Malware Analysis Report

2025-06-16 07:06

Sample ID 240602-bfqd5aea49
Target 8c67b9c505945acc2439908fd3d87a82_JaffaCakes118
SHA256 219d31e9d9a192e1549add3bad910614602347d6b9ab3294cd2c160086289ec1
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

219d31e9d9a192e1549add3bad910614602347d6b9ab3294cd2c160086289ec1

Threat Level: No (potentially) malicious behavior was detected

The file 8c67b9c505945acc2439908fd3d87a82_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-02 01:05

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-02 01:05

Reported

2024-06-02 01:07

Platform

win7-20240221-en

Max time kernel

120s

Max time network

128s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c67b9c505945acc2439908fd3d87a82_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423452195" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 4020ca0689b4da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{32425C11-207C-11EF-9387-E25BC60B6402} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000371cc6f24b44464b999d3e12b12374c2000000000200000000001066000000010000200000007e5153d2222e006a646bb55a7e2cf1cd9d5797a7e935467a8939bcf01f310db6000000000e80000000020000200000007fc598e57b085106d310f176cb0a78a6cacc59d7f7f7879ac40e8be5ecbe48799000000087112c2c0a44b796d4aea7ed4b9009a1d2a2aaa08ecd5e07d9920bc521a87d444bc4b1775ded73783a052f2035cadd3cb0112d0a91608f3fdd82b376378130af5f2d0eb553fbe6cedd7669df69216c4645c333a48e8d83bb40aee042c094b577023ff607916a63590ab78db3a7175f9fc65638e1096117864e3777a1a805b5e056e3df432f5a236a16ab35b637a4775440000000c5ea4cbadbaf4b8bf438f1b53652a041cf0589456d69ddc7f61180119e2a7adf324041b4a49597f03fdccad207273fb7bb646fdc1662b8b52d8d5cfe8bd30316 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000371cc6f24b44464b999d3e12b12374c2000000000200000000001066000000010000200000008f42ccbe7c88f1fc0f46ca6d465185ed7637b161f43741aa16a594d6dc84c9dc000000000e8000000002000020000000d5aead97873e7db07736ae93de00bb5f691eb283e501267fa29970a41c9a62042000000082275c29c7153985b3f880c739740e99b67db2a6ac4928569e45d42f15cd3f69400000005068b5d0a46c0cbe5a59cea420fb50faba527e4a1f161e72c0c48449edc03c090508832b039b1b5c0801a766d3372316183fcf3f2da0aa46c0541377419a6adf C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c67b9c505945acc2439908fd3d87a82_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1936 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\Cab257E.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar269E.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e16de1ad4026317ee4032d0996d5f968
SHA1 45b99db914dfbf749cf17aa50d67448ff59ad548
SHA256 fcb709361e2d465d0089ee2f5f6d5ace6b4e7bf703d8129e853e16c7ea63973c
SHA512 7ddf8142e74e075ac75bbe10d061f5663792b7d9acf0e9848571a7096a4f25185b4fe1d9354c61a90dc24c6bc11acccc3f99d995c44d29eb2d560c93199b1bf9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d4d4a7a75ae89c8f456cfe9babc0474c
SHA1 4056ffdeaa47f8d601add7e09f127d00ef0a7368
SHA256 bbca1acbf7b592e1e3a792e7bc236a5517cd96e6872342bbd177979b18653603
SHA512 d64bee4137f98568a97ec6005b8a5b9c4b8e9635f5b700fac1abccba13beade0fb5848ab0382c906f88aead480b5bcd05b289e8e9b9d91c0e6a86e2fe23cd274

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 770e9bdd39fcf909cdcb7434a594f50d
SHA1 673ad61690b357a7175a3b09993e7a5831d7a545
SHA256 f7f7cfab0b6063f98d54b1bac439205c6144edf7d1e9e0fb2ebfc24e602667fe
SHA512 6289955bb639538ea2a1938376e996018f2d7e602b4fefa9161f619f53f611a976908dfd8726417d3374726b51fc6532624536c8d36ea9c212671139056844c3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f095ef1a222a597f769ca05f239a8f8f
SHA1 7fc9e5ff226acf5ca166e32a46357d2eda84a944
SHA256 0467679e8e139b853a0df0e6a4dc8f3267195770426b6943a661479be094d20d
SHA512 bfdb726a06d7f55375684cd2f29cc6a5c3aee6085772508e4d3c8dfb2990f53b187dc58a0c9e4eed316e1afdb37ed2ada26fa668f88211eea2b914f28697afb4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5aaeaa8b01e27f725090bde5e9550b78
SHA1 ce334c5c1e133325040e670550d73544a6820477
SHA256 d9adf48762002234a261a8845d89eaabda7e23281fadfbe12b056369a9d69996
SHA512 c73254c3878e91512eceeeff01fff53f52985e218f5531daa530dfbfc1e0cd9364067e928db72f85e5de5b684d36387c9faaf88264d3ff04d843b088e047f320

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 64db4261a2818b4c5eaacf81245f1c83
SHA1 f5f5f5710e8b2dfe6e5bc64cdaa8236805f2145c
SHA256 3ed0531b5e31b043bfe38d6c5218a42bc7f3e88fbd5bc960fc3126e1d7f8fc08
SHA512 e7493f0eab9293ac5f42a6171f280867b12616d5be7435465f461315111f5a8437d6749566a9e25aa9c824a61c903ce41acee96da98fa6c871f3f15384c6e2d9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ee05b1616ce85848139cf393a5ebff9a
SHA1 fa7c1152d0424f856c387489e260e1039c1cb484
SHA256 a7953a8cf767f89e35a13065a036647f6eec7775d13becd0a0ac33e7fb875521
SHA512 faae0fef43f09f3e19103836035b38b6c3832c06d4f1e3ec4a4499c1f0f4502000b1570153a3143e5b8bfc070e7d3aee318184152a1d548f7f67b9867ea9fd57

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cb63e878c86db53ff32f37324c1ba754
SHA1 45081828d06c99a197a5e73baa41e60e015ffd6d
SHA256 d1b6e1d359dac3c2b7bde5405b284387f685151435a8f3721c55305cbb1de3ad
SHA512 ecac2debd771b59d28a4607ee161675e74529057ed1b44a0d1c1d86f8bb4c3b66d60cf129300cb274cdbbe0cf5104ad7cb63728b5d900432e061315a2e392b79

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0b5d4f81bec1f19a0c5683a22aac42d3
SHA1 83be4e84328855dacee36147897047b7360d58ea
SHA256 6d1d53f9b7e3054344bcc4a6a4ca3d353a7513227602668185f3c017c8c86190
SHA512 b2201e9317450035f2b69863f2a2e3634dca360c7a659ee382de2b92cf22e3315e14fb7eece62eb3002cb4d217594ec2049692a62a4aab5f2e74db5744f286dc

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-02 01:05

Reported

2024-06-02 01:08

Platform

win10v2004-20240226-en

Max time kernel

144s

Max time network

156s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8c67b9c505945acc2439908fd3d87a82_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8c67b9c505945acc2439908fd3d87a82_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4928 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5048 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4860 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5552 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5776 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=4992 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 13.107.6.158:443 business.bing.com tcp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 2.17.251.4:443 bzib.nelreports.net tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
BE 23.55.97.181:443 www.microsoft.com tcp
US 8.8.8.8:53 cdn-adef.akamaized.net udp
US 8.8.8.8:53 cdn-adef.akamaized.net udp
US 8.8.8.8:53 4.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 181.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 cdn-adef.akamaized.net udp
US 2.17.251.32:443 cdn-adef.akamaized.net tcp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 32.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.42.65.92:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 92.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 172.217.169.42:443 chromewebstore.googleapis.com tcp
GB 172.217.169.42:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 144.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 208.143.182.52.in-addr.arpa udp

Files

N/A