b079f4fa632f

Threat Level: No (potentially) malicious behavior was detected

The file 7e48667be09b085b2b65d8b6248a1ca9_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-28 20:24

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-28 20:24

Reported

2024-05-28 20:27

Platform

win7-20240221-en

Max time kernel

120s

Max time network

134s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7e48667be09b085b2b65d8b6248a1ca9_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 104209203db1da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{47D20A71-1D30-11EF-A1FB-E299A69EE862} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423089735" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000fe61a28b53d4e44bb48ee78193eb0905000000000200000000001066000000010000200000002ca47928abde8c1a5d0047fbbe6c54bf538575a2ca876062f9213070d345f8c7000000000e800000000200002000000028210a46dde2e84c1cf05b02b6d631acbd9c3e9285b9ce7f22b77f9ed211cbc520000000afe8b9fb7c07d891b804fed2d48ced474215ac65f54f80452930f9444d4e9f844000000014f33118aa513d6967cca44586cb0786c15242b73b3b29b1ca0d424505278ec52078305d195b0dfe4e501b80e1ff710580e059fde758b47b97f631d2809edcaf C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000fe61a28b53d4e44bb48ee78193eb0905000000000200000000001066000000010000200000000cd230d3830dce17e7cb0d80e098142815f57962c2aa98f46a454eb011e45b70000000000e800000000200002000000045ee4f932d416f0e11186170ff8ac1b13ea8d2f4e3bc30f8344fbfab6f56266990000000c19531577e6b886406eac29e398046936a1f955617f1d626c8ad8e493b3d193547a8face5a6443917cca86f4e2b8f56a3a1edd844e5bcdcad485e7f3452bb4c0ff3bd108f7d2505fc6991822d92d7b154e2f3ba3975fdd7d329a488cbc2f949db5560c909f16dd85f89e09ebb89c0a5f6ed602d323decfbdcf9f350a3737f516ca25d62357a94953389d89874b962254400000000bd56391b053c1d41c88ab8fccae4f1adbb15f8ff4fd32585b8926eb1774f18f2456372696d9cd02dd2fcd08860739c87bd0d5bceb3d1d11c263016abb667ddf C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7e48667be09b085b2b65d8b6248a1ca9_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2492 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 consent.cmp.oath.com udp
US 8.8.8.8:53 s.yimg.com udp
GB 87.248.114.11:443 s.yimg.com tcp
US 152.195.53.200:443 consent.cmp.oath.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
US 152.195.53.200:443 consent.cmp.oath.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
US 152.195.53.200:443 consent.cmp.oath.com tcp
US 152.195.53.200:443 consent.cmp.oath.com tcp
US 8.8.8.8:53 mbp.yimg.com udp
GB 87.248.114.11:443 mbp.yimg.com tcp
GB 87.248.114.11:443 mbp.yimg.com tcp
GB 87.248.114.11:443 mbp.yimg.com tcp
GB 87.248.114.11:443 mbp.yimg.com tcp
GB 87.248.114.11:443 mbp.yimg.com tcp
GB 87.248.114.11:443 mbp.yimg.com tcp
GB 87.248.114.11:443 mbp.yimg.com tcp
GB 87.248.114.11:443 mbp.yimg.com tcp
GB 87.248.114.11:443 mbp.yimg.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\Tar7FED.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\Local\Temp\Cab7FDA.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 29f65ba8e88c063813cc50a4ea544e93
SHA1 05a7040d5c127e68c25d81cc51271ffb8bef3568
SHA256 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184
SHA512 e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

C:\Users\Admin\AppData\Local\Temp\Tar81A8.tmp

MD5 435a9ac180383f9fa094131b173a2f7b
SHA1 76944ea657a9db94f9a4bef38f88c46ed4166983
SHA256 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34
SHA512 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7e2c5e01ece3e14f91cf4ad7303640b5
SHA1 63da57ab4cb2a2309e57c3f937f2aa65d72a3d7c
SHA256 01b53dea1b6c3d50d4b7bfb93e756854021dffdc153f945eae0c8818cb0e919a
SHA512 033b72278f1bfa685c16ad376148382a3b55647b2ce2916d6aec6c2e6b0efca398260cd5f3687f8556c8931c4399eb7b7dfb53501c0b865951f6e66d46d74b26

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3be6ccff58c352cef144dd46141f3279
SHA1 6d06adf20262ca6e33f804e5bee5847659202f59
SHA256 5e68758571e6f07c8a21706ca1bb8840990e16ad6785781487a3027886ae6512
SHA512 bc9b800a3bfaf29ac229e654a893a53ce49fd442666beb1a0bd8258bafa3cd1459403fb0c72a4c5d7932eda1ace643b76af27ddb516de381eed3198a52ca61cc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a7e30c92980e6a2867d93cad3b364fe3
SHA1 628fa6908a05509d1d58184e537d19dd6e61dbaf
SHA256 ffd1bb1c94c03287235ae321463a5c0bc34095a64dc64ea2a60adad2d43e9018
SHA512 b234cc0210e0a6822e11ffdc5f05397d26d136ba85c76f4373689cbea7d10b9e2df26acc38c114d2254dbcdcbd6894d9be689b99e61d369e65342237734a160d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3d5d92116ae476d2a778697b9857a62f
SHA1 3dd69da99aeb8a7a45cd9be7f7b3cde6ce0a65bb
SHA256 a3683a9b41007ebd8f0bbd523ac6b62e20d224ec9b56bf91682aea815a223396
SHA512 54ad28d06ab20e25873290790347543cdffb30db69ee212d26143ca54a1c11442b4ffd47bc97da88367214edf01da9083c8d2c9d3461a9b3f3b87f3c695b0abf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 73caf95f2f1f2388d259297cf47df095
SHA1 417af2044ab822f34160f9fe2c4b2f568b51dcda
SHA256 27d6561287bb4a49a0c924e7d5e964683d87eca1bf2e4312a0418b9695826eaa
SHA512 ac10a3fb1e96d106a935f91265b82d206a5d054ad2ae285ef12fffdde2ef8fbd85f1276430933a4b5c9ee27f97c1df7cfde96acbdaa1ff8515649b90683cda4c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 dd0c4df02d57d37bb7c52466a7521df6
SHA1 902951a5c5ae280309ccfd0d453aabd6ba23041a
SHA256 e50113d6d2952e99cbfdb7e14e8fb671df55d5fbb4e9b26a27448e2daba8fe19
SHA512 7d6772f0a21acaf86a2f1d3cc84524841436402db092c1f1bc4f778e5ae87aa4ffe247368537835b0cc2680b57007d6db53104cfa0a149acc9d85727d6c70dc6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 4e900589d74f77b7c198e1b09467d5ac
SHA1 48ed84ab781a380585a509c44d2d4b794507857e
SHA256 b539acdaffa494d77bbc602cd92a811055e69c6a36702df4ce45a27eb1cd02c5
SHA512 d683729e6d4a5c8b76941762b1bf40da4074fcc365c39635dd0408e05029d637edd553237a6631f4bc680d4bf515c44e807baa6c26261b085570700ffba2014b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

MD5 cee6d89d9d3799f7ba9e065a2a8ff6da
SHA1 cfc48d59d286b9962964efe886feb2589f26da6d
SHA256 e5c2c427ec1d0099a862939d1ed86c9cb84ca8f44ff5efe2820bf1adefd330f4
SHA512 5d4aba970bcb2630345bb03cc436cac2f184997f4d2439472cc20126a4958756b171dc1d736859aaab96a916c795263b4b4f21a1dd280e68c59a8ecf17ce360a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8c1651b1cfef72795caac614accf6785
SHA1 7ab8c53cf57807f38855e55655e21947603d6bb2
SHA256 56eb25775576288038eb44afc9e4a241be220b883682f1bcf09176fcedfc134e
SHA512 11d92a69bf79a14c2f0f90276048f0b75a4bffdeaa635b16910eeac458f2714c146a978b835a3fd906673ca904212d56a0ae015eee5ce33423f51fd8736e50b3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bea02021d80bfe85d462935a7a804388
SHA1 22f5ed18d95882467890f285ddb0482536b052e8
SHA256 c1cb31c93638e6a78aafdd3e8f402024be31a0a0a81cd50cd124e2184f4ace10
SHA512 27a0395b9e4b1858020e39ea385ed873bef13673ac2d0016830116c55928b98110513ebffb1ca91c1b1f7d2d9f21a690c85b36e4735492e7a6e60861e83ece96

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 86a95dc72c48bf22196a18dabeaf8190
SHA1 478a946bffb5906b7e137d74f8672b4e4c7afc55
SHA256 f0cfa5a7c2eb2f7a772d6f0ba34ec009d94a0cf41ea000b292af9aacd956dc50
SHA512 6f7896c6d2530d2b9dbda140f0f4a0788f9ab124ff747ec2d225ee5d44f4f9d0316363f2fc0f89f823ba3bb59060d904044279c96b2e607420f7ebc8e5875215

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f21a2f77b765542a8ccec4b256361731
SHA1 d157211adf6c95fc031fe7a31ea7787b709407b6
SHA256 48ed102a08a5b74849b8560128623d5c38e04f00b41380da4f9ac9c99b950b16
SHA512 53d56f9fce6410d32f13a5eaadc4678cf334ed76b7d97de305fb1880f5522b38ceab6427f861194dde2ac0834c6e09c812e7202489f09fa2f7650340998bbbf4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 639ad51d3d61e26fcf96b8ef6b6ac383
SHA1 86efe7eaa95a4c4a401897a2d6e65f85b7caa069
SHA256 359d665dcdb25a9b11b08d41c501cb096e2d0470638763dd17c649f80303373e
SHA512 e893188b78c29918e2e4c968f6a2766d43128d0b84844bbf73ff16223ab0b6843b22045c00580f94594348e1f3b9ec84a462719f44db245b4f40ef19c184230b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a01511a81c7cb9aa68b5c6d054dc88b7
SHA1 1bdbfeeda3625ae2ad3c66b4a7199769579954d8
SHA256 db035d46ce872e6594d01fe3fac1e42a3f971cf24e5d949d709724cb8b6a84cf
SHA512 64654aca4807675392696c971ee1c84c1d6888a3eec25f042ae3946e20dec1517581245bffd29b945400326c2131e068491a80824b987034e7fffbb5b9f13853

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7766b368b94f8ade83cd732d7107aa27
SHA1 3f066ad2dc6b341fd2ea69df698b1c3bf03ec411
SHA256 1dbbe24a970c705b35703ea51db1a82e70046a172fac421537a748713c0a0a61
SHA512 a991e88f28b7aeb3034f07dbb6df1c6e41cd9211693c32f32ea287d5896cf63694e51f788aba27727d68f4cfb1ac118d5854a4fb6607f49035bc61028ee6315b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0e18039a037e68751dd3c5eade93d2e9
SHA1 de6c4935e5f3f62301c900f99f75c7745d46dd9c
SHA256 227c2e27f094f616c9c3c153d1576caed4bccadb2b931d07b175dae7bf959755
SHA512 87a60a9a91e08a87d5594b34f983db37ee55558ded78c525bd27aae4df5f86acac4052df65f2da6e801fe243dd37153544b3d9a2e5950a8abb34c3a539151d9a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5ee997fa6df28122a4565021dabfa458
SHA1 3b0d54bcb6cc5a98f84283d5c35494e33bd2e3e9
SHA256 b556fc8a77e3a18febd2de570038e6b81eaa9e8f02fabbd3bebbbcbef4ba02e9
SHA512 be5c202ef757598a3b67ae59242e18c3ca62c333604386942565e7d9ab5541a1f807ef42fcd17cac5d0512859e12b39072ec4a6a47335357e3b3fb975e62d914

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f4e6880eef2bc86452bd5ea569fc7837
SHA1 1b1e93c41ba7294885627684d9013a774c10e405
SHA256 4ee4cacea9687b9b561d16b5f48da2a9aeb453a4a4fe11d4dce906cba7426999
SHA512 1a986fe9c48084cf8cd75fe76d603a1d08a3b55e216905799e07d03b420d33bdde0c17392b5185f150c00c87af082e3341152d26d55210e31761545ff8469aa2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 232c440ea2e50b2af12ad3de1b4009df
SHA1 b3b4060dddb7ae4475233010d78f7a8519436027
SHA256 3f35e1d775c0ca6f1e20a9457bd933f996f7fd38b3d52dbc43b577f7187c93cf
SHA512 0aef8acfccb2b1d4739fcc971ddfa7406d7a9905698d9f4b50dba257224336b58449ab020e28d336a88bde6f1680c94dcf68fb818b518ae716a39e016d6395c3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e4cddbef4ce42245d78cd59f9bad117b
SHA1 2d12df745d1325159cd2d2c34c60b45937aa4af5
SHA256 406f3e89caee13b0cd5936ce2caa8cd1a9372626aa869816e132c68fddc7af30
SHA512 66e6f591ed4b95ef291f3bd550e6ebd9d7a29b3abcdf9dd70016b3338305d6a8cd83799d2d04be3171fe1d549ffca3a5660a2cd91efa1e058b57ffa4178bb401

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3af646256f84fe66ea7055000e0873d9
SHA1 635ac55f40d4c87ed91a9cba6aae0bf9a65c49ad
SHA256 13af0f2ff55ab2856da6e261b52d2056c8585316089be30b723bbab57267d0a1
SHA512 db69c38a3f3eb30a693617d8202c8a2d0e45b6db4ada5a3ac351e2031d89047766d4319ef46117ff1e11ec5d75f07809d78397dea951cf225e5fa0ab18f81fcc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 580f13088f6cd58afed39ca4a6251ab7
SHA1 a3734f5fd16a2867aa0f05365988935d7e39a78e
SHA256 4b292701a4605b85a07a3ca8454def3f1ab09f746f0ea7ea1a3493ffee5736df
SHA512 d11cd18f3084d54c5f3d8b54cb8626ad919d792c47efdbfe4730d77e5182c8fb6f0e5a357b42f2d3f8225baa5031ca00a0080600cc8ec68cc21e873a9b389985

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 711c25598fd0a07ac40313433e302d86
SHA1 4e603b8a0a66d5efc1fa0ff35c95b1d65d435f9b
SHA256 edd05ed5c57fcae5251cf5b4fbfcaf2fd02fc149988bb4c5630b01eb1e9006f8
SHA512 3604b5b5c5de0fd0b387140025ef09ecfd54a0802ab8a3edd1161a3c7fed43b787b3fd30a51654b6a47dc808864c2508f4edf0e01459f2f086c79a259c321279

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0eea1329d2f6c1100ca3cebfad0baaee
SHA1 8fe451351d43f3362d2b95c40b18675817c81279
SHA256 aca3150954321d09f8f2cb6f8120b20ad036428c00b7504727eaf8d5eb684ddb
SHA512 56ccced8d38e7c892e466963b784725827f6dbbd0ff9fd8cd95f3049532f331ca7f15be2a9b716c1b0762c27102aa7fef214dad611095fc2b91cf82699d07dc0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fc6ee2dc475356122972ae691395ed8c
SHA1 066c43a9d28713e4a9fdbe54d48a916e6d7bdbed
SHA256 2976d143a612d3c4b05cfc378daada6ebf020b577af6750defb8beb25ea57ed9
SHA512 430ac6dd7d12551c76d22f9e0777c820bc47d2bcc23603a5735ea5f9082628776158b7657fd1b515c298de6cc463d5b5024738601894abc6aea9005305a06918

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 56e2fa416597d6217b0035cb73ad3a88
SHA1 58f2bee93c162d043ca27a1986680a1bb9bf2d4c
SHA256 a936daec7bc4d0e71540827578308715cc2fe6851b31556df38c35f637fc5f69
SHA512 641242abb0fbf2ce8e0c998890cf2c11029b6e1eb9ae25395fa19b0e9421cace217de82fe9a40af12e5245cb2c5c18f8a71f52e3eca59a98ff79c1f049f726ae

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d289fa5b0c8b2a2cbfac5b1bb2c486e1
SHA1 ab5ce60029e93f95c270f452ba9fd1ac89c3392a
SHA256 2b52d8a452337c0b119b0791a4b3d066b6616557b42fea2d4cc4c8be6fd92a67
SHA512 2cedfeb64b6d6572fb33d7e8a102059117e1b89906c956d5a8254359ac0e4b321f1040a8a0d39f69d4f02e0e98cc4e97cdce229f7124b12183f58f3e5eab301a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5ab96965f53f4700452afcb8397f2bb8
SHA1 bb64421b7348911e5926dd772564672cc5821495
SHA256 c01af228245c11ad58a76a2e9596719bea0f991ad4d261fc29b9e572806d1135
SHA512 1f001e2ae3e82339e2ec2e51e2cbce2e5bc4c41c518e58c3ff48cb0465d3270ef01d2631445d8abe2cfd385f64cc34b559c8c0a0d76551f4ffef5bfb6d2d2dfe

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b6af9aa7006cfe2f3b81b9f781d69715
SHA1 08d09b6078bbf118907e090adba9f803e8875c2f
SHA256 9d3a87b921487f1bb05726c35eb0a49d122206024c3a66649dc10711f1cbcdba
SHA512 e5c205ad832b092e474bd151670fbefc740d7fdd0df28ce8678ff4cba377330b8b82382976d1c73386bdac9741c3cd9818c83aa65d0b5fcbc0eaa4d0f59d0a54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 350d09ff01cc294e2532293b43a94ccd
SHA1 3bc09ecc1f914ec78127edc9c7d4cbf458dc04b2
SHA256 6235892332f742233ac5dac7e5eaa6de421af3774e15d6e32e0969e188b0a673
SHA512 07c60dca3c1d3a82825129f57587b6ddecb169d0c275d1c2985d53209c83fec6c9346ef4873776daace38094702822175412db0709e99b2d7f55096987f46ead

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3c2a5cedf1e89736b6a91b322feba0be
SHA1 dcba4d5d07c9b0f66a64e956d4a253fc63f4596d
SHA256 367ee5493e4e0b2ac8cded944d795ad9bf735ae2848ba3301db7a49a1f785677
SHA512 3f03d9ef5d62bbb622d9634378d797c747365accd0dbe521eb230426e2c45752718b93703d7cfc80109a632427800b39683d1541f67286821d5e0a70e442a460

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bafa124869fd0da8f2298a94c8b2bc43
SHA1 e5073d8600166c2623e1cda3c25d351ee3d98460
SHA256 d86735feb7874658dc5fe16ec41ab511ae9a02ba48397dc0e749331e17b49c81
SHA512 ac3be459366ee4f1076fc8c73efab527eb3a67245c1a741b88b8e8ef0c3d7bfe66330ba94d838476285d2511df9bc6de659c25f819ad31075dcaa7c1a13217f7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b2ff23e226954645bb525a49a06b78e4
SHA1 11337448b47683ee1b9a98fd10f7f1240410a9ff
SHA256 750dc89baf4159b7c1864e7007d14c1e447115c5cb759141a1b646bcb86aa830
SHA512 3ea64a8da8eb4692b105a898efd47af7491a9c392c8994c8f5566203b2a5ea3ca23d6bcef66cc5c77c323d1b524611ff7a915c981379206b2144fa433cb2477a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ac2414bbf7c1ff81dbf542f9864018f4
SHA1 21a9fb535433c075a25076d72509475298921d13
SHA256 cc37c8036f1fc153775530eafe091651310164c4227d555b33b9c40953629294
SHA512 2e4d66e1e76099ae33ff9b047a71e4481c4e18d1ab0e6e48e136bc38e9177c057ea1a7d5b41d40945d65d2ef7b4cf0f80146519e2c174047f6cec7afcb0c9c1e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 263f10e5b0ce77cd7e86557d05342d5a
SHA1 1f3a95edb23008d31fc1b9102a8798d5bb4fd52c
SHA256 42bb84c04c6a3aa1d1431fbc5fded9bbfe526212fb32e09cb6081146a4ae667a
SHA512 afe5cea6f189f061b9f62587434b55f047cd29c62d8457254db064c6acca34a14020c84947369601131320b5f2a807e2775c2d1f4c5e226bae0b8897af0218a1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bf1a2e9e7b0cfbb65e6f284b1f9245dc
SHA1 99594215835724bd3f12caf0df46dd7c0a61a0ac
SHA256 7cd3f916cd177bdf7356afb60cf705d0d03c65ea8cb38c595f58d4de98b94aaf
SHA512 4ed6e8a3ba302349207e35c55d1a69ec3db58b6f9f27bfaecfcd8171f96245e5a505948f532c3273bff794f9ed075c69d905476f7f761c6adb297dce6829b84f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 7a3e57c9845e23fef4075a3e9546fd2c
SHA1 28f837b37a4f5714ad5c4697ce73ac502fb5e622
SHA256 e751c80377a10827c010ded590d8d20b9b195ffe781f55e49fb82a09008e14d7
SHA512 cd1677df46f935d30f536fd7dbf242bb87472011725788d73bc244601e76c9d6ead58ac098a0d4b53092b9eac204f28f0c090f534c5bdca88e62aa9f52ab241a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7eae973baf11ebb74c4aaea2e1c04eef
SHA1 a579d1fb1a1321bb663b6fad8d02c0b31af97631
SHA256 0614c1595f6b8a45945ff9388accd5b980fc45890494cfaa8fcba60e13de9937
SHA512 f0b552a1b081d617a24758aeb3b291adb4cff8db5cc381581d84663d9cc2d78a6de0df7af4b7ef70f0944959dc869c6f6567b90d2896343711ac6f7e58a79ec5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2984e0ad7b77a898c4e0579ee5d37e7a
SHA1 ecbe5a2579ff4b05cbe1d85e7042f7a8b9595679
SHA256 25cec05771b70d504ba3131ea11a5ad98e4f9f1d57e72a87f26659e99ec4f9e8
SHA512 068097b1a817aba464e95c12a97341732398d4302e0493dee44290912f4e2055a51273b71f46c3591e47185ba557289e0b315c0e26c262a0cee8c17848bab577

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c957abea9d2e0a4208d68a059e72982e
SHA1 25453862805f769dbbdeca8749ab0bfa9fc00761
SHA256 4311550a89eac6de82753ef8e6e9aef86b9505878f88b89a33a7ac572c10130f
SHA512 ed19170b783fe6eb27e313bb07f17408b92572f0880778124e02df30a943c083cdab89fbdde45a6251163222e5fd9d3834a87a4db3a3cc00d4a89ba9d7386007

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 814d1807a841bf397cad653f9a45616f
SHA1 b158009b79540cd63ac084ee893a3cb5ceaa489e
SHA256 7bd6c714ce8e9155b2cbf392bee42430508c34ec7767729e604b8c928ef3ca33
SHA512 596a5c27b8da9e1c46b5186522e54286370c2afd3db3a21d8beb41a6d3c186bfcf550e3bc8170d478879e7f2b95b6e393e3ad78adc72324e7ded4b1aeafb3861

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2e678467d3e3336fafbf40ff553c1aa9
SHA1 e178db8a9adfa9e319b5d6969ad9f25e860e654b
SHA256 4d945ce898cff47d3809774d6c72cfba3ccd905ca58f7546de46d45c000e7d2d
SHA512 4f97f624651dcedf363c6d19a068cca30595ce0b1a0823ad66b4493a4a79d7a4eeedf882704348062a10c18d9b8350251e84dd312b1c52c30b8b164e47784093

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2abcb7d8462a1b7439500c3aa68658bc
SHA1 2c5e003b105637d1744af12a79579bcc9aacecf2
SHA256 fe99fd7678f31db8a487a150e80dc8d2ddc29d33392cd97501ec3e56764c30fb
SHA512 864c8d305ac882c8992de6071eeb89c57e8fbd74dca6d9bb376761b960f512a5ebd8390e8e9b04b0815f9683e23827cf84a3d88b308abd063b09679fa536072d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9012172c11a019a1847ba661ff2afd39
SHA1 ff13f48f896e7d6131fbce0a1f4e249879955700
SHA256 996d97870b1261a55fc96ac713da7dce88a7d7947ef745377e005d995d36f76c
SHA512 71b25661fc6ca67c9155574ef63195184ca10188eb0a32f8cd0dbd854bd4ce103b9d70e7210a1c856718a11445f78d5c3bb4ca59f02a84c976767358d58e1dd8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 f492f58c89c307e54571dbaea0945873
SHA1 6cfc943dcd614581bab716b122290b4ea8077432
SHA256 9d3180f1a7b083bd8a1fc5676458af0b77af5890c75ffb624a456d8349458201
SHA512 8f21e413ee723c4d74276259ae87c13e5bac49f55dad3a1c0849bded5b867f229dab0c7dab8cc0a8d18f8c6ebd0f1fdd9c2bffcb4fdfb5c922535a5a4eb83438

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d19cc137a6aef24306ac3511fc79da4d
SHA1 d72438f6e5fac31a15e3822b510db21d929b9697
SHA256 db577c4de5f619a4dcb9337dd9290d69659874b83410e3304ea320a2ab435fff
SHA512 f4c2747b1b7f26652027fb0e873d10ead76f9e8e91581259071482ce83f360ff67415e46e8ef78fdf565cf4c042b1314026d53570b796dec7e652fd8546c9824

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 eb2608b246156451b3447374cc71c653
SHA1 e27dd63100c03e580dc0bb11f85a05c51e244be0
SHA256 569c2606fb8e4a5b3aa6c4ad0868ace09a52f562a27fd95210de79fdf7737772
SHA512 adac6ce9f54e49ceaf545eb3990a74f06ea30d9dc15cff9c43491f46ea0741911e02918f9735ad0ed3f0b0d64d15bc6f87a5e9d5dcdad2785cb7169bff21636a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0856a0b51cb43869567ba47cb2806a91
SHA1 dac203cb8a7c2bb5c51b6205702df2f12b5011bd
SHA256 a72c03c44e0393420f384e0b03df7bf263069ed98cc5144401e671ca37f9a79c
SHA512 0466f94115d391044983c0db05ee702b27cef22ae75d36e74cb846eb46864630c1ba03c49fc91978cfa8c745c70df083cbe3542af929621351db1fdeae6afe1f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 953a0048b1831247e66e6fc9de1029ec
SHA1 53fb405cf6e1650076b63eb2b58f78d8c40483d6
SHA256 bf6ab1c570fb2da0fb9c589373a073f91180c27ee462d8ac75fa1028c0d953a8
SHA512 990d5b70fdb888972d8cbd47002bd0d1c9bdcf17f27d1b0bd7a2f18db205e9bee00ea70565e422296296c3befe10f07f429c84aac4021e7c012e91c32d15be24

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-28 20:24

Reported

2024-05-28 20:26

Platform

win10v2004-20240508-en

Max time kernel

134s

Max time network

142s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7e48667be09b085b2b65d8b6248a1ca9_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7e48667be09b085b2b65d8b6248a1ca9_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3756,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=4416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4028,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=1316,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5428,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5500 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5436,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5532 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5888,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=6056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5816,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5644 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
IE 94.245.104.56:443 api.edgeoffer.microsoft.com tcp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 56.104.245.94.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 s.yimg.com udp
US 8.8.8.8:53 s.yimg.com udp
US 8.8.8.8:53 consent.cmp.oath.com udp
US 8.8.8.8:53 consent.cmp.oath.com udp
US 13.107.6.158:443 business.bing.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
US 152.195.53.200:443 consent.cmp.oath.com tcp
US 8.8.8.8:53 www.microsoft.com udp
GB 87.248.114.11:443 s.yimg.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
BE 2.21.17.194:443 www.microsoft.com tcp
US 2.17.251.21:443 bzib.nelreports.net tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 11.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 200.53.195.152.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 21.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 194.17.21.2.in-addr.arpa udp
US 8.8.8.8:53 mbp.yimg.com udp
US 8.8.8.8:53 91.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 mbp.yimg.com udp
GB 87.248.114.12:443 mbp.yimg.com tcp
GB 87.248.114.12:443 mbp.yimg.com tcp
GB 87.248.114.12:443 mbp.yimg.com tcp
GB 87.248.114.12:443 mbp.yimg.com tcp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
GB 172.165.69.228:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 12.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 228.69.165.172.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
NL 23.62.61.168:443 www.bing.com tcp
US 8.8.8.8:53 168.61.62.23.in-addr.arpa udp
NL 23.62.61.115:443 www.bing.com tcp
US 8.8.8.8:53 115.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 82.90.14.23.in-addr.arpa udp
NL 23.62.61.75:443 www.bing.com tcp
US 8.8.8.8:53 75.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp

Files

N/A