Malware Analysis Report

2025-08-10 21:24

Sample ID 240530-brfztshd2y
Target 82a2d5bfb6890887c4ef9732391e5d2f_JaffaCakes118
SHA256 9ae8e220080ff981fc650d3627b6b9b371e7f38122926a68da87f408652c860a
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

9ae8e220080ff981fc650d3627b6b9b371e7f38122926a68da87f408652c860a

Threat Level: No (potentially) malicious behavior was detected

The file 82a2d5bfb6890887c4ef9732391e5d2f_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-30 01:22

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-30 01:22

Reported

2024-05-30 01:25

Platform

win7-20240221-en

Max time kernel

150s

Max time network

147s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\82a2d5bfb6890887c4ef9732391e5d2f_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423194022" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{172925E1-1E23-11EF-A336-7EEA931DE775} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\82a2d5bfb6890887c4ef9732391e5d2f_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.therealrapgame.com udp
US 8.8.8.8:53 widgets.twimg.com udp
US 8.8.8.8:53 www.vladtv.com udp
US 8.8.8.8:53 badge.facebook.com udp
US 8.8.8.8:53 www.24hrdimes.com udp
US 8.8.8.8:53 abagond.files.wordpress.com udp
US 8.8.8.8:53 bitpay.com udp
US 8.8.8.8:53 www.quick-counter.net udp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 76.223.67.189:80 www.quick-counter.net tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 76.223.67.189:80 www.quick-counter.net tcp
US 104.22.6.109:80 www.vladtv.com tcp
US 104.22.6.109:80 www.vladtv.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 163.70.151.23:80 badge.facebook.com tcp
GB 163.70.151.23:80 badge.facebook.com tcp
US 192.0.72.28:80 abagond.files.wordpress.com tcp
US 192.0.72.28:80 abagond.files.wordpress.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 163.70.151.23:443 badge.facebook.com tcp
US 192.0.72.28:443 abagond.files.wordpress.com tcp
US 104.22.6.109:443 www.vladtv.com tcp
US 104.18.78.118:443 bitpay.com tcp
US 104.18.78.118:443 bitpay.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.151.35:443 m.facebook.com tcp
GB 163.70.151.35:443 m.facebook.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 8.8.8.8:53 abagond.wordpress.com udp
US 192.0.78.12:443 abagond.wordpress.com tcp
US 192.0.78.12:443 abagond.wordpress.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
PL 79.96.92.169:80 79.96.92.169 tcp
PL 79.96.92.169:80 tcp
US 8.8.8.8:53 ads.safesellerz.com udp
US 8.8.8.8:53 platform.twitter.com udp
PL 93.184.220.66:443 platform.twitter.com tcp
PL 93.184.220.66:443 platform.twitter.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 8.8.8.8:53 therealrapgame.com udp
US 199.115.115.102:80 therealrapgame.com tcp
US 199.115.115.102:80 therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
PL 93.184.220.66:443 platform.twitter.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 tcp

Files

C:\Users\Admin\AppData\Local\Temp\Cab8AA3.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\Tar8AC7.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\Local\Temp\Cab8BE3.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5b5f7ee5b641e7595dfdfd204fc18b96
SHA1 61fa136685cd757a0e5dfc59762b127b47622d3b
SHA256 431597ba1236ed359a6df3fc9efbd4ef443e859819cd9e66e687f2b7e1e6e183
SHA512 9f548253f2c471106d65aa62763f40ad47d7221473836414f3c8770d51863173eeab1e9fbbe6e7cde4aa4bdc0d25133fa97ddbc762f491863008ba462905e57c

C:\Users\Admin\AppData\Local\Temp\Tar8C17.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 83233885949b40b0ce76055ea3ed7c5f
SHA1 3bfb776622df6c45c512ebe59d6064886c74129e
SHA256 7965b52034ed3eea5d8f6f1e8485435430d0d9708ecca1a8f92d9c1298dd345f
SHA512 7eae8bbc16848a419bcce31351bb5c4e5640531972ecb645f437a4a887d219ad498e26f28eb4bc1026fc494ee6bc8c1b062b0da2139bcf150d6f9e84eaec7f45

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 36141d2a7e6ea51a6caa8a9a73a756fd
SHA1 bcddff86b50847e7cdb10ce1091db6f27006fcb0
SHA256 20558a473e6ea2e2e276e99810c3bcc9ace765c3074814166ce62f53c2d3075a
SHA512 2b25e7fa9f8828a383e0bbf7a563cd937ad461ecfcc46e72c45e3151cf202dace5e4a02285ed7be974e8d7f3e3d250609388cc302c56afa37b35f2fdcce133e1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9ecd45957fcc3f95dc58dbf62638619f
SHA1 db85b1b40acd3330f581513de368c7cd2275e7f6
SHA256 94633798104594b40b7699adc92158d2eae4bc4be0e3ebdcbc37af47dca01a3f
SHA512 ff81b2625e826fbdc9732af26abfd7497d2e1ae85a37cf41b9439a872286c403104a53959a0411ec8e6ce76043be6bd066194d4596add745dc8019800eb3ad78

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 06b9552c793d622f5f2039b92e68047f
SHA1 99feedf3d57d0d86e6f08f176d37499959673315
SHA256 289f594e0d8dfccd2f0c2169aadf26c27e5fd948ec77c320f5ad92c864b79efe
SHA512 301d40b73ec5f65539a62c8f9247570eb7eb536168e7a9b51f86e04475350e34ec726ff5c41ed92a51fdefd9f51c433543d88bd7983deab24236bd3fd3170047

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 609bcf590ca8987aad235e5e38a468cf
SHA1 44a479d6a86bd3353dca49c9d0de7be4e41f572b
SHA256 bd2265596b65f7adc6182ea18d8df1ac9a494bc75a74be060bb756b90d76ad93
SHA512 b74b8dc3d7851933e8faad1095751fdc9b9b14c148d6f2182d044487b2b2355b39af3e6195779f784ae8f76b2c6a33290a431a563f203e1b2774ee36de0c4955

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 150d1a5806251a73f978a9ed18ec3550
SHA1 2e73825e88d3c89af0f96339c0d0c8a72365b009
SHA256 b385b603e5e8e1654383fa940ae17411122eacdefbe47effcae98787299c9035
SHA512 db8ad7b8cd2c6146ebbae513051736f33712f72d092bb7e3de3a06ccb36fcb16828c1eae07d356d11abd6e049f9ba90ceb8a15f3ea42778a1210301af5851413

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 79a4717160448c7e679b95037bb41864
SHA1 8e671a2ff4a35378e1e091b825987c6ae160fe9b
SHA256 915aab5675c436e34e5d822311b70183575984f95c3091b29b0748607d8afa5a
SHA512 8acd46751a1bda90d152e4e65088f4c18dfeb2f3c820c7af4face6e0694ae97a07032a0de586f3e9603c93543ee18b432b77c64c8cf3b6dad762b9565dfcd54e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0b0f9076e2c777243cb2bf0e62ab2919
SHA1 73f7d99a8a34beb17f6637605bf43f963590f50e
SHA256 ead8a3ca9b7edf298c4b30ac77bf9c4b78170bedf0dd30aedd1157f710ceab66
SHA512 3a5a6ab945e5fc079ea32067978cd5f1863f6e7e1993084c8d144620ff2b20eea11c2a4357b9333d4d1e847bb950f33f1f27c9fa8ed0e5f225abf47daf226600

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8f27fe87228127170e38ccdcdffd71ac
SHA1 a1b7afa6f93b1ba8132cec58ff4b7bf837390547
SHA256 4c1530a05f516ac9a810d6f81cdc5cfd7a9ace84fd13b973234ba44c5fdf45ba
SHA512 c1e0f7c05ff3cb3e0a9d5f322334c234ad00ded50de58fbfa3f6a1397f576b130db3df1a8a17891109f40137673cd57adbfb9f6c6dae6c31d67d8449acae7e6d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4788b5673703c860303620f126ab118e
SHA1 24fb59f36c8b3786ebda1ac0247fb390201edf22
SHA256 40aadee7ffd2154de233fc449ae627eee1a041b9d14106fc5087712350ea9e36
SHA512 c083667ad65037e2fb914aaabc25e118b5dd2f55de7f262334045c183c77942af8fe28b2e5cc99a9f9278b4739cabaee2b4798694b4d362456318fb14499f2c1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 32091596d509c7045f6e7693761fed83
SHA1 403811ddec56b0c7e17dbdbb0f33bf5f8167ef7f
SHA256 3b3ff64fd5cda4e15803eb927a2812c08da9c80a15dbfff9009f70507734705d
SHA512 9eed5d49ae2ef215d5d1b35d84b117f63635529a886a01e08960e9e3786387b9b1381d6c4180878e9f1d316e85021e1af9314f561aea5feb262eb65a315d0092

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 fd11bfc15cd7b67af2505ed2d57bc70b
SHA1 36bac5f6cf140831014e7e50b3ed6391b37a1b11
SHA256 47cc77b0bd71ace447b1ec86893a1bf73507eeb92144579610f90a2315ef9418
SHA512 d297e8a4bd88ab40c4463fcc6bceec4ca7c8ab2f9756efce88fa521b6886e08dd0d68bfe0cc55dfb42789bb5d378f6dcbac0fb84fd84113568de5b0f286e66a2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8cce956e821b2eb574cbeb51d890a209
SHA1 04c537e3f80e9facd2505eb353d30ee0c3108cbd
SHA256 f7cc0cc074a5b0bdec01e0cc265e64357a0dd33aec7bb815b0640f3743795f55
SHA512 c6856dfc77f44e72b468d8702852899fa9220520bb83518bcdd9affe2c16bf10392580864a39b440e8d00d9a39b5de69459de54f3fd5271115192582adfc63f7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 23ce21e5f14f1dcac83f242e5a2b266b
SHA1 6ea8571dc214707bb9894754d51ed1c657c1241b
SHA256 9cc38104e4aa06897f0e1cc8cf16e0710acc776023d4510bf0424b54ef0475f6
SHA512 0bbfce72bf1f8616521de652d73468fa8a4ed80a16fbe4a0517a28dfebaa6b2436600660be3a23d61cd9f7c41fea2ae9c54b1747444e1f89fff00f0c88c99198

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d9f6a4e5b300b56da0ae0bfb104ff5b9
SHA1 35fdafaac86f54e1229d4efcceb8043979038ced
SHA256 0afefded4e1beeca360f3516f30d41b173a90221df53e9eb3c1b9b2d909d2f02
SHA512 192dc6588f68ae6f95d944b04073155bed1dc07646c3f32d542fe2a43c8db66012d6460f85240109f479e78852ddd4479311fbcd394a0e3dc81fd77012aa6524

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e8f5aa80be0b57c05fdf93d75159d84a
SHA1 8a75cbc4d642f7207d9c7f0225eb9af161f44b5a
SHA256 21561d35ef48ad060b27d7f57c91a9671f09920fd45cb6c496a2ceeeab929b91
SHA512 b543a1301498af3b7f1374aad69ac5c20f65b0ef9e196255a9b16d09cc185651c978e8043fb0a1c914577878d5446e4e5c281f2736cc7db61a666c97ea5f74e9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 12b7db2f44feed7c442da1dcb2b8ccd2
SHA1 7d3bb8dd888ca55f7327907b3985b0d5185ca9c2
SHA256 3a60e5615b9f12677041a1e478702050c4cbe4838ccb701f9142ece5b97e43ee
SHA512 2cb4e9f9313d39db80104b6843613cfa679e497c65ac25ae4c19ba4fc4f6b12aec8dc27cb4b78b6a09023a618550d72fadf8da18b5bd3d42aeaabea1354818ab

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 11f5ea51d41d92204839fe65b70be45f
SHA1 6d551709b5550cafdbf11895b3c279dd59f7bbb9
SHA256 429ba3ab0a1d51a8d87540af964966b3e4bf4cf59b518d60c6c7555f844214e4
SHA512 cfbf59711dd6a82b005edaf43f732445272fdf2d0eac307c5c05c277f1ae593ad5440c07e7ad2acb7141eefe0e2005ac7e34be553c75694d50ccd18e1e6e3c0f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e13553a0e2725ca86ca7e255f0ce368a
SHA1 e0187fc9062594f81dae2ca56cc10870eb458eb4
SHA256 b936752b7588a754e407ff5f656262300381bb3c63d77f6f17f8b84cd13a3f2b
SHA512 9ce22cc37593749309b1d018405223e07174a77ee3bfcd811d333ba84af921cddb21d22d2cbb134ccb6650c7df92fef9991e1a512acbd76b818d5723cba06e3e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 90d51314e6fa5d97aa64b44a10307df6
SHA1 b5e2a5d4defd12dd61457b5a881fdef1e13ecdf4
SHA256 2ca329eb273a2cae659b7ba14a9f219fff1a43de09bc2276b22a2ce464d0fb1e
SHA512 98b10744195526c026b20c395a37e6c48183a82ec9aaa544a3ac8c25885b1bae79a391ca3fe1c66d897a29d1309555f49732eb0c64805b5f369f42078e857ab7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 51bd44cb7b5872a306ac059ebc8ac4b5
SHA1 0dbecf325dae3daa6b1bec57405df142b9ef3547
SHA256 d19495be99049ad62b06af68254139fd01c95154cfe5a771a893c13fbc1c2d7d
SHA512 dc986f05a2a5cfce03b5d1c34559c2e31f0a1597979883968a0fe7f1d6a71f29e70c143d4a557fd99d4f96984b6d2d1755c1aeaf9ec84640f98b28b40342cfec

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 facd7c74742eb76a18bc30170ec09cb8
SHA1 9777c1a46404a05a8adf630466a4ee67286b553e
SHA256 072950d5febb8b17cf9ba78e6cfe25a0a27f699774770c5d63b438d335bcb6f6
SHA512 c30141ba5c354f667266fefb9d1483c65754bede0f20dd63152dcbe2a1ec6f43b60db5bbb144ad6e6b72108ff212a6d3dca646b43119350a992e66d52eee1d80

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 62692928aa311319e33041a5323e61d4
SHA1 15249866060a895af4a1e540d5eec16e0ba39768
SHA256 6d92454d551b3146d1f58572eedc0197f92b616b00e92f003689638b4af579eb
SHA512 abe820d98d1c50ee96de548b433b462785571c30c108eaaaf3ccca9bd7a50e24f04b0c0b3335f7a694c1bfbc14b170485a7636fe25a72e01e9b451d2485e2e80

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b70f99091a806dc94ae0551ea4cfa62e
SHA1 4343f7a03d81b396beea9b0b23c09182da4c57cc
SHA256 b81029a9caa431151d94a989dba90ddcd2aed6f84dbe5c33889a6b1ceeda46f6
SHA512 aac6761f3098f750f45d43e1a7e03e85bb4fc5e11b587f5491516a8b938a8bb9ddf25b8a55e81d55c1b52b4865a53e7e28cb60635603b6b23c6b8f283c303ce7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 de3683002d452f6adc7fcaf6186ee74d
SHA1 2dcd2cd51eb3d90b23c5071f814220bdb1b3fa7b
SHA256 1a9eb75f8374902b5dcf215886f72a971b82e54229e4fcf8bd4de374742c96c1
SHA512 25b00b1526bb8a8bb807dd0ea56dcb2ae2c1dd423c2b9f839f3f83548896358e5011db73e74029cc34d40787153816badbc07121acb7502c6e1ffb80d1feec75

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1db6237a150affe9aa5f549eafe094c5
SHA1 91976d6a5895b7fab80072a632009ddc50596da1
SHA256 efbb3be3b184fd708fbd0caeef6fea5e1ab83320af8b22572ebe8a16d75fcebb
SHA512 c604c50ec162fbc1d079768663f0c18292df7a40379384bebe23c2081d9e8831d586f2019f1de035f2d1424fe1a8873e6d4212638abff14c625c95d5dfb611fc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 298c8f15aa34f33a8b279ab99fb19725
SHA1 ae4e8d1a586f6d2cbaeacdd624fa63ea67bdb659
SHA256 a5657238884101494c7a3ab1208f515c88da9aefa8024baa889dd55ecdfd0fbb
SHA512 4714645c2c41bd2510c2a8a719a91724e4bfc92561ef28a6b95024baa8760f4393b4ea85df1deea5f24191b374ea6761e07f2c2db28404b85ab4f47e06fa1297

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-30 01:22

Reported

2024-05-30 01:25

Platform

win10v2004-20240226-en

Max time kernel

148s

Max time network

152s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\82a2d5bfb6890887c4ef9732391e5d2f_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\82a2d5bfb6890887c4ef9732391e5d2f_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4076 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=3952 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5576 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5528 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5984 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=5952 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 13.107.6.158:443 business.bing.com tcp
GB 51.11.108.188:443 nav-edge.smartscreen.microsoft.com tcp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 188.108.11.51.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.therealrapgame.com udp
US 8.8.8.8:53 www.therealrapgame.com udp
GB 94.229.72.120:80 www.therealrapgame.com tcp
BE 23.55.97.181:443 www.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 2.17.251.4:443 bzib.nelreports.net tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 8.8.8.8:53 www.microsoft.com udp
GB 216.58.204.74:445 fonts.googleapis.com tcp
US 8.8.8.8:53 181.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 4.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
GB 216.58.204.74:139 fonts.googleapis.com tcp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 8.8.8.8:53 www.24hrdimes.com udp
US 8.8.8.8:53 www.24hrdimes.com udp
US 8.8.8.8:53 www.24hrdimes.com udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 8.8.8.8:53 120.72.229.94.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.42.65.92:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 92.65.42.20.in-addr.arpa udp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 96.16.110.114:80 tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 13.107.253.64:443 tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 172.217.169.74:443 tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
GB 94.229.72.120:80 www.therealrapgame.com tcp
US 8.8.8.8:53 abagond.files.wordpress.com udp
US 8.8.8.8:53 abagond.files.wordpress.com udp
US 8.8.8.8:53 widgets.twimg.com udp
US 8.8.8.8:53 widgets.twimg.com udp
US 8.8.8.8:53 www.vladtv.com udp
US 8.8.8.8:53 www.vladtv.com udp
US 8.8.8.8:53 badge.facebook.com udp
US 8.8.8.8:53 badge.facebook.com udp
US 8.8.8.8:53 ads.safesellerz.com udp
US 8.8.8.8:53 ads.safesellerz.com udp
US 8.8.8.8:53 widgets.twimg.com udp
US 192.0.72.28:80 abagond.files.wordpress.com tcp
GB 163.70.151.23:80 badge.facebook.com tcp
US 8.8.8.8:53 ads.safesellerz.com udp
US 8.8.8.8:53 bitpay.com udp
US 8.8.8.8:53 bitpay.com udp
US 104.18.78.118:443 bitpay.com tcp
US 8.8.8.8:53 www.vladtv.com udp
US 8.8.8.8:53 www.vladtv.com udp
US 8.8.8.8:53 abagond.files.wordpress.com udp
US 8.8.8.8:53 abagond.files.wordpress.com udp
US 8.8.8.8:53 badge.facebook.com udp
US 8.8.8.8:53 badge.facebook.com udp
US 8.8.8.8:53 ads.safesellerz.com udp
US 8.8.8.8:53 ads.safesellerz.com udp
US 104.22.7.109:443 www.vladtv.com tcp
GB 163.70.151.23:443 badge.facebook.com udp
US 192.0.72.29:443 abagond.files.wordpress.com tcp
GB 163.70.151.23:443 badge.facebook.com tcp
US 8.8.8.8:53 28.72.0.192.in-addr.arpa udp
US 8.8.8.8:53 www.quick-counter.net udp
US 8.8.8.8:53 www.quick-counter.net udp
US 8.8.8.8:53 23.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 118.78.18.104.in-addr.arpa udp
US 76.223.67.189:80 www.quick-counter.net tcp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 ads.safesellerz.com udp
US 8.8.8.8:53 ads.safesellerz.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 abagond.wordpress.com udp
US 8.8.8.8:53 abagond.wordpress.com udp
PL 93.184.220.66:443 platform.twitter.com tcp
US 192.0.78.12:443 abagond.wordpress.com tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 therealrapgame.com udp
US 8.8.8.8:53 therealrapgame.com udp
GB 94.229.72.120:80 therealrapgame.com tcp
GB 94.229.72.120:80 therealrapgame.com tcp
US 8.8.8.8:53 109.7.22.104.in-addr.arpa udp
US 8.8.8.8:53 29.72.0.192.in-addr.arpa udp
US 8.8.8.8:53 189.67.223.76.in-addr.arpa udp
US 8.8.8.8:53 12.78.0.192.in-addr.arpa udp
US 8.8.8.8:53 66.220.184.93.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
GB 94.229.72.120:80 therealrapgame.com tcp
GB 94.229.72.120:80 therealrapgame.com tcp
N/A 224.0.0.251:5353 udp
GB 94.229.72.120:80 therealrapgame.com tcp
GB 94.229.72.120:80 therealrapgame.com tcp
GB 94.229.72.120:80 therealrapgame.com tcp
GB 94.229.72.120:80 therealrapgame.com tcp
GB 94.229.72.120:80 therealrapgame.com tcp
GB 94.229.72.120:80 therealrapgame.com tcp
US 8.8.8.8:53 0.204.248.87.in-addr.arpa udp
GB 94.229.72.120:80 therealrapgame.com tcp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
GB 94.229.72.120:80 therealrapgame.com tcp
GB 94.229.72.120:80 therealrapgame.com tcp
GB 94.229.72.120:80 therealrapgame.com tcp
GB 94.229.72.120:80 therealrapgame.com tcp
US 8.8.8.8:53 syndication.twitter.com udp
US 8.8.8.8:53 syndication.twitter.com udp
US 8.8.8.8:53 syndication.twitter.com udp
US 104.244.42.136:443 syndication.twitter.com tcp
US 104.244.42.136:443 syndication.twitter.com tcp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
PL 93.184.220.66:443 platform.twitter.com tcp
PL 93.184.220.66:443 platform.twitter.com tcp
PL 93.184.220.66:443 platform.twitter.com tcp
PL 93.184.220.66:443 platform.twitter.com tcp
PL 93.184.220.66:443 platform.twitter.com tcp
PL 93.184.220.66:443 platform.twitter.com tcp
US 8.8.8.8:53 136.42.244.104.in-addr.arpa udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 12.173.189.20.in-addr.arpa udp

Files

N/A