Analysis Overview
SHA256
814c72dd25d78bbfe15c86eb6f4ea581284005ad21a411db2b8851e980c00e21
Threat Level: No (potentially) malicious behavior was detected
The file 7ffc757222974a80cad092bfac8af168_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-29 07:45
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-29 07:45
Reported
2024-05-29 07:48
Platform
win7-20240508-en
Max time kernel
121s
Max time network
127s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10864" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "11074" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10858" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19189" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10864" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9787" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9787" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "19189" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{78A978E1-1D8F-11EF-B0DE-E64BF8A7A69F} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "29350" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "11068" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9781" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10858" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19271" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10976" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "11068" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8524" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9699" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "29350" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10976" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10953" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8524" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "11068" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9787" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f02ad26f9cb1da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9781" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10976" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9699" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a23000000000200000000001066000000010000200000009bf044c742d1534d8b99f41a63884921e2dc749a21b60314c5499c45b298bdcf000000000e8000000002000020000000cbd5f73acd9681147dbf12cf43c8aae5043fbff946985cfea8f9f08d86784d4820000000933e09f5df9e5590274f7c230b1fcc4abb1ed312d2cbbd1e6bb2f7debdf855ff400000009e0cbe6f191b5d3b2ca270844aa937c216b3f3298fa6f2c5f34309c44cfcca6754742901f2389fdeeb9f8b0e197b75772a9d95000109040e98b712a8a6b18eea | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1928 wrote to memory of 2748 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1928 wrote to memory of 2748 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1928 wrote to memory of 2748 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1928 wrote to memory of 2748 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7ffc757222974a80cad092bfac8af168_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1928 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| FR | 172.217.20.202:80 | fonts.googleapis.com | tcp |
| FR | 172.217.20.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| FR | 142.250.179.110:80 | www.youtube.com | tcp |
| FR | 142.250.179.110:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| FR | 142.250.179.110:443 | www.youtube.com | tcp |
| FR | 142.250.179.110:443 | www.youtube.com | tcp |
| FR | 142.250.179.110:443 | www.youtube.com | tcp |
| FR | 142.250.179.110:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 216.58.214.66:443 | googleads.g.doubleclick.net | tcp |
| FR | 216.58.214.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| FR | 142.250.75.230:443 | static.doubleclick.net | tcp |
| FR | 142.250.75.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 157.240.221.16:443 | static.xx.fbcdn.net | tcp |
| GB | 157.240.221.16:443 | static.xx.fbcdn.net | tcp |
| GB | 157.240.221.16:443 | static.xx.fbcdn.net | tcp |
| GB | 157.240.221.16:443 | static.xx.fbcdn.net | tcp |
| GB | 157.240.221.16:443 | static.xx.fbcdn.net | tcp |
| GB | 157.240.221.16:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| FR | 172.217.20.202:443 | jnn-pa.googleapis.com | tcp |
| FR | 142.250.179.110:80 | www.youtube.com | tcp |
| FR | 142.250.179.110:80 | www.youtube.com | tcp |
| FR | 142.250.75.238:80 | www.google-analytics.com | tcp |
| FR | 142.250.75.238:80 | www.google-analytics.com | tcp |
| FR | 142.250.179.110:443 | www.youtube.com | tcp |
| FR | 142.250.179.110:443 | www.youtube.com | tcp |
| FR | 142.250.179.110:443 | www.youtube.com | tcp |
| FR | 142.250.179.110:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.196:443 | www.google.com | tcp |
| FR | 172.217.20.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| FR | 142.250.75.246:443 | i.ytimg.com | tcp |
| FR | 142.250.75.246:443 | i.ytimg.com | tcp |
| FR | 172.217.20.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| FR | 172.217.20.193:443 | yt3.ggpht.com | tcp |
| FR | 172.217.20.193:443 | yt3.ggpht.com | tcp |
| FR | 216.58.214.66:443 | googleads.g.doubleclick.net | tcp |
| FR | 216.58.214.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| FR | 172.217.20.202:443 | jnn-pa.googleapis.com | tcp |
| FR | 172.217.20.202:443 | jnn-pa.googleapis.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\TarEAD5.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | d29efa10f6a873cfba334b4b938ee4e4 |
| SHA1 | 217dcd68a4c9de1c6ac9eab7ce75082289a1c448 |
| SHA256 | 72fd038176c06f4561060b976e10bcc47d3cac0354b64dc1eaba199a3a4c77a9 |
| SHA512 | 8eb1bf188e8c9489535eaa2445f959f03255ec0cb4310e7e6a427b05aff4af7b5ee81e743cb82feb843fcf538b9f5f36a77f73e082640e173a2125546c072873 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H09CVCL3\www-player[1].css
| MD5 | 6e076abc1095221e4e3e21dbd9d1db4f |
| SHA1 | e908cc0f7829aea16b42d8fec6aad567c41f587d |
| SHA256 | c7e69ec7e436426c5edb45bb5fdd943623f987ecfdb86413528b596e5b0888e9 |
| SHA512 | 3ceb46ea8e5d5abca4a1a053f20b38ac6d6c9ee60594da54122f4ff09422495261dc9356d0ed0c240ba44324c37bde120a90655b2ea40556280df674ab44fe2a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H09CVCL3\www-embed-player[2].js
| MD5 | 26484adbcccccff87017bce0a9a65001 |
| SHA1 | ee2b4eea21fdb582af1682c90d0a6ae4168f3855 |
| SHA256 | 053f9604146d3dadb1adb561c40d379df3c74b6e92504db2f9fcb2c08bedc4c3 |
| SHA512 | 707c2f06a2fe9af3573b5339ceac099ac17a496d312453688c7c96e8608848c00159a5362b8f5859154a6aabaca380dd365810a8bf8a72ca047cf33f0536c613 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H09CVCL3\base[2].js
| MD5 | c278c2c073c8f274a781212b9d66c608 |
| SHA1 | 9d0647e70936dde8b2f26d51823de1e2de809aa8 |
| SHA256 | 9438676ab31d649b3efa96236e8bd367c16104bbc20632cb333ac98d717d5a9c |
| SHA512 | e79fe476bf4af071586f14782eeb3db4bd7e2b06562bd160752b3e1f6f796ccf2fdb3016cc2333f3b390ffec47d8e001eafa5e30a07a11a9ef7b96b3e556f0c3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IW68H88T\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H09CVCL3\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 3d1b5d307929618be0cd54b334048db0 |
| SHA1 | db43a973ec66e70b1f84ff8d7a528225c4b58dc9 |
| SHA256 | 705fe0bf4f18e01cf94b95213e69586dd16059af986d5501430885499e2567fd |
| SHA512 | 3235025b6d8f954cd1ee4d54ccd722f0e54e69dce974aa38c36380d0d8c5d6bcf436ed01e35695e2dacdd245d445acc556cb344ed0289ef11e49e96a8dedb9f0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\embed[2].js
| MD5 | d1b947a8f9279cc9711618d2c8a35b67 |
| SHA1 | cc26a3ed8a96cfe7108b56a9e688bd1e3416da47 |
| SHA256 | ce693c69e2d9af01f3e2ebd8740af63f06b8031a55aa965ad6d4ae995b98a0d1 |
| SHA512 | 9eace3e49f4192cd507b9736083a308e3083c3a976270b7372830543d12f53df8a3f49db6a932877b02db9ea34985b564629ca8b1c95d62420f28a3d68c75fe0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 1740024f076477b1b8cb2c68e1de6be6 |
| SHA1 | d7994c577bb060c3132a10315f422667ba69c7c4 |
| SHA256 | b5d6ddb5bff46cd8398a6357ebcc4091d3715445d8d4ad8e62119ece4283aaa9 |
| SHA512 | 6d1fb59efc392f79d2a1d2cfddf4bd2c2df7f1fcd01e35f2ee337b6c986dbcd055d60d253b4634b01e2067392bc93341ef947b92809f7eedd2cf57c5c908fa98 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | ce6413e8673e3b4ea5af797d68a3a04b |
| SHA1 | 848afa2a7974ea1c65873fe86f9b69e972de002b |
| SHA256 | d462ec37d4022631ff4b2a3d3a1077ad5f54f7b5e5b06cdad74a75f8f2e1b797 |
| SHA512 | ff0120fa677b68db4a76e6741087bba78f8ddc623a360959321f8cce864b564a78dbd92d19462ef29f70187ee97cc4682d746106f0fe944d0bd72282f5dfc427 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | df8af8eb05b5f5fdff3b1a4480965434 |
| SHA1 | 1ba896fc0c13dac79c6bc7cc87b312f4ac0fdb42 |
| SHA256 | 580c5d922a2ba31eaf5d2b03fd6bf811c6d6fdabe86eb31502b8c1fc9df4f1f2 |
| SHA512 | 8ffc78d7a9184d3a92ec05b0a1a3aa70830fc3a63395244eb049ede9096b20efae91b13bb558c630f8625c8d13f67109fadcf9ac5a2f4c2e40adb0f3aeeb1580 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\nOQ6CFFsFLFHJQRrU97H8zc3BH-Y1IdUHHiQ5lkOGko[1].js
| MD5 | 869ac18715dead8f7d2166bc029113a6 |
| SHA1 | 1ef11f05c6068103cbebd8c835b5f18a5eeb4002 |
| SHA256 | 9ce43a08516c14b14725046b53dec7f33737047f98d487541c7890e6590e1a4a |
| SHA512 | c3b71aaadd710e2137c3866d8aeaab6ad1ea34a44c5d77e01034242d256f7a1256d8379a186075c969aacada840283997915a6597d846e2eef530b9d797d219e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 40ecafadee339d97bf4f77942039fe51 |
| SHA1 | 2f8ee3fd861a066328399ff62f16ed03cde0fa18 |
| SHA256 | 4c4bb0a7d8889d4a20f053ed88b11e58a059e362ebc0ac233dfd97ab386df403 |
| SHA512 | fee1dad6e796ad08a1861817228820d156d3ed2f87fc64642744dae8979ab48db0a937dec8525358d3ca0c1404eca49a346a09daea745ac969861a5e94137eba |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 01fea15ef9c48821735a0f53671daeeb |
| SHA1 | 8e5b69db2aea434f4bb06b0c31061f004c47f273 |
| SHA256 | 17c9c83076b2e9dc82082faae92356acbcec432b5d09f46d7e870995f0656eff |
| SHA512 | 48e8ab3d85de584110917d80e7b3d32cb43d74fe8aa487a021e43fdb2bf7fe4d08bb8749d1283b502b3bfd828babe17089a651aa6908b51a495bcb15fd48f74f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IW68H88T\remote[1].js
| MD5 | 069a01af38a663b6b1533fe6e771a2a7 |
| SHA1 | 5f8d31e9d10db3f795af3f2abc61c59d8be880bf |
| SHA256 | 14bb94a26a7a59eb8381768f570bdd03ea644a35802842552e2366739df72093 |
| SHA512 | 07618813ba83a81051efc37563729fe65c555033193b3505a2a018e54a0c55cecfc879bfb4c7299875550b9adcb3326377504134f3e32761179b23fb54ae0c86 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | cb45accdc370f92c3ae291468692a438 |
| SHA1 | daf8f3048e4a2e0db2c5fa50485dc0f67672267d |
| SHA256 | fe0371971ef0c36dbd591b06f3833e67eaab678969f7a42c277d5690085156ea |
| SHA512 | e403943cfd31d11e7d650c9db430940c01b868249be9f96c0c8dc055422c59217057f50022510e172f6bf73a632294b10fc63f95e5bbdaf33205d9ee82153b5d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | c13e7fc6a4b164f93f8a08b34f2118d8 |
| SHA1 | c418b7d3585f2a429cc5d03207b8a83d2234a089 |
| SHA256 | 859a6c0dc4a7cc28f734265ce79b0fa287bb83cec1c23de5586cb5831b1084bd |
| SHA512 | c5702c87de8c85f1f55af8307d8807cdb48cf55f8af5fffcd20b977671fdc549570abe9260057a86f32e052eb34df6953885a5f26d54bafda5a349cd21191ae4 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 3245f88f585b7b61f6fc72582f1d211a |
| SHA1 | 926b145e089bbb5119d4b41e339cfb381eecaaf7 |
| SHA256 | 2681956007fad670fc4dd95499772057d375d41ef125edea2bd2231b4f225a9c |
| SHA512 | bd8d1a33dc6230e7fcc698668aea45df1149556ace55b0961b2e4340a068070cc78c028c90d461a2e215530a4b3a0dc429e39d98eccc1a4be3a799d5fb9e7152 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | aab702446efb32e6bbd2c7643179762e |
| SHA1 | 056fb7a5bf7c3ac250e93197db860e2ad230c405 |
| SHA256 | d20fcdd1b47068d8020ed55c4d4d73311aa575f9aa3c2b7e538ce651fbd61917 |
| SHA512 | f342a8449a9cb90744ebac57ec24ba415fc3cac2054346325d64d908fedf0fc0f530f6c3ae635cab279d2a978eb9f4f99264ebf4fbf4ce9c96aa208df29a5a3e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 614f0cc2e2e63013890d0ee809ff4f12 |
| SHA1 | 609f65df713717227e24f190fc1c6cb735e89437 |
| SHA256 | c10dcb0f0927a8c658e2cc15b07c3cf335e181a279eaf30b57481db6e157b31d |
| SHA512 | d08b86298250a8f66da0fe73a576e950d7b8c56fdd59177bf849f8373d854882971e767c09982d4fb4cb74d0bcae3ead36f013e70a931ab7018f2eb93366db92 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 535c5d2518a0a871931ac14eb3acb476 |
| SHA1 | 7229b4384c9814ce9c48702b1935044d14f9a9df |
| SHA256 | d982be80899ce86e5382f7af2296567df984140e25238d1bf58ba37e6b7dbc02 |
| SHA512 | 6b6e597f3e80f1f99a8b0bef969a8bd18a27aafb0448dac28c2350593bd49be1785db8561b5c3f00401dec0bba0822b4e1880185fd58de7ecfb16ac7dc405289 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 2223c208fbe05e6b579b9669d0944810 |
| SHA1 | 25f5172f38c346b287e23fa1b1f3b55bf7fc0f5a |
| SHA256 | 491750f19d29ba760e458f0defdf9c9eeed2edac1c905b59bde045930f2e71ff |
| SHA512 | d09d71e0aa9fac732c2901428eb25eb7a65189200c0ebf75d7ab9eeaff7db5f8d88aae697f4950178a92222e0ae2169438c6d6a1e449321e92eb74703213c6c5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | fa5062dcb4fc61515fdeb5b7dccfe337 |
| SHA1 | fb0c9401574e3b508298f1b51869cc5745d047bf |
| SHA256 | 566a96cdf492cedbf9ed27c4f343cc9c9ba69f0f9ec31e3a3e77a2e9bf4d012a |
| SHA512 | 00edc9f195f9fe8f21f478863272f813a11843caad526db129c66a4802fb9dbd47f98e86019a9cd6017df590f5cf9337af1ba2d62fe6028eb1fbc2f9c34830b9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 2cd25ad298574b5650defcf29bc47f61 |
| SHA1 | d0bc5dc854a3597133f725d1e36064d18ea6d0b8 |
| SHA256 | 03b1922bbc38cdae36d02ea8b57ac9e40b026b22e0183c412390d80dde748af1 |
| SHA512 | a7a695700a93fb1f54d1a42dd42189966b2ca71e65206e81a1f360980466119578c7d6dd8bd8f115120fc422abb3bfe2c48ed98e5cbc23ed9d8523915b8b9e8f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | b7802edb3a491f0fadf52566bf75f030 |
| SHA1 | 423f01cd1b676cd100ddd83bfd772b40e9a8a175 |
| SHA256 | 75094ecc6ad5dd2a59924558b7f4e97c7cdea381819cfdf116f21273ec0d03aa |
| SHA512 | 92db7a08eb599e06a7c7e949ee388d422a70ca634c005b970d85439eaad699f7b612fb10f4ef17be4e591ceb9639f37224fb57d1ca1e8a28a471fda9f0d1381a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 9b14d86ab460604f084f618e9e9c1a8d |
| SHA1 | df95bf5720120068b50f761156dae6f22648fd82 |
| SHA256 | bc795d5eb9ea1c9f39745ae0dbba2037c3db2733d17382f8a34c950429f4191c |
| SHA512 | 11c8fc544cd2ca39862aebe1cff623353f608be205a2538aeb158ef8757fe592d8226739e790ab6e2b4dcce1d55718dd3b807224c37e6af833afcca7b2f6cb0f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | de95be72783d0a979f9bbce4c92e188c |
| SHA1 | 476df900c489f9d8133351a76dae0b5385be70ed |
| SHA256 | 53a20df9a3c28f88965b3e173b9bbbcb88a402d85b4f3652fb39d77e20a79d97 |
| SHA512 | f137b3f4845621e09a26a5df762ccfb7a4c727f6de793a33eab0f12dd3fa7b83140250a83f12eab210cc5a1e34470ce27bf8ceffd612cd3b8af2c6aa2c8759fd |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | c079214156892d6754f2704934ff00df |
| SHA1 | 6748a77e14ea819be2504b7431e36c1a331981a4 |
| SHA256 | f2b1079b5c30b6cf0b0cc0cc23f941f387ba742a6e75d6dcae847fe2cee33a62 |
| SHA512 | 8a64ec25bafcecc6917a241537b7f9f0baa04aaa9cc709e7e61c888585af30150b534536dee9ff663dac13c79e3fedfead541f9fe06e142395b2f25b0f8d1927 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 95cf4cca335a7f94ec584388cd3dfc48 |
| SHA1 | 369772774dcf91c38aae22d69cf2260f63cb13f5 |
| SHA256 | 120ebae666d5a03b922a9c51d47065faa2ca56f16a6c3fdaee3a96851dde538c |
| SHA512 | d8cf5b28fa8ced190544e6f1eba6ad0aca5ac17ceecfdd2beb6f84e1b88422fcd0f75c7cc9668f053002017a1eba0afda97651fa0119b49dcd9106d93439d05b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | cbbc81557fb1f95e455023cf10912846 |
| SHA1 | 6bbb5a2d81472ab204232dd234698e7bbfe16711 |
| SHA256 | dee8eaef55c5aa965102356c4f8008b8135ce0ca489f41dfe7056379b59109ca |
| SHA512 | c8abb33a6fd70408dedfc7e096e8ab1b251cd8648519d1d8948e86f4befa4e62632d08a9737d4e7163f9719fbd00d264d77e1e17638fcf26d975ee31f9d78bb6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 9e4027380f9d3da8c692ea1512eea7a0 |
| SHA1 | 0b303be39fac699fb130a632405bcc9065be7474 |
| SHA256 | 5344c739dcab467663925f9312be240cef33f15c99b03bcb43d297a177f0c272 |
| SHA512 | 80d19f779001c24d0c1be662341106323252017a6090a8ff1805e5eabcd51b707b778a91c8dd8630884d7e6dd98bef60d56453a83120eb5cccd11bc08f997097 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | a174066f8d15e44e60cdcc3a34589136 |
| SHA1 | 00e054064ec6d6b906aad339425b96800219757a |
| SHA256 | 5eb3dfd0c502172b18ae0303025974f02a559328fa0e8cc022495638376fb84b |
| SHA512 | b1bb3eb0ae17d5615cb7176a63e69544714e42bd8585b13a2eb2c46f3fdd64166d28b2ddeb19655e1e673232c139c0961cd11db6cbc11c22518b2a7d2df2b17f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 127f66fb0cedbc343d4dc076e748725d |
| SHA1 | 554a562150fb311fa54f7f81181bd802b6bb254b |
| SHA256 | 282e566c7d4b2ce54f58402a9c5bf6df0947ba8eff5a07c00253b7d7f8d1f157 |
| SHA512 | 6c792b400cf837f7bf775c34c80fa172ce7615ebdaaa01b3bf6916a5fccb216a0d2c146b5e7dbb4e17d9b3f0920e1c612df472dabb4fe70b0afe7c14cfe3d85b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 273535bef27a338064538e92d9cf591d |
| SHA1 | 325ccbdbcf8da698e3aadbd5d95c680e0a75ca9f |
| SHA256 | 6539afcb81f42b55c94f86f8d02ea3c830abdd7847589db6145b0008118dd656 |
| SHA512 | 114dc848c1216caa56325f41f540620b36f3b27c02d37298ff0914702e7109c58e854816643e947f9f5e92c837412910edc05892cb1547e7920305d5675c8e43 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0895f83ab79503a3d13637dbd82470ed |
| SHA1 | 05f1a645f4d0e6a03d6fb92a46cee4e2c357a58c |
| SHA256 | 51b457ac87859113478c1d585ab26f8fcb995888b591d146942984adfcad8194 |
| SHA512 | 95ac438bd1447c505ad56db304efd3bd1fa41f0d9003f706fa5cf0be28ffc88f4e3786473f43c46775cf9fa4823df63c203a74b1a392e8e1d46d4cfa029a0cde |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6dcf24c4d98631a3d193f43170f7e5a7 |
| SHA1 | 62da8a66bfad37c8fa4ddab4ab3fb8c1a1ef8a90 |
| SHA256 | 66d1863be4bf776eef83347ecb213e5990398094136127f46f545cc103b51edc |
| SHA512 | 0aeeb5b45f61ebf984a6c0f4da2b6475059afa2e507781769403419d755661c6424ba3f188a3a1903aa8beb0acc83e4cc7e4ede1419d8eff450767cfe2a0fd39 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a515b312028aa316ef597d3a31d758d5 |
| SHA1 | 566df5aa884519b7936f09167b8fde032c919219 |
| SHA256 | c1f0b6875ed3030d8d340a0c67cc78a6d021ddf2776df2fa836480da573f7d6e |
| SHA512 | 4b0d0f0d4684329251445c2c4383d2cbf8799423d07bbc92049309557dfe70cdb0960c1d5d222188e4fdfe491f9a0c879828feb1f61056adc4835f45c8b97ada |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eb8ae9cc51a7cc575625e7ab56084269 |
| SHA1 | f3635843a94cffce08a687726f16179e6e8ea8a6 |
| SHA256 | fc1bb82d997bf44b1577c89a33af9b280469298ae37a308d2a64e4a0b1017843 |
| SHA512 | a9a28fd8dc06fc5f5f0cb876f0e3e9c0e955f2f8dd526289fd6a3c08af64c5c1a273c72971fd6596cf267f613ebdc8cf06c0f985f0e176f2b6cec5ed07e39d44 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8a0f34ef54d1c0c66f02b734bbb70e0d |
| SHA1 | 6534300ed08dbf76d72319ec3150870fff9cb9f4 |
| SHA256 | f87a50959b34b9a5eefdf6ac90978ae74202357df9481deb892a5cdb44f9feb4 |
| SHA512 | b545bc7140b9c93eb47c4e34a6e6ef23dc1ab28bac69507b59319fb731bf6307a2fbf18c4f4d76cf1d146241a2548bf59168ac1afb8ddd9a599ab18531e72159 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 19dabb9840a0b33ee512e49cfaf9ee36 |
| SHA1 | 4af8e4c49d6441f80ed8398c74e2646d00f11d49 |
| SHA256 | a33177589d6bbaf5fd7875ad41252b862cd1b4e8d03b87eaa2397cab8364da55 |
| SHA512 | fa24d6c6fb01f57ff2856eeff69bbee42df104d4494e518dd694c952b5f1876b50dcae8f61acd9fffa7371ba9bb305f15c4091889b5a3e9b36460bae0ed2e393 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 58102c37b3b67f805ab45864dc8f72d2 |
| SHA1 | bbdaf09f3cda6dde44c2070250efa7817938455f |
| SHA256 | 715161ab18a8aed657762a8e0f48209e7091b5a319b5dc307483f50dba8538a2 |
| SHA512 | 2c7f76410023ca1135cc5bfc08a5af68ce902b1a03dd7848d9daa2ba9e1a59934e4475afce4cf2c7a0373d510ad51dd5959259af01d16d7ccb95ad769b22646c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4ce3cf2fc033bdb2b6d277aa6c1fd766 |
| SHA1 | b533542c7a71ea2c727bc6c7c46081255e7a84a0 |
| SHA256 | fe60c5912c658ae7c4e91dfa34be9b7240f849914d78b3945a88563825f19684 |
| SHA512 | 4a63f5c16316533685532f4ff2489ea3c54a9149e8e395bf5e1795c39921957461544fc8e8ce3231de260503a4bcd8041418d5fc2dd401fb4b97c93c6b7c576b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b01e388ee40a9ae60b5cbad708f828a3 |
| SHA1 | 47446926eed96361b011ecb645a8336ca956c6e8 |
| SHA256 | 34b29e256fb6391875cf331c6873ca8f184fc999aa6a3237f0b83e849eeda13b |
| SHA512 | 440403db4f241939328b917c0b1047ee933c2ddc1a2c23c819612de34e95c2f3ca670251762040f7f749d67127fb3df7a3f74c114cb459a24ea260bec73c7722 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bae9064cb98d6e66222e6e1a16cf5265 |
| SHA1 | 53e95a8e075781c44dc51a40163f1ca63547d38b |
| SHA256 | 75d2036bdd419751d493e876fd91e9e4d2761b71a13bbcc0cddb47f6c5bbb98d |
| SHA512 | ee7a479f19f1c90d5ff3242c06f500f801361e4a4058df4881dcc6cf3d4cc3974011516abd235909c14d9af3445463c5fd552dca7b86402725f9036bcf439de0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | bd616b9af0bbca3def99dd2a8fb8c3f5 |
| SHA1 | c4ca838e237ee270328d3f7b4436d2ad485d2f0e |
| SHA256 | ddd1c3141f804473aa9a66bd8b5c5aca8d5e99c590b799bbd3db3393269f2932 |
| SHA512 | 7fd310de91188b06b9c9ad8a0b5c12de6863bec1d7f801e051be75fbafa7afdc18d95584a643514ac97d1f9536612a902c952755e7cad2206791a10c3349d02d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 5ea2d2ae44e2a149ad40b1bb3e261bd3 |
| SHA1 | f14d3824feb3cd8b6c57e24207c99ec54aca484c |
| SHA256 | df31bfd575d0eddc4b07ffa8c0c13bd1cfb63a5a850f597d968a562d5241eb54 |
| SHA512 | e74aa36febd5933b976bfbc83280f47aeb57d67727f7f0a9495e1ad3080b9a016f6efa389d063f4ef1231ee01b5eacf41779d98a11646d768d2af9d09f3c388b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 7ec0714b94cba68bbd0ddd56eea0c4f9 |
| SHA1 | c96520fdf47653efac6d15518d7bdc3046dbb643 |
| SHA256 | b221e6aec0d39e5c9c5fba1092013b03b0768d0186aa4677ca4fbad60e49ddf2 |
| SHA512 | 36bb084e9a6fba97488fe4f69e262d43692c2fbe8c5a3c2afa23675665e7e3f96c5db6d444ffedef0a650a50d40fa55f80dc7491823deba8c67cc8b1ceaef607 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 095cf06874e6c422c66370a352395b75 |
| SHA1 | 6bf1e678c32f2e3fe931e6b7d04da8a4cc710b8b |
| SHA256 | cbcbd1ea2590b9548b86d1e61f63f8b24b1e9f85e80945517cac260fe1799604 |
| SHA512 | 4891da2bc1f90ab67d96c3e05d35180c8df80d4a6557ed2ae0a33c0ff47fbd77e0e4ed35399fa6dbe7638cc036a8a2a4526de0e5eb00fdb20ed3d5b403d1fdc2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5e5c1a2abe2177469cb6176436019a08 |
| SHA1 | 859b9e683125abce4df74136b14ae27ecbb8d99e |
| SHA256 | 53521f4d5d8fc499140e87dc06bc9b1f510174902746f06ae040fc62c2db84e1 |
| SHA512 | 4123fd549b4b2d9dff46a5f91f1d0530ab1b8e0e47e417e1ec5950c55b586c0ce038bfa0e092737b741f0d919abaaba388a054e8cde03518f77b89868189d6b2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7c18d87966c54fc14f5c6852ecc8c961 |
| SHA1 | 7234007f7367f76bcd84c18e57a6b41b5f534058 |
| SHA256 | 92a25fcbe1c28eaaf0b295b97235c019a5eb1172572dca53f5d4875b9aa5062f |
| SHA512 | 4bbfae3746404dc6834d984883619755ba9432bcfabf89a0b2a3c3445711e8010c38c4839cf249b2338fe0b867ef39e486b303ddf6e2553a6df13e6a15507329 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2b3135745c9e8d71e7f84421b2cf455d |
| SHA1 | 06b194f116460ffb69106c3c1d90c70e0fe97466 |
| SHA256 | 532021a8eaf841621b0218ff55f7ef7ac1ba172b1282e2a4fa794453ed96a93b |
| SHA512 | a1195ffcc9d9bcebb0936b92fec3ce75143070ac28131f7acbebead30198e1f9c3b42e3759b4384888490a2b6ad700441fbe558b29e7d91b0958d60aaa612d65 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | ce2e12bf3f1cb3980893391604e471fb |
| SHA1 | 32ad4f9606c1813481f6c9feaa7b0deb4ff1a560 |
| SHA256 | 442c699c6596a659280368eee9083a292de6f967501dacda0ceff34acf5ae72b |
| SHA512 | 6a011904ee4a666abef5a6f0903728ad6d2de27defc3c3f3dc83ff3357471048c0f1f7c3166f49f089f749d68e1a4b7d55959b95360f7e7b2eeeb663c88006f9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c329fcef0c306b5082a2257f3bd579de |
| SHA1 | 61fefbcb2c35155c957e43b64ac9c6616dd97c92 |
| SHA256 | 2e560fbefec590107bfa2161563c58c1126dcbf3ca4c3eef1cd1e1866b136ea5 |
| SHA512 | 7c16346cea176aa82bee2ca51a9430386eadc5298d0fa9c644022c64826ccd10f167b77b5ef8d6e089768c1844cd5444f7e086b18705c752c0b266c19a178c50 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fda06400da5e793dd16817f03cf71b42 |
| SHA1 | d204a8aa25dcc5333f6a4c08e83d3837cc542a8e |
| SHA256 | 7a11ee91d622c3c8781fe369872e3d835423f591892be35f50b3c5d8013332be |
| SHA512 | b81c484e2d790ed1e68cfd8b12a95362c31e02bc70601963a15a298ce75c877c70b8f65f966630b60f59f3c98125af58c6a35b678e5001e15291945501cef809 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bd4d606d6bb9af988add1ebf5c1e1425 |
| SHA1 | 105531865c7e4bffae435f97919dcef0da5b4289 |
| SHA256 | 664b5edbc31fcbf4fdd12e271078c1d784b99ccf9a9bcae5c50c59d757f89902 |
| SHA512 | 41e435e161ba95fd5041e3f64cfea4f9fe59ee031d75d627cce2604ab848b954ca35d2f1c96d04d515ea6855da0a650652911029dff552cc5c07db1b964b7fa7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 98cbc9acc8a68aa8afeb3640e4b6d437 |
| SHA1 | 1fe6f9b9c19c9f68cb22d94df2fc433247a9417f |
| SHA256 | 9535bda56ccba679ee29a2145bc23b71c26f6eb9e740ee98ee9efd419a938396 |
| SHA512 | f8476a2a97e6f5b82dadc2da438e2c9a2067cac665e80e2661656959bbb03f59ec4b63041b0051b9070f68d99e313a988b14e1585ed854e83daab4bf9e3edf0e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 39e09ef304fd576a86addb7b08d62f1d |
| SHA1 | cac7ebd5019ee84564ec1abd4d3f5ea0e8c399b3 |
| SHA256 | 7b1df636a4985c2359a10a09ce8f1f6f9587760d25e9a702417a3ff20cfc0f5f |
| SHA512 | 5c2930d3b51f13b37831dfbb8909e22ab14df6b20e69c693565ff7c0768f23e551bd1d84bf7bc8371a8c6d62299a504032fd32a17b4a7327c3ca46e1f680849b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 43a8162dc468815b440111eeea55a6e1 |
| SHA1 | e0331dafdd8ce050ad2ab82546f98736b21b933c |
| SHA256 | fbd71f6284db4ff210af5305af2e5716d39ecf6c918d544cf82652a4b4b9211e |
| SHA512 | 1078c020c041a110a7f8c3b9baed9ad22d4e0cbfc2b6f082afffebc0d94a33799f753337006fdfdb6a153ee0ba2c957d0b8fbfb46c826a8311c8f8273d93e18c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | d23b50f5485e42032679554fae8a1c39 |
| SHA1 | 8bf4cf11b29284487ed2c7b7cde766c562ed3232 |
| SHA256 | b257c15f0cad5480c5323f14089c145fe0697b304507e64bc6a553d7b67d25ac |
| SHA512 | 82518558a0b2f6085cd537c1857bbf0ff9095b4bf5875a52281797452c5a6eadaf0a1013c0ce7df555b0e7b32b3b4443d2017de99186493a8a8d5c99cde2f53d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | f7ba294ea5623ca1b0fd03cb7ca7fe3e |
| SHA1 | 77fc98eb563ce53cfd3ff3eb45812eb1b8022e29 |
| SHA256 | 1115963553e2237660844f7b4c4729b86bb02b73bfba8820eac2f11824de9b4d |
| SHA512 | b8ac0d45cef6f4daf8b1c414bd876191e14bdeb28bef29655b7c8fcaa62eebd541be8deb3118ccc26277e847128dc42f004c6575d98164a763d085bb35a773f9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\36UGP5AX\www.youtube[1].xml
| MD5 | 5700deb36cd49bed7ab54a64b256724f |
| SHA1 | f898dcd2cc746ea899897db59faa2e18c916835e |
| SHA256 | afba4e37aa105a7e62ccc0a1f2a174237f8a8901208231af6b1ae67f4241c026 |
| SHA512 | a5218166c6b963714ff2abccbd5b50590e3812016a4337ed2adc325cb270c032456268b5a19abc0243a9d0bfca82ff7b43c840ceb6add3df6ee9b2640ac27774 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-29 07:45
Reported
2024-05-29 07:48
Platform
win10v2004-20240508-en
Max time kernel
149s
Max time network
150s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7ffc757222974a80cad092bfac8af168_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9903a46f8,0x7ff9903a4708,0x7ff9903a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2268 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2256,17394423260992999238,7616750119265172375,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1048 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| FR | 172.217.20.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| FR | 142.250.179.110:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| FR | 142.250.179.110:443 | www.youtube.com | tcp |
| FR | 142.250.179.110:80 | www.youtube.com | tcp |
| FR | 142.250.179.110:80 | www.youtube.com | tcp |
| FR | 142.250.179.110:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| FR | 142.250.75.238:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| FR | 142.250.179.110:443 | www.youtube.com | udp |
| FR | 142.250.75.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 238.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 216.58.213.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| FR | 216.58.213.66:443 | googleads.g.doubleclick.net | udp |
| FR | 142.250.75.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.196:443 | www.google.com | tcp |
| FR | 172.217.18.202:443 | jnn-pa.googleapis.com | tcp |
| FR | 172.217.18.202:443 | jnn-pa.googleapis.com | tcp |
| FR | 172.217.18.202:443 | jnn-pa.googleapis.com | tcp |
| FR | 172.217.18.202:443 | jnn-pa.googleapis.com | tcp |
| FR | 172.217.18.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| FR | 172.217.20.193:443 | yt3.ggpht.com | tcp |
| FR | 172.217.18.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 230.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 172.217.20.174:443 | play.google.com | tcp |
| FR | 172.217.20.174:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 52.111.229.43:443 | tcp | |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| FR | 216.58.213.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 9.179.89.13.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 612a6c4247ef652299b376221c984213 |
| SHA1 | d306f3b16bde39708aa862aee372345feb559750 |
| SHA256 | 9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a |
| SHA512 | 34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56641592f6e69f5f5fb06f2319384490 |
| SHA1 | 6a86be42e2c6d26b7830ad9f4e2627995fd91069 |
| SHA256 | 02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455 |
| SHA512 | c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868 |
\??\pipe\LOCAL\crashpad_920_FVIVSVQLWEZXGWBD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 32ffb3713c81bc26133e1d4f1b36db2d |
| SHA1 | aad9c269c7677215543aef1ec68f4cbe7bb5610c |
| SHA256 | 4ac656abc028da596fcf316053392fb469a39781ff7c32d0e6ee3a428eab6c27 |
| SHA512 | 801241b85ab45a21e019de80e7311d2ff795211d9325a464bbd487bd4cf93fd42f07df7ce1169a247a6ad23984efe85d06174fc85e0aec51d7e2c3effc20e068 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a448c6e450cd06a4fdab86eb5019dfc1 |
| SHA1 | c41b49b42988a9c53ec1a6edb6c5b610841a1a39 |
| SHA256 | a32d0225923eab846d253db6bf7a1a4ddcb04600e64718a6f2f821361cf74131 |
| SHA512 | 88a9cd3ca319e8b5dcd365b3a5f221a240a2775f0415c73718ffa2934aa6861d7afefd8dcdf02a8576719aa1fe00289c61e793c2d3912d1c00da5178629f63c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 90929ac762c9c628e4de3836c473fdbe |
| SHA1 | b90310dade6d448bba52cc4559f52c9756c590f2 |
| SHA256 | 14d272d46836a020699cede8cb81420e1403abf65d9cd3957c934ac7760b1210 |
| SHA512 | 4d54dadcef5b46fc79f045ab64e0423ca9be1dca84abe823e45b66b6645d9439075a659568b14e8e23cf2dac385eca5d8a4e58273d9ea8e2c9b6a43a54c0d7e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\the-real-index
| MD5 | 4ad310de26007b98cc9314d5e52da018 |
| SHA1 | e086fbdb50ba2a7d2ebd71be5690bd189bc50c14 |
| SHA256 | eb53a79b481857a46fb7a1f4aaec6c3ec6bbaf2a7a4e542c4a3f7a87ac8541ac |
| SHA512 | 6da98a658cb3c4cd0f9bcd24c2358a1c462be83e5eed3dc306a3102237e7c7851832003056f46cadfbd80ebc57994c46d7322a95ed416426e31ecb21ab57ab7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 27896b69a1ddaa4cdec016a79a4a1c27 |
| SHA1 | 532410430d492ed4f01946d51380f6966ff69e4f |
| SHA256 | 61136326c9fc4fcfc6111ac5a819aa3a9bc2ece5df7f0bfb7d53301585014aaf |
| SHA512 | cc8c371ce221666350dde5c20ae69b7dcf5670d057ee273d4872b5551c970b7a32e58189b3886a3741e0b17451a0a83e34dab2a119ce1e65e7b6b00bbc9bd2a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 663c36c5418a44a87e71f733d05af539 |
| SHA1 | ce8cc7002dfcf4b6e62e11d5247bcb14de499c50 |
| SHA256 | 2a0a70750f2f5216a9849a5db67776ccf46ef8ed9cf394f8ea5ba1808acd91c8 |
| SHA512 | d0fd0c57a4ed9a76bd2f7d74c2ee0c7da843eb1f6837b227c29df1ad982a7ff96fdd58354c08132994a34cfe4373fdf4f13f1aa4dbc41937e0f4015e5dfd5c19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | af8ed894fc2f9ba5447aece05062ede3 |
| SHA1 | 58482709b3006f1b10908b20a20c4608931df414 |
| SHA256 | bfb34d1bb6152a5b70dadc8d840d04e5217afa3ff6103f0923f2f210b2eeb64c |
| SHA512 | 671e4ef3fa3b462e629e9f14d64905a36de1391afe4c65d778a4867a22581467f548c1aaff1fb4313db9644ed52e98e37d93d74ed5561d085731ecd8faf6bf85 |