Analysis Overview
SHA256
9ae8e220080ff981fc650d3627b6b9b371e7f38122926a68da87f408652c860a
Threat Level: No (potentially) malicious behavior was detected
The file 82a2d5bfb6890887c4ef9732391e5d2f_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-30 01:22
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-30 01:22
Reported
2024-05-30 01:25
Platform
win7-20240221-en
Max time kernel
150s
Max time network
147s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423194022" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{172925E1-1E23-11EF-A336-7EEA931DE775} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2248 wrote to memory of 1940 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2248 wrote to memory of 1940 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2248 wrote to memory of 1940 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2248 wrote to memory of 1940 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\82a2d5bfb6890887c4ef9732391e5d2f_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.therealrapgame.com | udp |
| US | 8.8.8.8:53 | widgets.twimg.com | udp |
| US | 8.8.8.8:53 | www.vladtv.com | udp |
| US | 8.8.8.8:53 | badge.facebook.com | udp |
| US | 8.8.8.8:53 | www.24hrdimes.com | udp |
| US | 8.8.8.8:53 | abagond.files.wordpress.com | udp |
| US | 8.8.8.8:53 | bitpay.com | udp |
| US | 8.8.8.8:53 | www.quick-counter.net | udp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 76.223.67.189:80 | www.quick-counter.net | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 76.223.67.189:80 | www.quick-counter.net | tcp |
| US | 104.22.6.109:80 | www.vladtv.com | tcp |
| US | 104.22.6.109:80 | www.vladtv.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 163.70.151.23:80 | badge.facebook.com | tcp |
| GB | 163.70.151.23:80 | badge.facebook.com | tcp |
| US | 192.0.72.28:80 | abagond.files.wordpress.com | tcp |
| US | 192.0.72.28:80 | abagond.files.wordpress.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 163.70.151.23:443 | badge.facebook.com | tcp |
| US | 192.0.72.28:443 | abagond.files.wordpress.com | tcp |
| US | 104.22.6.109:443 | www.vladtv.com | tcp |
| US | 104.18.78.118:443 | bitpay.com | tcp |
| US | 104.18.78.118:443 | bitpay.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 8.8.8.8:53 | m.facebook.com | udp |
| GB | 163.70.151.35:443 | m.facebook.com | tcp |
| GB | 163.70.151.35:443 | m.facebook.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 8.8.8.8:53 | abagond.wordpress.com | udp |
| US | 192.0.78.12:443 | abagond.wordpress.com | tcp |
| US | 192.0.78.12:443 | abagond.wordpress.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| PL | 79.96.92.169:80 | 79.96.92.169 | tcp |
| PL | 79.96.92.169:80 | tcp | |
| US | 8.8.8.8:53 | ads.safesellerz.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 8.8.8.8:53 | therealrapgame.com | udp |
| US | 199.115.115.102:80 | therealrapgame.com | tcp |
| US | 199.115.115.102:80 | therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab8AA3.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\Local\Temp\Tar8AC7.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\Local\Temp\Cab8BE3.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5b5f7ee5b641e7595dfdfd204fc18b96 |
| SHA1 | 61fa136685cd757a0e5dfc59762b127b47622d3b |
| SHA256 | 431597ba1236ed359a6df3fc9efbd4ef443e859819cd9e66e687f2b7e1e6e183 |
| SHA512 | 9f548253f2c471106d65aa62763f40ad47d7221473836414f3c8770d51863173eeab1e9fbbe6e7cde4aa4bdc0d25133fa97ddbc762f491863008ba462905e57c |
C:\Users\Admin\AppData\Local\Temp\Tar8C17.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 83233885949b40b0ce76055ea3ed7c5f |
| SHA1 | 3bfb776622df6c45c512ebe59d6064886c74129e |
| SHA256 | 7965b52034ed3eea5d8f6f1e8485435430d0d9708ecca1a8f92d9c1298dd345f |
| SHA512 | 7eae8bbc16848a419bcce31351bb5c4e5640531972ecb645f437a4a887d219ad498e26f28eb4bc1026fc494ee6bc8c1b062b0da2139bcf150d6f9e84eaec7f45 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 36141d2a7e6ea51a6caa8a9a73a756fd |
| SHA1 | bcddff86b50847e7cdb10ce1091db6f27006fcb0 |
| SHA256 | 20558a473e6ea2e2e276e99810c3bcc9ace765c3074814166ce62f53c2d3075a |
| SHA512 | 2b25e7fa9f8828a383e0bbf7a563cd937ad461ecfcc46e72c45e3151cf202dace5e4a02285ed7be974e8d7f3e3d250609388cc302c56afa37b35f2fdcce133e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9ecd45957fcc3f95dc58dbf62638619f |
| SHA1 | db85b1b40acd3330f581513de368c7cd2275e7f6 |
| SHA256 | 94633798104594b40b7699adc92158d2eae4bc4be0e3ebdcbc37af47dca01a3f |
| SHA512 | ff81b2625e826fbdc9732af26abfd7497d2e1ae85a37cf41b9439a872286c403104a53959a0411ec8e6ce76043be6bd066194d4596add745dc8019800eb3ad78 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 06b9552c793d622f5f2039b92e68047f |
| SHA1 | 99feedf3d57d0d86e6f08f176d37499959673315 |
| SHA256 | 289f594e0d8dfccd2f0c2169aadf26c27e5fd948ec77c320f5ad92c864b79efe |
| SHA512 | 301d40b73ec5f65539a62c8f9247570eb7eb536168e7a9b51f86e04475350e34ec726ff5c41ed92a51fdefd9f51c433543d88bd7983deab24236bd3fd3170047 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 609bcf590ca8987aad235e5e38a468cf |
| SHA1 | 44a479d6a86bd3353dca49c9d0de7be4e41f572b |
| SHA256 | bd2265596b65f7adc6182ea18d8df1ac9a494bc75a74be060bb756b90d76ad93 |
| SHA512 | b74b8dc3d7851933e8faad1095751fdc9b9b14c148d6f2182d044487b2b2355b39af3e6195779f784ae8f76b2c6a33290a431a563f203e1b2774ee36de0c4955 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 150d1a5806251a73f978a9ed18ec3550 |
| SHA1 | 2e73825e88d3c89af0f96339c0d0c8a72365b009 |
| SHA256 | b385b603e5e8e1654383fa940ae17411122eacdefbe47effcae98787299c9035 |
| SHA512 | db8ad7b8cd2c6146ebbae513051736f33712f72d092bb7e3de3a06ccb36fcb16828c1eae07d356d11abd6e049f9ba90ceb8a15f3ea42778a1210301af5851413 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 79a4717160448c7e679b95037bb41864 |
| SHA1 | 8e671a2ff4a35378e1e091b825987c6ae160fe9b |
| SHA256 | 915aab5675c436e34e5d822311b70183575984f95c3091b29b0748607d8afa5a |
| SHA512 | 8acd46751a1bda90d152e4e65088f4c18dfeb2f3c820c7af4face6e0694ae97a07032a0de586f3e9603c93543ee18b432b77c64c8cf3b6dad762b9565dfcd54e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0b0f9076e2c777243cb2bf0e62ab2919 |
| SHA1 | 73f7d99a8a34beb17f6637605bf43f963590f50e |
| SHA256 | ead8a3ca9b7edf298c4b30ac77bf9c4b78170bedf0dd30aedd1157f710ceab66 |
| SHA512 | 3a5a6ab945e5fc079ea32067978cd5f1863f6e7e1993084c8d144620ff2b20eea11c2a4357b9333d4d1e847bb950f33f1f27c9fa8ed0e5f225abf47daf226600 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8f27fe87228127170e38ccdcdffd71ac |
| SHA1 | a1b7afa6f93b1ba8132cec58ff4b7bf837390547 |
| SHA256 | 4c1530a05f516ac9a810d6f81cdc5cfd7a9ace84fd13b973234ba44c5fdf45ba |
| SHA512 | c1e0f7c05ff3cb3e0a9d5f322334c234ad00ded50de58fbfa3f6a1397f576b130db3df1a8a17891109f40137673cd57adbfb9f6c6dae6c31d67d8449acae7e6d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4788b5673703c860303620f126ab118e |
| SHA1 | 24fb59f36c8b3786ebda1ac0247fb390201edf22 |
| SHA256 | 40aadee7ffd2154de233fc449ae627eee1a041b9d14106fc5087712350ea9e36 |
| SHA512 | c083667ad65037e2fb914aaabc25e118b5dd2f55de7f262334045c183c77942af8fe28b2e5cc99a9f9278b4739cabaee2b4798694b4d362456318fb14499f2c1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 32091596d509c7045f6e7693761fed83 |
| SHA1 | 403811ddec56b0c7e17dbdbb0f33bf5f8167ef7f |
| SHA256 | 3b3ff64fd5cda4e15803eb927a2812c08da9c80a15dbfff9009f70507734705d |
| SHA512 | 9eed5d49ae2ef215d5d1b35d84b117f63635529a886a01e08960e9e3786387b9b1381d6c4180878e9f1d316e85021e1af9314f561aea5feb262eb65a315d0092 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | fd11bfc15cd7b67af2505ed2d57bc70b |
| SHA1 | 36bac5f6cf140831014e7e50b3ed6391b37a1b11 |
| SHA256 | 47cc77b0bd71ace447b1ec86893a1bf73507eeb92144579610f90a2315ef9418 |
| SHA512 | d297e8a4bd88ab40c4463fcc6bceec4ca7c8ab2f9756efce88fa521b6886e08dd0d68bfe0cc55dfb42789bb5d378f6dcbac0fb84fd84113568de5b0f286e66a2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8cce956e821b2eb574cbeb51d890a209 |
| SHA1 | 04c537e3f80e9facd2505eb353d30ee0c3108cbd |
| SHA256 | f7cc0cc074a5b0bdec01e0cc265e64357a0dd33aec7bb815b0640f3743795f55 |
| SHA512 | c6856dfc77f44e72b468d8702852899fa9220520bb83518bcdd9affe2c16bf10392580864a39b440e8d00d9a39b5de69459de54f3fd5271115192582adfc63f7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 23ce21e5f14f1dcac83f242e5a2b266b |
| SHA1 | 6ea8571dc214707bb9894754d51ed1c657c1241b |
| SHA256 | 9cc38104e4aa06897f0e1cc8cf16e0710acc776023d4510bf0424b54ef0475f6 |
| SHA512 | 0bbfce72bf1f8616521de652d73468fa8a4ed80a16fbe4a0517a28dfebaa6b2436600660be3a23d61cd9f7c41fea2ae9c54b1747444e1f89fff00f0c88c99198 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d9f6a4e5b300b56da0ae0bfb104ff5b9 |
| SHA1 | 35fdafaac86f54e1229d4efcceb8043979038ced |
| SHA256 | 0afefded4e1beeca360f3516f30d41b173a90221df53e9eb3c1b9b2d909d2f02 |
| SHA512 | 192dc6588f68ae6f95d944b04073155bed1dc07646c3f32d542fe2a43c8db66012d6460f85240109f479e78852ddd4479311fbcd394a0e3dc81fd77012aa6524 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e8f5aa80be0b57c05fdf93d75159d84a |
| SHA1 | 8a75cbc4d642f7207d9c7f0225eb9af161f44b5a |
| SHA256 | 21561d35ef48ad060b27d7f57c91a9671f09920fd45cb6c496a2ceeeab929b91 |
| SHA512 | b543a1301498af3b7f1374aad69ac5c20f65b0ef9e196255a9b16d09cc185651c978e8043fb0a1c914577878d5446e4e5c281f2736cc7db61a666c97ea5f74e9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 12b7db2f44feed7c442da1dcb2b8ccd2 |
| SHA1 | 7d3bb8dd888ca55f7327907b3985b0d5185ca9c2 |
| SHA256 | 3a60e5615b9f12677041a1e478702050c4cbe4838ccb701f9142ece5b97e43ee |
| SHA512 | 2cb4e9f9313d39db80104b6843613cfa679e497c65ac25ae4c19ba4fc4f6b12aec8dc27cb4b78b6a09023a618550d72fadf8da18b5bd3d42aeaabea1354818ab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 11f5ea51d41d92204839fe65b70be45f |
| SHA1 | 6d551709b5550cafdbf11895b3c279dd59f7bbb9 |
| SHA256 | 429ba3ab0a1d51a8d87540af964966b3e4bf4cf59b518d60c6c7555f844214e4 |
| SHA512 | cfbf59711dd6a82b005edaf43f732445272fdf2d0eac307c5c05c277f1ae593ad5440c07e7ad2acb7141eefe0e2005ac7e34be553c75694d50ccd18e1e6e3c0f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e13553a0e2725ca86ca7e255f0ce368a |
| SHA1 | e0187fc9062594f81dae2ca56cc10870eb458eb4 |
| SHA256 | b936752b7588a754e407ff5f656262300381bb3c63d77f6f17f8b84cd13a3f2b |
| SHA512 | 9ce22cc37593749309b1d018405223e07174a77ee3bfcd811d333ba84af921cddb21d22d2cbb134ccb6650c7df92fef9991e1a512acbd76b818d5723cba06e3e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 90d51314e6fa5d97aa64b44a10307df6 |
| SHA1 | b5e2a5d4defd12dd61457b5a881fdef1e13ecdf4 |
| SHA256 | 2ca329eb273a2cae659b7ba14a9f219fff1a43de09bc2276b22a2ce464d0fb1e |
| SHA512 | 98b10744195526c026b20c395a37e6c48183a82ec9aaa544a3ac8c25885b1bae79a391ca3fe1c66d897a29d1309555f49732eb0c64805b5f369f42078e857ab7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 51bd44cb7b5872a306ac059ebc8ac4b5 |
| SHA1 | 0dbecf325dae3daa6b1bec57405df142b9ef3547 |
| SHA256 | d19495be99049ad62b06af68254139fd01c95154cfe5a771a893c13fbc1c2d7d |
| SHA512 | dc986f05a2a5cfce03b5d1c34559c2e31f0a1597979883968a0fe7f1d6a71f29e70c143d4a557fd99d4f96984b6d2d1755c1aeaf9ec84640f98b28b40342cfec |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | facd7c74742eb76a18bc30170ec09cb8 |
| SHA1 | 9777c1a46404a05a8adf630466a4ee67286b553e |
| SHA256 | 072950d5febb8b17cf9ba78e6cfe25a0a27f699774770c5d63b438d335bcb6f6 |
| SHA512 | c30141ba5c354f667266fefb9d1483c65754bede0f20dd63152dcbe2a1ec6f43b60db5bbb144ad6e6b72108ff212a6d3dca646b43119350a992e66d52eee1d80 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 62692928aa311319e33041a5323e61d4 |
| SHA1 | 15249866060a895af4a1e540d5eec16e0ba39768 |
| SHA256 | 6d92454d551b3146d1f58572eedc0197f92b616b00e92f003689638b4af579eb |
| SHA512 | abe820d98d1c50ee96de548b433b462785571c30c108eaaaf3ccca9bd7a50e24f04b0c0b3335f7a694c1bfbc14b170485a7636fe25a72e01e9b451d2485e2e80 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b70f99091a806dc94ae0551ea4cfa62e |
| SHA1 | 4343f7a03d81b396beea9b0b23c09182da4c57cc |
| SHA256 | b81029a9caa431151d94a989dba90ddcd2aed6f84dbe5c33889a6b1ceeda46f6 |
| SHA512 | aac6761f3098f750f45d43e1a7e03e85bb4fc5e11b587f5491516a8b938a8bb9ddf25b8a55e81d55c1b52b4865a53e7e28cb60635603b6b23c6b8f283c303ce7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | de3683002d452f6adc7fcaf6186ee74d |
| SHA1 | 2dcd2cd51eb3d90b23c5071f814220bdb1b3fa7b |
| SHA256 | 1a9eb75f8374902b5dcf215886f72a971b82e54229e4fcf8bd4de374742c96c1 |
| SHA512 | 25b00b1526bb8a8bb807dd0ea56dcb2ae2c1dd423c2b9f839f3f83548896358e5011db73e74029cc34d40787153816badbc07121acb7502c6e1ffb80d1feec75 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1db6237a150affe9aa5f549eafe094c5 |
| SHA1 | 91976d6a5895b7fab80072a632009ddc50596da1 |
| SHA256 | efbb3be3b184fd708fbd0caeef6fea5e1ab83320af8b22572ebe8a16d75fcebb |
| SHA512 | c604c50ec162fbc1d079768663f0c18292df7a40379384bebe23c2081d9e8831d586f2019f1de035f2d1424fe1a8873e6d4212638abff14c625c95d5dfb611fc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 298c8f15aa34f33a8b279ab99fb19725 |
| SHA1 | ae4e8d1a586f6d2cbaeacdd624fa63ea67bdb659 |
| SHA256 | a5657238884101494c7a3ab1208f515c88da9aefa8024baa889dd55ecdfd0fbb |
| SHA512 | 4714645c2c41bd2510c2a8a719a91724e4bfc92561ef28a6b95024baa8760f4393b4ea85df1deea5f24191b374ea6761e07f2c2db28404b85ab4f47e06fa1297 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-30 01:22
Reported
2024-05-30 01:25
Platform
win10v2004-20240226-en
Max time kernel
148s
Max time network
152s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\82a2d5bfb6890887c4ef9732391e5d2f_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4076 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=3952 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5576 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5528 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5984 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=5952 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| GB | 51.11.108.188:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.therealrapgame.com | udp |
| US | 8.8.8.8:53 | www.therealrapgame.com | udp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| BE | 23.55.97.181:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 2.17.251.4:443 | bzib.nelreports.net | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 216.58.204.74:445 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| GB | 216.58.204.74:139 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 8.8.8.8:53 | www.24hrdimes.com | udp |
| US | 8.8.8.8:53 | www.24hrdimes.com | udp |
| US | 8.8.8.8:53 | www.24hrdimes.com | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 8.8.8.8:53 | 120.72.229.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.42.65.92:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 92.65.42.20.in-addr.arpa | udp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 96.16.110.114:80 | tcp | |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 13.107.253.64:443 | tcp | |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 172.217.169.74:443 | tcp | |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | www.therealrapgame.com | tcp |
| US | 8.8.8.8:53 | abagond.files.wordpress.com | udp |
| US | 8.8.8.8:53 | abagond.files.wordpress.com | udp |
| US | 8.8.8.8:53 | widgets.twimg.com | udp |
| US | 8.8.8.8:53 | widgets.twimg.com | udp |
| US | 8.8.8.8:53 | www.vladtv.com | udp |
| US | 8.8.8.8:53 | www.vladtv.com | udp |
| US | 8.8.8.8:53 | badge.facebook.com | udp |
| US | 8.8.8.8:53 | badge.facebook.com | udp |
| US | 8.8.8.8:53 | ads.safesellerz.com | udp |
| US | 8.8.8.8:53 | ads.safesellerz.com | udp |
| US | 8.8.8.8:53 | widgets.twimg.com | udp |
| US | 192.0.72.28:80 | abagond.files.wordpress.com | tcp |
| GB | 163.70.151.23:80 | badge.facebook.com | tcp |
| US | 8.8.8.8:53 | ads.safesellerz.com | udp |
| US | 8.8.8.8:53 | bitpay.com | udp |
| US | 8.8.8.8:53 | bitpay.com | udp |
| US | 104.18.78.118:443 | bitpay.com | tcp |
| US | 8.8.8.8:53 | www.vladtv.com | udp |
| US | 8.8.8.8:53 | www.vladtv.com | udp |
| US | 8.8.8.8:53 | abagond.files.wordpress.com | udp |
| US | 8.8.8.8:53 | abagond.files.wordpress.com | udp |
| US | 8.8.8.8:53 | badge.facebook.com | udp |
| US | 8.8.8.8:53 | badge.facebook.com | udp |
| US | 8.8.8.8:53 | ads.safesellerz.com | udp |
| US | 8.8.8.8:53 | ads.safesellerz.com | udp |
| US | 104.22.7.109:443 | www.vladtv.com | tcp |
| GB | 163.70.151.23:443 | badge.facebook.com | udp |
| US | 192.0.72.29:443 | abagond.files.wordpress.com | tcp |
| GB | 163.70.151.23:443 | badge.facebook.com | tcp |
| US | 8.8.8.8:53 | 28.72.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.quick-counter.net | udp |
| US | 8.8.8.8:53 | www.quick-counter.net | udp |
| US | 8.8.8.8:53 | 23.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.78.18.104.in-addr.arpa | udp |
| US | 76.223.67.189:80 | www.quick-counter.net | tcp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | ads.safesellerz.com | udp |
| US | 8.8.8.8:53 | ads.safesellerz.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | abagond.wordpress.com | udp |
| US | 8.8.8.8:53 | abagond.wordpress.com | udp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| US | 192.0.78.12:443 | abagond.wordpress.com | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | therealrapgame.com | udp |
| US | 8.8.8.8:53 | therealrapgame.com | udp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| US | 8.8.8.8:53 | 109.7.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.72.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.67.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.78.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| GB | 94.229.72.120:80 | therealrapgame.com | tcp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 104.244.42.136:443 | syndication.twitter.com | tcp |
| US | 104.244.42.136:443 | syndication.twitter.com | tcp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| US | 8.8.8.8:53 | 136.42.244.104.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.173.189.20.in-addr.arpa | udp |