Analysis Overview
SHA256
199acc2ce225bb98e09960a9e38479c62c6d73030e67b0331faecc9ee307c960
Threat Level: No (potentially) malicious behavior was detected
The file 8fad386755a4698f16cd590383043a1f_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-02 22:36
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-02 22:36
Reported
2024-06-02 22:39
Platform
win7-20240508-en
Max time kernel
117s
Max time network
127s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a230000000002000000000010660000000100002000000077aaf20fb920ca5f4b7de85cdcb540787985e616453118f4db00cc4b94b80e6e000000000e8000000002000020000000a703fe19511d87b95c73bd9b1fe9af2d1566c9e56c6a620bffe5cc252890b02090000000a75d147b220366de1f8fc7e648e872732b812e95608513893d646bc41176ae511c8d761081849b366e59a2f9b858be89a873e7d5323f7cb86bca39e9b7d8e17a36e2ca792f183590a4c08b571665dc37ad4f9df58e46921e0259c97084b435d818de5d201b90f675212d25180a1073fa69d536c28dbd714441350749d6b344a61d28baf37d62130ff55503f8948dc8b440000000ade0d9881fae68137a373c598aa2bc741bbe19aa7cd796d0693ac2be0508d22f91cd48444cf77bdd790d3a1846fa49677ced85d73161a386365c6e34f6875354 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60a4be723db5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000125433b263473ee3312dcd0d28ea113d71b7ae5d9ce9033f63dfd9e5a719b3af000000000e800000000200002000000054f2b1b59b0accec185fd0f707d75c7b635f0fe03238d0ee53c854d2816560e9200000007ed9208e41e74774ebd0e386caf9b81bea571ebf685529fd404ef3a80f778d0e40000000ab857ab62a068760d72eb4cf133c5c6186fcf9bb15cee6cd665e8bbce5873e46992e5195033a95900cbeac87004efd08965894f3ad7686664a648e6816a16780 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423529680" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9B91FEF1-2130-11EF-B8F6-D6B84878A518} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2984 wrote to memory of 3052 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2984 wrote to memory of 3052 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2984 wrote to memory of 3052 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2984 wrote to memory of 3052 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fad386755a4698f16cd590383043a1f_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | radiohrn.hn | udp |
| US | 8.8.8.8:53 | 1.gravatar.com | udp |
| US | 8.8.8.8:53 | 0.gravatar.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 192.0.73.2:80 | 0.gravatar.com | tcp |
| US | 192.0.73.2:80 | 0.gravatar.com | tcp |
| US | 192.0.73.2:80 | 0.gravatar.com | tcp |
| US | 192.0.73.2:80 | 0.gravatar.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 44.211.104.107:80 | radiohrn.hn | tcp |
| US | 44.211.104.107:80 | radiohrn.hn | tcp |
| US | 44.211.104.107:80 | radiohrn.hn | tcp |
| US | 44.211.104.107:80 | radiohrn.hn | tcp |
| US | 44.211.104.107:80 | radiohrn.hn | tcp |
| US | 44.211.104.107:80 | radiohrn.hn | tcp |
| US | 192.0.73.2:443 | 0.gravatar.com | tcp |
| US | 192.0.73.2:443 | 0.gravatar.com | tcp |
| US | 44.211.104.107:443 | radiohrn.hn | tcp |
| US | 44.211.104.107:443 | radiohrn.hn | tcp |
| US | 44.211.104.107:443 | radiohrn.hn | tcp |
| US | 44.211.104.107:443 | radiohrn.hn | tcp |
| US | 44.211.104.107:443 | radiohrn.hn | tcp |
| US | 44.211.104.107:443 | radiohrn.hn | tcp |
| US | 44.211.104.107:443 | radiohrn.hn | tcp |
| US | 44.211.104.107:443 | radiohrn.hn | tcp |
| US | 44.211.104.107:443 | radiohrn.hn | tcp |
| US | 44.211.104.107:443 | radiohrn.hn | tcp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 3.165.130.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| US | 3.165.130.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| US | 3.165.130.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| US | 8.8.8.8:53 | www.radiohrn.hn | udp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.211.104.107:80 | www.radiohrn.hn | tcp |
| US | 44.211.104.107:80 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.211.104.107:443 | www.radiohrn.hn | tcp |
| US | 44.211.104.107:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.194.224.198:443 | www.radiohrn.hn | tcp |
| US | 44.211.104.107:80 | www.radiohrn.hn | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab1FB2.tmp
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\demo_style[1].htm
| MD5 | 4aa7a432bb447f094408f1bd6229c605 |
| SHA1 | 1965c4952cc8c082a6307ed67061a57aab6632fa |
| SHA256 | 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a |
| SHA512 | 497ba6d8ec6bf2267fe6133a432f0e9ab12b982c06bb23e3de6e5a94d036509d2556ba822e3989d8cd7e240d9bae8096fc5be8a948e3e29fe29cab1fea1fe31c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar2085.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8f699ec72c55cf2f12da6f2c688fd00d |
| SHA1 | b3270990dc08c1b013359cea0fe4574009b9e90e |
| SHA256 | 3208306de20cee06dcbc9d1457d959565ae8e3f0888c24a4657b005f083d243a |
| SHA512 | f28f9d663b26001467a784baea208dab04d61b44d2be516ce9080d32d95ba17c6a2c17d22e957cadcc5762d0aa32fe4fa8ecb2aea95cdc566e034e156dd1871f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 665e8d0fcdbbc8b230537a1421b777ae |
| SHA1 | 13eb7ebcb9b53b2364ed65b471d38cd1c90b5daa |
| SHA256 | 5db20ac36b63cc89ea8c927221aba0aa4ed8e61b22daafa6b712c8e2bc6385a6 |
| SHA512 | fbce5a051b35c2cfb745789de28bc9c4aafcc772e7a3e58a90651b6ae72ab9d4fe1de65fcfc4824b8e36d1c75a35472cad62742e2fe648f3a58e5ee6d2891d8e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c57809d982519cefc64a509e7a6aceec |
| SHA1 | 2a72f5f3ed230a3674be9ffdf825dfd1db34df75 |
| SHA256 | 318dfe7afaefdf71a5300ad4bdfba0671d6ebcbc3c9725a011b57b64d263df24 |
| SHA512 | 98e5a659f9f82ec1d6382bdd1707403c56ccf044df06bdc701cad4ec4d118c0eba569da86c867a694cb02ec1363116e1b8c52364c69911c636ebe44e50495629 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
| MD5 | fce68dcf4756a2e4f0c7408d769b0056 |
| SHA1 | a2231f21b228b034192bd1c3740dc13c692f5285 |
| SHA256 | c1a787cfd8076abfa79ca23d00b622e32ec5b28868d173e9c9e94a2b5eaa45e2 |
| SHA512 | 0efab8cb42bd2da5fa445f08eb0eda179293e0e35abb41aa28d411ea70f0b046bfddb4f1599fc62be0c3ddf8cedc55605058ed5220722467e458507fb29b5d3a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 95428541b4996fb67106cbd3900ee911 |
| SHA1 | 60a2832506ecdea740f37ea8674f6999609e8e6d |
| SHA256 | f05ed037796ed9c108f3519da27d880d7ad7489b66929070ce792b83172c8494 |
| SHA512 | 219ec6dd56847d43a529c05d856eca351c3ed811b0f6ae64336ec3f22bc839016e0dadefc396da926c429031981f8a0cd63f2089d24d5137273930c82e8dc3bf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c19818b7357dcfcf83621c8caaa8adf5 |
| SHA1 | da9ddc22ee02186327bfa632476eee16f760fa8e |
| SHA256 | efb7b3188788adf3fb34c8e7840fb41f3fac4756e022639a48622aff142c8f06 |
| SHA512 | c16eb8faea639bdcd91353c834785231f3cf04077834a38242ef831839f202559b4055679448d4688137e03f1ca20ec91242f223c6953c63ff45438c2747e84c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5c4850042b603cf856387e61f4c0412a |
| SHA1 | ea2eb40bbcf6474811715d76926faf64eb5e34c8 |
| SHA256 | e678cd2e36ee52e746782854ff1ea267f871932739605de4c91ebedd91089afc |
| SHA512 | 69c08b99fd54f7af726e9e8be6b0aa64656559584d3bef99d3b1fba742486c5c7fa0f01cb229d5a76af637a7a6892417506f9469a173082e65dc0c4b009ce9a0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7113fe5686f63f79c77f927201fa38d9 |
| SHA1 | 6810ad00d91fb9bc3dd71f379b35623e661dee7b |
| SHA256 | 5e8d66e2682c14cb78da4804aaaa998cda79764b6d44ad2c3e2cf2730521ac9b |
| SHA512 | 9893715bcf561076634510c6b56d6f9e445b07a1b9ffd3a4bd75c89a147fe6ed7b50c7933b979540ee2f8489a81bd7558552bec7dd27f6e35f945b4b14646c95 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5bf59c863f18a694a8a65b1aea6a7489 |
| SHA1 | e894c41e179457103fe5643e1ae0b3539803a6f0 |
| SHA256 | c15c71986b220d178563daea476d679e6ae6073591b7fe653868bf200b291962 |
| SHA512 | 45191193e871631df5a2f0eda05a4088019f2089fe8a60ca0423598100fa20ad66ec2a31ffa8d575664cfc62971970d8bd6de36691af9d043b33ee844317d9c6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
| MD5 | d365ca571df7951d89a326bbe098f6b7 |
| SHA1 | 749bf5bc4521bb6a7037150e0d4c60bc450270a3 |
| SHA256 | 690b6d331029f4d15deb3fa774af97b4113f3af47f4e9357a3bf8e1e3259b96e |
| SHA512 | c8e8de23428f1cca0cd85e368e5e87a90741ddd872e400f445e1e41f6cad923e768bf6e5a4937f338fdd28cd536369ef784cb7acdbd5beb3d5e1abf45e44a7e3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b1362ff43f0fdeb7d73d872d926b0289 |
| SHA1 | 418396f641aab753e85bb60a74407ac57941af0e |
| SHA256 | 30adf6c50374d0b4b33d7f2f28c4ac3d9e964274e3be5de129ee1e05fbb42c47 |
| SHA512 | 90996febbd04ee91a9b310ce3a40108cee17300b2adf3e29959b457af87753d1f3b2fa829d65ca250c017f8bfba64d5d4c28e64be06fc4e85e4b100d4d401a73 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bad8a630e1d8900886a5d57196ef819d |
| SHA1 | 19fe04e4a9a8e4a4112dc826f062db7076ec3efc |
| SHA256 | 0695ae5638ec04439231b939d77d9df90a903afa900e9ed015f8ffcbe48c1cf3 |
| SHA512 | 8ac0fa47849ea7779e064d0384feed85d2d21b4049a757e153c4460aeec5fa8c8e0b43110d47d9c1ee584e0fdec19a79024f87ee7097f001869402ea46561eee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7e1b759090f31e09a566ed57962f44c4 |
| SHA1 | 0d1bc5e5b5e275d893df949bc1df5a78be74a0f9 |
| SHA256 | 54a4e934829dafc0b49d7532efd9acf66fcacb67b729101703e80018349eb994 |
| SHA512 | 9f93f24b2bd7b66cd7f73fcb99863e9a8bccbdde4f1a8d9e2960d4ef08485da9f0255a97779bc8eaba63debddad23fc5309e1e30e94bb4dbc8903b8c9fa2d356 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 687e193ff44c3abab878212bf0a59a23 |
| SHA1 | fc332c514fe0ac59a1b28912654bcd75ef3808a4 |
| SHA256 | 4efee0c5d0b0f63c10fa028b019651cfee66ac695d4e6cb37ef6aa6ee29f9c1b |
| SHA512 | 76162d6564044a418602e08e2225ab01bac4ed916e042d5020da3f48a3926043b2011a49575b076a42ba4105167d78b23c366a8d3d4b119611df6f9b724d4376 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 975b26cf727cb84a33a3a290a95eec8e |
| SHA1 | c0367e6ad9a8b3a371bad96fe530de0578567726 |
| SHA256 | 11b0ceaf209bac00247ba76b50e6a49329b8b025eb628b9bf4fc196f555d5a57 |
| SHA512 | 398e56f701b5b5de7e0d8cbc85fd000340cd16f8036cd6974e8d862b45e717f67b931660a238271e02369d8b752b39ea1233f94433140763ebb5ddd6f87362d8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8c7fc02d8afb35a1239e4a51d23521a5 |
| SHA1 | 59614732a28188a76071e1abf55d3e4fb4f7ab33 |
| SHA256 | f3733c3462ffb9c0ab3353afcadb6bd5585617bb5c6b614a28934e39aeac745b |
| SHA512 | 79736eb4688accfb9e15418c403cdc44b2eaf7445eaa58d0d3f78c9ff4df7c2ffa727c2b57c63507bac8a9601db350b7599811116420c0484121e64e6a622acd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 867e036e384cfd0302f97d8bc4c8bcaa |
| SHA1 | 5a5ab0a8839db4eb686850ff7198903af1d964c1 |
| SHA256 | 2014dfcd49c637f6a534032438b65da32067681e4b5b1bf65fd0229839ec78df |
| SHA512 | 6bdf3dea5f350df11b2cb9c39bf3ee93fc0bfb874ef68d2ffd460e3c66904036b3c1903ce7a0c1e196ea65e8bcb3d7c0290edc07cb59c88997fa3494f7c17844 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d2e8cef21f8b37c0c8f5b579fec3317c |
| SHA1 | 45cca2a31abd7032dc6d7d9cbf26b0eaf9949d01 |
| SHA256 | d47cfa4b52841ad794c21b6ab19697ecce8f17c23975afd230b5789799d8582b |
| SHA512 | 713e2c9e779a711c404dcb933ea3633f2b4ebfb5dd0f95488e001870f13cb1082304aa70470f14c35811d989a135b5a34400ca2eb7adebc39cc9d977ab22d8c0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f33f93b03f508468c39f79b55a1dca55 |
| SHA1 | 69ecd2d9fd52c5a9ae0252f11cbcd3ffcc64f051 |
| SHA256 | 10a71573362697316a23d3833b4be30c529856ff36165b6aa2f6671e8e661760 |
| SHA512 | d492f90e3b513a3fdc4ff89ccc38de5476f3c0ca7a69cbc19e53aa866b66321aa637a9959f81f8cad20a36957933c4ef5ad1220eac803af588034226ff243cd0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8ed637bb96ffa7379a059fd9dbde3f4a |
| SHA1 | 7149066180b130891f07ba2038bbaf1887e37f03 |
| SHA256 | c7220da5b2cae076e9ec067e7fc940222187781db4e09b026615d8a2686d5aa8 |
| SHA512 | 4ed0b97efa2147afa2f9ca1b7f9051b70182091c341eb75bfd07a5913292481fb36c27d780780c46ad50d48323e961fcc599f92c6162488383d8585d821bbfdb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 29fae949449b1ae95ab673e874cbc7e8 |
| SHA1 | 717f4df72541dbbfa81e42cb179eb785958ca234 |
| SHA256 | 19a7c06bf1a9f2b5ae7a9b0f8ef82ba347244325c96e2e9a63a74c167ecf1757 |
| SHA512 | 43035753b6905287a28ebcf3a8028f9fa6158c37afa77c88fd1215251b51c5992f0214f05350e7b3069fa6780f4083b35cff34b32420482e6f23855ecceeb8e5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a0e60413686443e9167f37399bd3ef64 |
| SHA1 | beea4aa378d1ed1fad08976cbf07aa9d86e3d57e |
| SHA256 | 7084401a4836abbdccc9e3413c07dea580ebc048556a357b10bb41a277ccfc38 |
| SHA512 | e6d886603e5a8df0334d32589f76f9432dcc05c1ab8e4a62bdc8ca4aa0f4adce6e90433ecc15ec816b09fd09e10b1ad5441807ef1a3dab08784229ae29370e8a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b6e08fff6a50d2f0efd6924b08ebba1b |
| SHA1 | 29e7401980caac51cc2c043c9ab9df40a553d220 |
| SHA256 | 6cd05e09d57adf2404d923c80b89747511b8a5e9bfee090a8e4f92b455f991fe |
| SHA512 | 3d55d564c5ce4c378207cb567a507a55c938094d00400be82e857bb8268b071d5e0076c6d48dd1b614fa28c76127fb08e2ad7ffa38d25922fb9868da7eda7672 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c5be80f0836940298566a51961c6f48b |
| SHA1 | 75fae0cd8768ca294a6488d78c8fb6f518507bb5 |
| SHA256 | 33af70379600a87b10ae87fb8b680fa47c824a500f7f8b8d9bb942e6474fe38b |
| SHA512 | 9ab6930ac27ace4776e27993ff88d00d6388dfdd6a2773424326ed685b553e98a5176b91795510f8d7e6dd88bf735af8a2bf7c7193e33280b292fbcb65d1fc99 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7b8ba034b30618a5327eaf439c1f9d9d |
| SHA1 | 79dd92c1e6b7756d19a873f25342307ff7e4cf46 |
| SHA256 | d44d4da940089deee74b1be5b071f8870f1c5526658edb4616df7d98e6fc7e84 |
| SHA512 | 3e24b06e3f9900e3b8de6ac716d78a03ad58c43943e5ce08f7f49a187f6a622406660e680ed212bb9c9afe8ef55e44623f295e2afdd7df5c113c8daba2c83322 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fa1befbd2d01263b5e8c4b38c98a4a32 |
| SHA1 | eae5c1b4a14081fb6f68759af75e58cffd368b73 |
| SHA256 | c797a39e00bd95ed331c11e224987b7c74d2faeb1f3f17c0ba9abc96fda36716 |
| SHA512 | 912d9ba4754c57ed155e01f4e820751ebc5ebad22908c096c70aeabee315c29f8cd40e8d1d386af8a3173729ea764adba4ab55e51872e47b534cd4c3019fe27c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fb620b2320eb66e36dd9380c36fcb066 |
| SHA1 | f40b3c00c3b9813a5900cf6c488e9eef5a79ac33 |
| SHA256 | 1c5a56921312ae13513fbdb1d5ef597c2680815eaac873da6d9acbe9942ed88b |
| SHA512 | ee200182ed753badd21728d335f3528d218532a3ab184472bd62e577a364e04c151e4eb90e31e2bd8476dc54b4584cef4f025a8feadb7a53a8a152be3101d50c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 61a4d9ace3cb0bc11ab96f7ed9fb7515 |
| SHA1 | 688c529d74cb8f79403cd526a7d89bf588b398d1 |
| SHA256 | d12a3a14ad448d5ab775914958bff6ee3ff0fdc67ea14c1379b34b0f047702b2 |
| SHA512 | e6dc1583a7e71c4f802b7f0aa241530b8b45b23906c66aea2b2af5c40d09a1c65f324441a7388908a52f8ef547232fff06c13993a855762ab874ecd30592b1a3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7012a70e7e46e54bccdfc327fec3ec23 |
| SHA1 | a2a28452264c91e393e00ceb1a54dc086f49fc4c |
| SHA256 | 8e6ed66ebe40e20f3d7683701babe4645c616ffedc55a969061a4f4033724187 |
| SHA512 | 452f29f3fc2a09ca7af638fce7ac89af509ba56a618a744a9da2aef2d5cb66b60efa9a47c321a4da733ffa9b9db6c3bcbf49e32e6f7ada3b8e28020006a02115 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8c8f02b1f456f4158f4de7e4fe734b53 |
| SHA1 | 5e4e4f88ff5bef44606f74c3de1e1cf5da99a402 |
| SHA256 | 952e922d4e7c76d3d14257cbbca4b243dcc5b00911be29bf53d9f81f07888cf1 |
| SHA512 | 3396e5ee6043a96888b696e73299c8408f0cbb7b4f73c91cc3f4d5faec660260fc962e94cd0057f085fb1d492727b42363854618e478581d908f241f79752eb8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 89da34051c738d8efed935978702de66 |
| SHA1 | 165f5fbfc7f8ebb4e078a2dc3c37f78626a52849 |
| SHA256 | 3e85f8e85111513cb2debf660151292985fd09d957d8893ccbb1e22bf26e098f |
| SHA512 | 1f5be29126bb833315aff547053a9c496f28f5a33bed5e05e4b36d562fec7dfb2c231301efec229477724d614a4f6ec4665238fc566edd1df11d185d0f25062f |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-02 22:36
Reported
2024-06-02 22:39
Platform
win10v2004-20240508-en
Max time kernel
133s
Max time network
143s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8fad386755a4698f16cd590383043a1f_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4252,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=3828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3880,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=4904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5292,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=5312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5452,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=5520 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5464,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=5560 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5908,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=5976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=6132,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=6116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=5352,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5828,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=5684 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| GB | 104.91.71.140:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | radiohrn.hn | udp |
| US | 8.8.8.8:53 | radiohrn.hn | udp |
| US | 3.91.117.0:80 | radiohrn.hn | tcp |
| US | 3.91.117.0:80 | radiohrn.hn | tcp |
| US | 3.91.117.0:80 | radiohrn.hn | tcp |
| US | 3.91.117.0:80 | radiohrn.hn | tcp |
| US | 3.91.117.0:80 | radiohrn.hn | tcp |
| US | 3.91.117.0:80 | radiohrn.hn | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 23.55.97.181:443 | www.microsoft.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| US | 8.8.8.8:53 | radiohrn.hn | udp |
| US | 8.8.8.8:53 | radiohrn.hn | udp |
| US | 3.91.117.0:443 | radiohrn.hn | tcp |
| US | 3.91.117.0:443 | radiohrn.hn | tcp |
| US | 3.91.117.0:443 | radiohrn.hn | tcp |
| US | 3.91.117.0:443 | radiohrn.hn | tcp |
| US | 3.91.117.0:443 | radiohrn.hn | tcp |
| US | 3.91.117.0:443 | radiohrn.hn | tcp |
| US | 8.8.8.8:53 | www.radiohrn.hn | udp |
| US | 8.8.8.8:53 | www.radiohrn.hn | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.6.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.117.91.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 1.gravatar.com | udp |
| US | 8.8.8.8:53 | 1.gravatar.com | udp |
| US | 192.0.73.2:80 | 1.gravatar.com | tcp |
| US | 8.8.8.8:53 | 0.gravatar.com | udp |
| US | 8.8.8.8:53 | 0.gravatar.com | udp |
| US | 192.0.73.2:80 | 0.gravatar.com | tcp |
| US | 8.8.8.8:53 | 1.gravatar.com | udp |
| US | 8.8.8.8:53 | 1.gravatar.com | udp |
| US | 192.0.73.2:443 | 1.gravatar.com | tcp |
| US | 8.8.8.8:53 | 0.gravatar.com | udp |
| US | 8.8.8.8:53 | 0.gravatar.com | udp |
| US | 192.0.73.2:443 | 0.gravatar.com | tcp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.73.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.117.168.52.in-addr.arpa | udp |