Analysis Overview
SHA256
ecc5ee4f2a184eff9b2e5db5a42e72512efc4f4fb01342c8e68e7fc406afead5
Threat Level: No (potentially) malicious behavior was detected
The file 8ced791663c0d8235a92c2fbb0988957_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-02 04:47
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-02 04:47
Reported
2024-06-02 04:50
Platform
win7-20240220-en
Max time kernel
149s
Max time network
140s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000c605c7647af81548951480c3fec3ee0e0000000002000000000010660000000100002000000094dfbe50c196e6eca70e573e76c26f03dea2cc11be838e790cfec41215f0d866000000000e800000000200002000000098e1b75838758e7ff87dabc7d7abf13da57f41da2f3645fe6562dd937ad0e1c82000000004dcf678cb7da5c341bb377e6ad949166a3bd654252f21624585bec5ada122dd40000000258be428670fda976e8dc2138751aede624bdc00353d1abd2c8acf9b216b7d7732f9c20c7939b950643f5efdd93337fa2804bf0582bfb2cc9d38fbf370f8ae69 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423465527" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{3D613841-209B-11EF-8A5C-CE787CD1CA6F} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10884" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10884" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10884" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d0e04f16a8b4da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000c605c7647af81548951480c3fec3ee0e000000000200000000001066000000010000200000007d643021cda8bda9030511f37ca82a5a1ffda8fc8bac237a1a5acc2509a0637f000000000e8000000002000020000000c9589940d71e0c638a876dde626b73e6333631a7476c4d0cabc73783739d8f16900000008e516879c9c828dba32fe0ff370cc873859921971446e9907842990963d1ee1d5b03634490c9c71faf305cdd6601142dba139539602f21f81ac2a94e6d11420b19a66d91b38a6a3fbc5b1a9032eec1a5e6ed1f71ab2dda1c955829b4a85f1f470895b1a510281a8d5b9353d67f4c28405d9315f7924f2c08504d134a2e22e62179a157657f112a212e2d0cba1f081a114000000026f574c88c36c5a1a1ad03bf7b750bf08f27cd3e191076f872a759ced79249e0ec3f74f972366f4309fa1f4dcba82cfc755205e089d99cb2c85fabad6e344ca8 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2080 wrote to memory of 2036 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2080 wrote to memory of 2036 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2080 wrote to memory of 2036 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2080 wrote to memory of 2036 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8ced791663c0d8235a92c2fbb0988957_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2080 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | easya.lightsolution.hu | udp |
| US | 8.8.8.8:53 | mozicsillag.cc | udp |
| US | 8.8.8.8:53 | video.vid4u.org | udp |
| DE | 142.132.202.70:80 | video.vid4u.org | tcp |
| DE | 142.132.202.70:80 | video.vid4u.org | tcp |
| DE | 142.132.202.70:443 | video.vid4u.org | tcp |
| DE | 142.132.202.70:443 | video.vid4u.org | tcp |
| DE | 142.132.202.70:443 | video.vid4u.org | tcp |
| DE | 142.132.202.70:443 | video.vid4u.org | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | www.statcounter.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| US | 104.20.95.138:80 | www.statcounter.com | tcp |
| US | 104.20.95.138:80 | www.statcounter.com | tcp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 104.20.94.138:443 | c.statcounter.com | tcp |
| US | 104.20.94.138:443 | c.statcounter.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| US | 104.20.94.138:443 | c.statcounter.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab2992.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\Local\Temp\Tar29A5.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 62f26f0c9e39d505b601271ce1708789 |
| SHA1 | 23282cff7502c8673a6302be62a0590bf1704802 |
| SHA256 | 3a9fa11051fdddbd9f1eb30fd49ae45267fad30b8ecb5a09e0e158af261593eb |
| SHA512 | e1fd75a028d3e1ce32359d1ff4cb8f4bacc7b99a89511438cd37074b72b02b72f136d4e9e6d9941ce8f05dc22ae0cbe3ec111f1f20993e50c9c9f3f888eb4823 |
C:\Users\Admin\AppData\Local\Temp\Tar2A95.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3728c59a9994594d5305a73aa218c626 |
| SHA1 | 4760a4408bba94671f43fd6e76fbbc61766c5155 |
| SHA256 | aa41248c6e543be1f97683589c1e69ffa115f695cca1b60197ade857d7e91362 |
| SHA512 | 76e8712d76267621bd167b6adf4e32fd85bf08d246cf57ce9b68528418db6f0c9aa377a8d5c97032895de2bf87eb5e2005d06df2e0c8162336bac9a0a254a8ae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4d165f520fa4a87b182e4cb6cdb261e9 |
| SHA1 | ff899dd33471c352d2906e10beb5fc31d3bc2606 |
| SHA256 | afab96d26cc4991fe08754fe3008542cfe5df87f808435eac14191de09590808 |
| SHA512 | fcffdec89ee3ea5d27577239cb5d905539b8c98acb161c5e629bbbf57574c299e59b3f6fef8f02583352bb4f3dd0421621d801f656613f992f482f5e1e730252 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f48457d79c78db5edca2793a34bcfa74 |
| SHA1 | 5a344ca26fac38fb3ea41d1d8c0e4232b641a49f |
| SHA256 | 2c9a0eea2ab5a698b1db2190ec607659a485d9ec279810fd8c7d0715fdb4cf6b |
| SHA512 | 138bda212981b4c9287843c03c098e4914def13fe73a616aa3fc1ac319412038c9085c06f77f6452f6f5b58d6af5fb20c5f1669d126cd001eaf1c3c2ce42b831 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\FBXMRWC1\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b4dcacbc195e976a848a3ed59d07d542 |
| SHA1 | af1f14d630d905480fa4afc40419d9a496c6c4ff |
| SHA256 | eea629d49fa469594baab7d2cc22bf234a7f9a946704681b215e9c4210f06668 |
| SHA512 | b30675b29da512a8d11f57d6c661af6108c37fa3f96023ebc41b4fb3eca08adeb112ac67b3cd50aae34478843a68312a0206b8f72e38cd22ca46b3715e8e90cc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ab38ef4ac366d6a3ae95329c67a640c0 |
| SHA1 | 289d4817cf49acc78078b680711bd169b15f5b4b |
| SHA256 | 6bffd173b32395484af1acf96c3209ebd86d73e6d219d5943d295455b4b35c5d |
| SHA512 | 53a45eca8444a3551af1e2f6907c660e0900239466dffdca3ae1896c20043d11429ea109a3e9dd15d7c97f425f3c1c95caf91f42d0cb477a5e2b4e29a8e5b599 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e11659736de7cc8f972f64065a3ff858 |
| SHA1 | 5b108c3ca14dc3a891b2baa51fe573cfe4e75060 |
| SHA256 | 29c71fab6f6cc282904c2dc33bc35220a751fc67dd156f593a98ec6f3cc2d366 |
| SHA512 | 6a51b2af5c32d715c49a8e4ac9e8d3d23c5c903379f6f6f12c6be56a6aaa35fb7afb5e75e15b3e30a283ca65c683fb572adf79fb7d154e4326a07c70832582a0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 770b499292398c910fa3279671bb93f0 |
| SHA1 | 9e410b308f26f14e11d39c844a741d2720a7c2ad |
| SHA256 | 863245221069f8ca725f81ceef3580e53a88aae86e8311f856567069d9347bb8 |
| SHA512 | 1dd8d774c3cd3e0946a30d174d649150423986912b8227476ad9dbbfd218d1e000086dc031d404ea61aede78e1ef59f44a4ae8f4f733fe9016bd690f1005118d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b7ec900c720d9e492b71e9be6e69bfb8 |
| SHA1 | b711fadcac6639f7ea11b2b5e009b8928ae1a4ba |
| SHA256 | b2175cb5d7e2dfa1a96de63333bbbecb58fefc04722912aafafe4ef36234bbab |
| SHA512 | 196f8f9d474d58b5dfba9fab7e689f5b30026cf46db1aa0d7d8f69982155980ff7895e79effeac68818f1edc605de1172077f50980f9f764199b699c00662eed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\FBXMRWC1\www.youtube[1].xml
| MD5 | fedc494c5097f6203ade4160f9872a5c |
| SHA1 | 7a940e28f2d727efcb416fbbb08a24d25d81bbdc |
| SHA256 | f88a5a5e879ea5db87f666436d6ba971fe1b57d1e6b4a6ca42af580a85ce66ed |
| SHA512 | c72c0b3f96a52e1d8d222b2c2c271984638b1ba6c1bb0843cef440479dda0dd62c1385f06b87ffbd8615eb84fc3b743d69554707801d966394d383888770d655 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\cb=gapi[1].js
| MD5 | 0fe383a7ddb9bbaefc3105b3297f5583 |
| SHA1 | f80c9d789f251909c7560bd91a9e1b9a10c26362 |
| SHA256 | d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683 |
| SHA512 | 31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 89b5375f05da2f6abd9af77efeca7145 |
| SHA1 | 4019ed71fe4936b985bd6e95be8a31c1fb49c2ed |
| SHA256 | a67a907cdfb7f24c000bd4704b720169d41d67b2a4b4372553d3a8e92ad5403c |
| SHA512 | 49c7638465c855b141fd8f92bc722e1fdc5bda7f60da8ca2de8d0e592e1fc284bc1431499affe6e4a75c56c8d5cbbb47b00772c2e7b97f369bf71b18c8d5c950 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\FBXMRWC1\www.youtube[1].xml
| MD5 | 9f86650f3c64ae89239cddd629e9bf4e |
| SHA1 | 414967036830c5a950f80f45c5fcdf87e286ed0c |
| SHA256 | a05baf969c17590e4f81f4bd035fc06cea159e877c4c783449a865c10219edb2 |
| SHA512 | 8570f12845d378e2900b24245bd835107d202cc3800d0e0dc94ce3b6416eb60868542a898039eb3dc066e179b050b47c4ab85fdbbec2673805a7d6c5eed59428 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\FBXMRWC1\www.youtube[1].xml
| MD5 | 2ab0feec19a557a467b8fb42e8021f6f |
| SHA1 | 3ee67fdcd6c014588de8e28d9704c2082007f048 |
| SHA256 | 8c1c73d5c28e3c6e08b4e7bc52f9782a7595514cb742fa5a32b950bdd50e738d |
| SHA512 | 2d7eedba1631e8d95c6789ab0111e7be3f145d9a8983a7ab799077d39e694c51034050a480490258c9f729f34fe897fa9440e37df83b3ce37337840879bf5733 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\FBXMRWC1\www.youtube[1].xml
| MD5 | d398bc739cd3f406c30daff4b4a4bfca |
| SHA1 | 794b8e6bb9b0f65d908e7fc5b44d5dc4b003fa6e |
| SHA256 | 29d2bd8c21687d58ff4f2e236604d0fbb81fc0deef8c0b0ecef4c4f076281386 |
| SHA512 | 20dac83475f2a6ab54fa7022fc3233d21089d01fb0cfddeb213863d3222e50ecdd33687fabc2fbc4bf0a4229902178a8bebd5ad255ae7ff69b4d2687d1dadbfd |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\FBXMRWC1\www.youtube[1].xml
| MD5 | e73ed99fb100d4aa0f96a93193827fbc |
| SHA1 | d3778f7e0313772b6d0fe148eeba92190d763fe1 |
| SHA256 | 863bf1fd4f65b8a22df5add6bfdbdaead81b5835ac201da87239db029f719a20 |
| SHA512 | e6f4d4d31fb0cc53702505a3f10a251cd151047c7771069075fe08725acc7a0dead57c6834424fe61ad673ec7ee27c6ebd515afcec7a6c5e00b07a0aad14f205 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\FBXMRWC1\www.youtube[1].xml
| MD5 | e7818b587733a90347528fe8d568e304 |
| SHA1 | 32157d8b9fa0dd3975c286c87b61a3c68d08b673 |
| SHA256 | 66c109b592bc0962f65e5741534370833fc05f37d7ccd7b24fe23ea1122da50a |
| SHA512 | eb6103eaf7800cc8a21891eb1c9b60d4c31d5ec0b671c0c874614a64537ba6ae593adc9a444e9fbbd712ab80ccb8490c64e045b3597b39f26ae64cea8deacd2a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7973b74e7553db7792acca6437893ad9 |
| SHA1 | 9be03cd67d1301ba2f183cb41126ace059a3d607 |
| SHA256 | a98ef5f01a104880de0a831a01044815783ac0d31cd1311b9a67acc1ba7174ca |
| SHA512 | 605e52427fd26f1bb1f850e1abe928dbdee9fe1a28228a2d33968fe6205a89753157f0ea1bd1464b8e1e0baf4eefe536c7a8d910c96189cc4ef5e24f42312643 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6d0bf45e2f23d7a80b794eab2854e193 |
| SHA1 | ed7509994671ced16bd96678a41117e3087dcb2b |
| SHA256 | 7cb89edac6c4a2784745c757a773c3b0d8178267f8a4d538ac50d1e170ece77c |
| SHA512 | 51464692077f0f052d894dc534f24d5574d3598b9d9010d543c3d2a5e2229bba7630ea6f0cb8b2c0f18c285eac73d02bbec86ef74c565156ca29039239ad4a8c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f421ebd1182b35e8361bae611722391f |
| SHA1 | ba0ae468807de2f155974548cef2c487cdc8555d |
| SHA256 | 275f87a3591ad07d17721503f21cc0594e5eaca2381b1b29014792bb12adc53d |
| SHA512 | 036383f4e1f5f5104c8bf5c57eb518a0e611b17d83fc214e024ca8c7a1bf2cc9373b0586b6e236afc8fbbede81bc633089222874f690757fda56b23d159a99cf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c85e56c0116843d02047fbf73acd2af9 |
| SHA1 | 398497fd7eb0d3979ea66d8d3acffe042e6c1fa0 |
| SHA256 | 69ccccb66ac8a0b3d57862b6cbe34af9efe97188e46fb1d594b4fd956b104759 |
| SHA512 | 81fd3546adc798ff5ca8a065235f1ecdf2c3750e2d0a3d8b3a273b64de7ee4c38e6d50e2e7d5db1da51ae1ae068ef626c3b09771ff21f1cf743bc829a707ccfe |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3708b6f84b90e7846a841b0244045704 |
| SHA1 | 6bfc0b66866b9f6bf62498c79a981235b0a0cf69 |
| SHA256 | cfe7c1c15a4983a2902e7659031c4b5d5d37760ec89c889f43a5b815ae31bc55 |
| SHA512 | 6e8b098c207590bd7d0ec7b390708caad8c0a0224b81231869223c2b1b9f830d14f41dc69a4d3c94c656897ceec940af180bdaab51e4f644b3d9e03a7dab041d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 45e60d22ff7486af1132b42a8404e776 |
| SHA1 | 86704720916dfd5b27bc8cdd3dfb224bae86b467 |
| SHA256 | 7d8897232ae0ddc80ed4b0b59b8c3251eb05c41e6d2ef6e532956f359694a56a |
| SHA512 | cb3673a49641d8243065b02296af0a9fbb3d5ed3dd75bce9d655bf9e7f8b857f43ec6c3ac9029a0ddd4d33ad2316c08bc8472836f18ae8f27a255d27bf6d3a67 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 113d4f8615e414c6e3b35588b56f2da6 |
| SHA1 | 67436fc241f3488e9bd5222856c910a03b6054d6 |
| SHA256 | 0ca60bfb5f9284e9bb20834b755e405ac2284e5f0b1e9f8a6255db970427e34c |
| SHA512 | 6862f8e1aa7f18dabe1fef98324d7d4a6796459674a9830260e5aa631a4a982ec3af0e5caccff0ad344af2588a71b0c9ea46e9235b022f979aa875fc5afa7545 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0d57e5d05b2f06fcf6bd08db6de2d598 |
| SHA1 | 66efe746a9fe654f49af3ffe9af4364e1e67fbe4 |
| SHA256 | 50cf2822fdfbff225e75e038c216ce55af63ed124810e74d615533841a245570 |
| SHA512 | 4e75817cc6a1fee8422c1f11108a0016069d26c27b0bdf52c58662a1ce71054e2977940d63ed8a5ad63bb26351229a868a553465ac10004fcbdf0d6330524718 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2e308cf67e0780a2cdf2c677b0dc72d5 |
| SHA1 | 345e35705f8af3f061c23bd16a6fc6ba274312c9 |
| SHA256 | b8b390b05c865ec35f2b0885a918e333ff535ecc476ff263da3853395fb0639f |
| SHA512 | 61ab63c44b1a06e438af37dadf91f77f1755d8a7dc78824c30bc1ae5b554aaceba1a8eea282cc7652511b190241a633dd817a02aa4c9ee7fd5c006e939338afb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5fe6c4b0467cf5db23bc56a262204a10 |
| SHA1 | e862682c7ce8459cfc5288789e79ade20048b36b |
| SHA256 | 519643611f05f71e419cc3c8c7d31c5d6230ac73faf47c9d595a75e8a79add3c |
| SHA512 | a3cc4694955f1361df9b02b92606d1ba28774b0caf52faba2c817d4ebbd1a6728bd0099cca26753145fe84fc43dd7b9c822c04cfbb7cbce891976f133255308c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\FBXMRWC1\www.youtube[1].xml
| MD5 | 3c763ea168b2d91f50acb2b0b793a0dc |
| SHA1 | 11ffe725be53db6dfd9b1f7384756275251c92ee |
| SHA256 | e3006c5a2afcc4bca4af6d1bf270c37fbf7e3f868b1b21a606f1dc62138a3c1f |
| SHA512 | 98400a58d3b17f7cf8a2faecbdd7651b5da88b2a4d70787ea1ed66e763abe028454d68bb9b09d56c58291e5ee725a4684da214a156aae05980deb5e756f80875 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 97980e5628b6dea70d1da8eee8a332de |
| SHA1 | eb255340140f632052ba4b057023dab0b40c4fbc |
| SHA256 | 85cedef4a9d84466dc274d864b5d7eeaa73b6833cc5f2f25cccf4cc9c435868e |
| SHA512 | 3df0d0e66b20c88ed09dc15dbcbc3e2d25111ed0d3e3e3b9065cb3c22569519444f27ee7f0b020d138b9fe44dd84f6b0fe460cdf4095d0c404ace2eb98561a1a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 255ef719c8bedbc170139601894ef603 |
| SHA1 | 484b6877009f125b343f26f384e26eda70ba4978 |
| SHA256 | 91d435dcc0362e0e735ea044af9e7bd22d500df33542827f7933c4008eaa24af |
| SHA512 | e03f237a3c9b75189a2fe82a92015dbe8df2fb6422fd45c4cc751852da24eff63ee7cf696aa0fe35ef0f989307f07944ac84e327bbda39752d12e7a016ab718d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | e5f7e4c293eb367f3aaa411fd4a7ba66 |
| SHA1 | 4b420c010f15232c46dd74cc3dce2c58cacf2dd2 |
| SHA256 | 69426f139e460ab17236ee13171880c8e525612b56f3507fef45250760be3f69 |
| SHA512 | 990e41a59677c78cbb0bab6aa1f022cadc9a23be98d36bba5836f68fc5ebeadd52a36831bd28c8e42f34eaa8d32dfc1c1ba0045ff35c259ebd74068275b3b6b9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7497b516e9a63cf369175cfb7cfa535f |
| SHA1 | 17d88e931eb6bfef8fa75e1e63bb6585e3b17328 |
| SHA256 | 808f9ed3e9f976b0e7d69f19c0f8c800938be6d225d46ed87a9f4850a0f48dc3 |
| SHA512 | 7b5a93283f9289781147a63a5375a18890e5be7dacef3e830e895ec3f249e12066a40c6d50a3dcfed2a301ca0f5939c44da531835810c5fb66df0aa727155dfb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7b4621312a9d356e83533bd68ed8f112 |
| SHA1 | 47c2e1f00a73a7106b03a9199e3ebeebbc21cdae |
| SHA256 | e67357391436b7e1424e857b1f8e6a322fde3d6191fd2753f8c745e150620026 |
| SHA512 | 1fedaac26c17b0bad88ba16221fc0c73a95b7dd1934617b60a0e6ac8cc61d5a74ec008a43fbdc982fc9e0570dff409e34dc0ab0be78101c8c35061b0a46c33fe |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0f31766ab648c1e806d92cc54a2f6805 |
| SHA1 | d1516db9975e034ecbfa476bbfb28cb1130b6ae4 |
| SHA256 | 68531a39127971188f1258e113a1665e7ddf242a7a61eac2cb900e963b57074f |
| SHA512 | b4e3a04b48aea4442ca425cf779e62b696940354667bea5a65b6ff03853e023217dba24b08cd0ff87f51a4909dccd016e117b3c30305788bacf85337cd4e3333 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cfd20e7da8c52a4bf4095e5289cd3d2f |
| SHA1 | 00cec404700390a03dc6cf140acfa2b99d16311d |
| SHA256 | d36ac7250f651ada6d33d7206c5e69e315a9a8c7266605d3e9ec0b8c33723602 |
| SHA512 | e25b18640540d358f3de7ecae0bd7bf3147e9ae39b9fe86550834a5b63249824c0d967773ce0fbbe901e47d7ab8b10504fba73477ce921d592e21d0e1a765759 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c95d07cf46e230291b7a0327b40d1027 |
| SHA1 | 2fcbbbed590d7e05b68e9785b0185c3fe146f1c3 |
| SHA256 | 03ddb6f3a223f120c6f54f155684bc9a27a19486f785d8b1c50f8af73d6d5fb8 |
| SHA512 | ca765afd4f84f0daf8b6666609193873d50b7818f25954b6dea608adadc5f8e49ea9145c3b04582ac48340f6e381709ed891cb8fabed5d5659545889941125fb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | aab6539145e8a86dffc29392ebdf554e |
| SHA1 | 44c03e0046837dd282f809b0a2f6d1e5ee30f7c2 |
| SHA256 | d888f7ccc5bb66edd7091429957f325d05dc40c061708710d11ba33c21f86f11 |
| SHA512 | d665ea9773f1929626170fef60833ed164bd6c8273caac7b7adb88efcab49a6d9814ede0e9356436993dc56dd3e8b4684eb75b0429472ce0994f5e5e626eae0b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 3bd6cbcb84538115592a74d98dd13897 |
| SHA1 | 7ec7c5c804f165e19ce2331c6539de1f96a09c31 |
| SHA256 | 1909c5199a8803e9538a0f893f7fa663f42f70e758da5c7350ee86b383d05def |
| SHA512 | e5a1eb9490a81e26e166edecf569ad70199ef94c17db0c3881f12fb9ab299b2ade08c4d40eb44ffd63abb3dd3c5ed012a3ebf4371428c7294809fec282bbb8ac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4370304ccc03f7c57966ac25765a28d7 |
| SHA1 | 4835108d8d4b21a8a8319f1f219646f9b6bbcd9c |
| SHA256 | f80a75132e3455850410a9b958414906daacebc4df246b4af572f3d57c6f8066 |
| SHA512 | 919d3309325d2ee5c79eea42da43b0a050dff21fc3fbd45798039a03d05d888e55b4b5713bf6a9fb36402a4ca688a236cbd3bfe86e68092dc9fb8e7c010cf21b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 39cbe0c9a8d13478de58368e9a87991c |
| SHA1 | 16c3e6b7975d885305f47137a24ba95189f3ce26 |
| SHA256 | 82ec691c6bcdb8e5e7f2ef8638061df2de15270ceb66574648f59c81ac6126a2 |
| SHA512 | 2a3f4329c08d685b6f64199a36175ae10ac50ddab6dde8e936d7c7bdc8d78b30332b996654d216c8d47c266a6e1b624419c2ee4d2bcd7458a91e7dadf16dcbac |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\3604799710-postmessagerelay[1].js
| MD5 | 40aaadf2a7451d276b940cddefb2d0ed |
| SHA1 | b2fc8129a4f5e5a0c8cb631218f40a4230444d9e |
| SHA256 | 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2 |
| SHA512 | 6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CY2G78MW\rpc_shindig_random[1].js
| MD5 | 6a90a8e611705b6e5953757cc549ce8c |
| SHA1 | 3e7416db7afe4cfdf3980daba308df560b4bede6 |
| SHA256 | 51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679 |
| SHA512 | 583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-02 04:47
Reported
2024-06-02 04:50
Platform
win10v2004-20240508-en
Max time kernel
145s
Max time network
151s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8ced791663c0d8235a92c2fbb0988957_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff091646f8,0x7fff09164708,0x7fff09164718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4484 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4484 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,7249875253891195691,6320457230524103705,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6088 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | mozicsillag.cc | udp |
| US | 8.8.8.8:53 | ad.adverticum.net | udp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| HU | 193.201.191.13:445 | ad.adverticum.net | tcp |
| US | 8.8.8.8:53 | easya.lightsolution.hu | udp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| US | 8.8.8.8:53 | video.vid4u.org | udp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.240.195.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| DE | 142.132.202.70:80 | video.vid4u.org | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| DE | 142.132.202.70:443 | video.vid4u.org | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | ad.adverticum.net | udp |
| HU | 193.201.191.13:139 | ad.adverticum.net | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.202.132.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 163.70.151.21:445 | connect.facebook.net | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.statcounter.com | udp |
| US | 104.20.94.138:80 | www.statcounter.com | tcp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| US | 104.20.94.138:443 | c.statcounter.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.94.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.180.250.142.in-addr.arpa | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| GB | 163.70.151.21:139 | connect.facebook.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| PL | 93.184.220.66:445 | platform.twitter.com | tcp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| PL | 93.184.220.66:139 | platform.twitter.com | tcp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jsc.adskeeper.co.uk | udp |
| US | 104.18.35.65:445 | jsc.adskeeper.co.uk | tcp |
| US | 172.64.152.191:445 | jsc.adskeeper.co.uk | tcp |
| US | 8.8.8.8:53 | jsc.adskeeper.co.uk | udp |
| US | 104.18.35.65:139 | jsc.adskeeper.co.uk | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a11ybar.com | udp |
| US | 104.21.56.218:445 | a11ybar.com | tcp |
| US | 172.67.136.238:445 | a11ybar.com | tcp |
| US | 8.8.8.8:53 | a11ybar.com | udp |
| US | 52.111.229.43:443 | tcp | |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.adverticum.net | udp |
| HU | 193.201.191.13:445 | ad.adverticum.net | tcp |
| HU | 193.201.191.13:139 | ad.adverticum.net | tcp |
| DE | 91.195.240.94:80 | mozicsillag.cc | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
Files
\??\pipe\LOCAL\crashpad_5080_GUMJCDTUBSWPVLPE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f61fa5143fe872d1d8f1e9f8dc6544f9 |
| SHA1 | df44bab94d7388fb38c63085ec4db80cfc5eb009 |
| SHA256 | 284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64 |
| SHA512 | 971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fcc515e9d18074a780940d464002d909 |
| SHA1 | 08e6cc82b715b5fe6edcf1f94fce1b3baf91f676 |
| SHA256 | 60c817ad468287b4d23404e723871bd21554d64539ab3a54e330e236c6135a81 |
| SHA512 | fe7df63c9863c1c79597970b6a092f2ab381475bf2519ebcb9709c8d2d3fb975822eefc4b7899fd7910c5f4a9589d4a3c1c130287f8105c291ea0b1bf626b0ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 27a6cf804ba7d93c6edba2044bfa7c8a |
| SHA1 | f29dae9715b21fba1ba541a58237556995dd62a9 |
| SHA256 | 05573838b9df4ffa14c17ce985747ba88cc0470e51e4684b5057add3b90b29f6 |
| SHA512 | 2a95f97193a7f7bf91442c81f2b31af282d8736529579ec0e83c69d14815cb208a4ac9bc0fa89aacca12e563303d692ced01a3c1eab929e1d11d762e03bc56fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0c190954830cfc305a7ab828f00e18d1 |
| SHA1 | 8a3b89fcdfb350e4eb29b23c326555b8571953d3 |
| SHA256 | 66abc196eee02ebaf431cb7fdde27beb96b117e92e0034c568ff6a010cfd87c4 |
| SHA512 | 11b0c5582559b8976f614bdbfae96fdda5b7143f9bd761af1a68633cb617ca669c3680954efd7bbe8b1a0f93c656b716e30cd0a90788d9ac91988f6537c20071 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f4c9619cf01cc7866c13a6c5077c8431 |
| SHA1 | f39fc35f565adb949497a0f93e42fbc54221bd99 |
| SHA256 | 1df6f10166a2c45e7656bae5336f8736ec942d8fb0403fa92b736089bb8d7e15 |
| SHA512 | 4531fcbf6df874307e4e67590b6f03fd18b802fb9610fdfa1b26ad084f87a9bfa7043038b62a29cc6e966bae471336b2798a2d3c9fc3afff05c8525df8822887 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | e1c71f7c04be834f5587230db2ad24b3 |
| SHA1 | f3bab9cb99d9f343bf7ed3981aaa7450515d2424 |
| SHA256 | 9fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899 |
| SHA512 | 205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ca0d194c9dd00d6825c3c0eaffaa329a |
| SHA1 | fbbea3f77760e32e1ee7edb4d8cf3f989654a9b1 |
| SHA256 | 3a09149bf08b63cf3e28e647d663310e08cc9399139852badd5daa153d84c21a |
| SHA512 | 614abbad05f3b56c796291499ef22d39e60a4016f62a8b3e5c646d03d3f6711bdc6c5ac10167ffad3e2dabc099b6bbff5dd4c1954d909c8bbfd7ab43ea9063fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aceea425c8f337095dc7e633d0e9b0cc |
| SHA1 | e7e2f7c673f20f4b604b76c7c5f0b44d9bc5e4a4 |
| SHA256 | abeac8aec1e34ac15da40faba2c1b173ff766198dde3eed0ea40abc3185d1188 |
| SHA512 | 4ba49be256afb09e31ae3d13948316717a4c1eda16b00268d4e54e844adc9bad7c9ebfda57b5c52030154c1b5dc1b5fce39ada044593edaf3070fcf37764288d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 14be739a4ac52f64eb42c90bb0df1558 |
| SHA1 | b34a4896eadfa806212d956190f3fa9df901815d |
| SHA256 | bc9dd3fb807f07b6da1f5c9fb898dacfff0ff0bc9484e08251cf229f9acde8ba |
| SHA512 | ef6dd65063c5b16e1495a1e15dbdae25d971239d51116674affefe89eb280627a77b03c74624ef09331efd1e131756292277739e94566eed9c95a201e12dbf77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7095c5f06806087bfcef4681c5acc1a3 |
| SHA1 | 168bb5a7cc57bdb4d6b97945be2de2f5df6b8d6f |
| SHA256 | 086367fad69bada0ada424df5000c4eac50b75c96f169dd4874de714eec1981c |
| SHA512 | d0143a9135cab4f58bd99f73e868be6946c0aa2aac5c3ff7b3e2f7429510b58bb8bd767c4d1c19db0ea89d4fe93393ee93d42bc383e0990b4a900bbbe802a849 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0a7fcfa2cba490c3abfb2aaf0566c811 |
| SHA1 | 72a99f6ea42be2ff74cd778a86d91c6401f38173 |
| SHA256 | ae15a70310448c45e57f53aeec494d3ca07b0820cd2e66734005eefffecca6ab |
| SHA512 | 5658050ed5fc8a7f57d49e2e9926ff5eb2d35d2ab326024cd183510dc42ade0ac47cfa8da9576a083769bb07306015fb764ae2f7d77259f82a2be04687c597de |