Malware Analysis Report

2025-06-16 07:27

Sample ID 240602-ff8ypabf3v
Target 8ceeabc150ec300de937ce5b5c66488d_JaffaCakes118
SHA256 5c9e2de0202f0a15b8bc9e3787e1bf608190877b2620c4b88221228b227b566a
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

5c9e2de0202f0a15b8bc9e3787e1bf608190877b2620c4b88221228b227b566a

Threat Level: No (potentially) malicious behavior was detected

The file 8ceeabc150ec300de937ce5b5c66488d_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-02 04:50

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-02 04:50

Reported

2024-06-02 04:52

Platform

win7-20240221-en

Max time kernel

142s

Max time network

147s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8ceeabc150ec300de937ce5b5c66488d_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{93380AF1-209B-11EF-87C3-6E6327E9C5D7} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 701ee480a8b4da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bbb623e34db2f74abf3a9681ca975b5a00000000020000000000106600000001000020000000a669ce3bd0ddb071d8970a068fce84f5be84d3e594049c987ed1a63b9d920e9d000000000e80000000020000200000006cbc1e3a9fc897987197e3252967a6910f7bff8874287813528d0ef72668e33620000000f93082daae0f09534599f1e24d5db4a2a8937c29206d30ebfabb0cdde3f9c32c4000000082610b7aa2c5044350bcdcfc58cd92e6331df61b5618f0871cd4fe55badd2db321b589488f156d8b6faca33b6d12d45d76816bc921dea51795bbed735dc98616 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423465670" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bbb623e34db2f74abf3a9681ca975b5a000000000200000000001066000000010000200000005b1eb18b80bd04c51952c346a5ec9f3c2f8353cf94fc78c6f88dcbd27fd2eb3f000000000e8000000002000020000000c27e8c7a5b309bc8ecfd79a9f541a86cfdc117fce6122caad504d9f66ea69328900000005645f5569607875988e3938a661550f10eb43b4840d3e0618d636d9c3837ae5f344ae27552819501190ef3b7d9dcedb5224452971023ab21268fe2ab3ce244ca8c7fdceaf1d7cefa7d228a26fe20e8245296a84da51487d0f64874480c521862e458e96b5df45c1cbd262d18ec72102246d35686c1aed35dbff254f372084b880daa92002022e53080c8977588f860ff40000000eeff8984f87f9a542e393bebecca5e3d39a14f9a9a9e5fa789eb347ee5366333e99aab9b3a243b25605c3ae8a8746c9ac9bf3da96296c273fd95364fb3ba8a30 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8ceeabc150ec300de937ce5b5c66488d_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1972 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.mercadoracing.org udp
US 8.8.8.8:53 astonmartineffect.in udp
US 8.8.8.8:53 www.ridewalls.com udp
US 8.8.8.8:53 www.coches.com udp
US 8.8.8.8:53 www.carsandracingstuff.com udp
US 8.8.8.8:53 img246.imageshack.us udp
US 8.8.8.8:53 www.auto-tuning-news.com udp
US 8.8.8.8:53 www.luxuo.com udp
US 8.8.8.8:53 www.dodgecolors.info udp
US 8.8.8.8:53 www.seriouswheels.com udp
US 8.8.8.8:53 www.projectm71.com udp
US 8.8.8.8:53 www.v12-gt.com udp
US 8.8.8.8:53 maseratieffect.in udp
US 8.8.8.8:53 cdn2.worldcarfans.co udp
US 8.8.8.8:53 www.chinashopmag.com udp
US 8.8.8.8:53 carphotos.cardomain.com udp
US 8.8.8.8:53 forums.pelicanparts.com udp
US 8.8.8.8:53 www.nfscars.net udp
US 8.8.8.8:53 www.lanciaflavia.it udp
US 8.8.8.8:53 lh6.ggpht.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 macleodinternational.co.uk udp
US 172.67.182.56:80 www.luxuo.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.200.14:443 apis.google.com tcp
US 172.67.182.56:80 www.luxuo.com tcp
US 38.99.77.16:80 img246.imageshack.us tcp
US 38.99.77.16:80 img246.imageshack.us tcp
DE 87.106.2.215:80 www.auto-tuning-news.com tcp
DE 87.106.2.215:80 www.auto-tuning-news.com tcp
US 45.223.166.145:80 www.coches.com tcp
US 45.223.166.145:80 www.coches.com tcp
FR 92.204.53.119:80 www.mercadoracing.org tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
FR 92.204.53.119:80 www.mercadoracing.org tcp
US 13.248.169.48:80 www.seriouswheels.com tcp
US 13.248.169.48:80 www.seriouswheels.com tcp
GB 51.38.84.145:80 www.projectm71.com tcp
US 104.21.25.101:80 www.v12-gt.com tcp
US 104.21.25.101:80 www.v12-gt.com tcp
GB 51.38.84.145:80 www.projectm71.com tcp
CA 192.95.3.44:80 www.nfscars.net tcp
CA 192.95.3.44:80 www.nfscars.net tcp
US 207.136.153.230:80 forums.pelicanparts.com tcp
US 207.136.153.230:80 forums.pelicanparts.com tcp
US 3.33.130.190:80 www.chinashopmag.com tcp
US 3.33.130.190:80 www.chinashopmag.com tcp
DE 185.53.177.52:80 www.dodgecolors.info tcp
DE 185.53.177.52:80 www.dodgecolors.info tcp
GB 172.217.16.225:80 lh6.ggpht.com tcp
GB 172.217.16.225:80 lh6.ggpht.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
IT 89.46.110.78:80 www.lanciaflavia.it tcp
IT 89.46.110.78:80 www.lanciaflavia.it tcp
US 104.21.25.101:443 www.v12-gt.com tcp
US 172.67.182.56:443 www.luxuo.com tcp
US 192.254.234.146:80 www.carsandracingstuff.com tcp
US 192.254.234.146:80 www.carsandracingstuff.com tcp
US 8.8.8.8:53 cdn2.worldcarfans.co udp
CA 192.95.3.44:443 www.nfscars.net tcp
US 192.254.234.146:443 www.carsandracingstuff.com tcp
US 192.254.234.146:443 www.carsandracingstuff.com tcp
US 45.223.166.145:443 www.coches.com tcp
US 8.8.8.8:53 keywebtracker.com udp
US 192.254.234.146:443 www.carsandracingstuff.com tcp
US 192.254.234.146:443 www.carsandracingstuff.com tcp
US 69.162.80.54:80 keywebtracker.com tcp
US 69.162.80.54:80 keywebtracker.com tcp
US 192.254.234.146:443 www.carsandracingstuff.com tcp
US 192.254.234.146:443 www.carsandracingstuff.com tcp
US 192.254.234.146:443 www.carsandracingstuff.com tcp
US 192.254.234.146:443 www.carsandracingstuff.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 ww1.keywebtracker.com udp
US 199.59.243.225:80 ww1.keywebtracker.com tcp
US 199.59.243.225:80 ww1.keywebtracker.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 45.223.166.145:443 www.coches.com tcp
FR 92.204.53.119:80 www.mercadoracing.org tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 e45e619e897e3e3fb040001c59f1492a
SHA1 192c331e72c5e85908b2518c9fddc45bc0d79fac
SHA256 159933a20be82cac22c71e112cce4a3e7394cbc1dce3d1d8461b9ac689173594
SHA512 b30b8299082c4c78dc6652ddfe9026d26a1a0d7e1492011447a1a21259a8932e3ee6888700fb6e5ab92418dc11a4dc9dfc632bba55bb9edf3047681446d5aa84

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 1978680c6ea66ad5b56ea7871e328ffd
SHA1 5d0c38f0b69ee0d41d2cb337254166a08dc37e14
SHA256 896057bb2157c58692d711ae7fdca8021637241364c925d79ff8ed09cc80bc5b
SHA512 2a68ad9b894095fe5cfe43d964fbac911d8589af88fbea81570f729337e26f0c4e3214dc53fd73bc9d4b24211329905e85f61d5dd63d17eb2dbfd91d7db27b5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 ebe72978bff9d88535f0097421ac448f
SHA1 ae9bb2b3e859106c7695f1975b0579581a46035c
SHA256 bd59dce23ff6ddef6961bdc23dc8bebafa05ab05d3d3799cd0120a5f2b1f57a1
SHA512 3cca3ec9dd2960abdc662ff462db54f7a996c7ece0bbf5b4f360d905b58e17a43313894b3f7419a61239c5e42bc202e6eb92ad22de79a9b0a50aee0428642a0f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 df6074e56b9f08e0096c151d12ef9c67
SHA1 80246c87a492295e2118576133f6ed14327e6b2c
SHA256 2cb50085eef3b137834bc533f5abed2a43f4b2e68cea6075f51e674043078c85
SHA512 c5291cfbce45241d79ca5cfdd3d7e23d7187b4358913613b005bf54928927f3b1175d752d7537fe89d18572c39d9b16121d3a7c6b9738aff5f3df2dd7382071f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_827A2BD464611B5891D523F77B43FEB1

MD5 ebe9fff245c12f154e546da1ad738f90
SHA1 633d7e9d0afedd2e9c6a5c2503ed176191aa8ea9
SHA256 83ad8e030a9b9a79f55dba98cb05e2ddbd586e53432bfdb7e6960bd5fce53268
SHA512 0859f186aeb61119dfd40633e9110157e3a125a01cefbb4e326615fe6d9fd1abbb1e42cf3d98865920d5bf9c6e92fe4c056a8249492581334f7c63446b5e8179

C:\Users\Admin\AppData\Local\Temp\Cab21F4.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OORQXHVT\plusone[1].js

MD5 53e032294d7b74dc7c3e47b03a045d1a
SHA1 f462da8a8f40b78d570a665668ba8d1a834960c2
SHA256 8076b082eadf0cab4a8823dbd7628a0b44f174c17b3221221c0e31e7c60307a2
SHA512 fe263fe86aea2ba1b86d86305650cdeee45cd1f7b4339f9d4fb81db776b78abedccd0ae77262f45d579751daa26f81385354b3d126fdb5577036e9dd1db33276

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar2343.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\cb=gapi[1].js

MD5 f9255a0dec7524a9a3e867a9f878a68b
SHA1 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b
SHA256 d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d
SHA512 d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1

MD5 d814032648d260cbf8c33e27b4c52978
SHA1 c73d1dd9e7a34b78896ec6179f2bc39ed4288853
SHA256 bc1ffafb33cf5280724a2cccb7e9b36f4df9f5f46889758b609aa571076f66e1
SHA512 d60e09ef44a30851dbf3f7b40c7f29a658848335c0c5753b078aab8be5d0ab426b8b4f0763bbc23af05893331731df7ae69b4b33459ddc0eb0988e9f09d69632

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1

MD5 c5dfb849ca051355ee2dba1ac33eb028
SHA1 d69b561148f01c77c54578c10926df5b856976ad
SHA256 cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b
SHA512 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6afde7a8ce9306e2a1336e29f9299055
SHA1 dfdfb9e8e4b9a72abc4fd700dfd736f702df3b7b
SHA256 22343d0146429d99fe29f1d860075fc133102daf1ecd11d0ca2479718cccad1d
SHA512 0f6103849bad90c22bcf4572a969e7bf6a6b34451df67dd846a2e0efd65cea3a4d9565c54562e3de93ea812c70e6f702f1b2ea09b425186f3096e0023bbecb8b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cb00f9353581e97ffa7e0efde9d95912
SHA1 41f3b50f22d3f340ac96a061d76cd06190ffcc86
SHA256 665462be25019feea6d07b33d308784cb1b80c86d3f59512fe83218fa2fafd8b
SHA512 71dc982c069a830caa652a574e69717ce36b0995075100370787ef48478ec2f0483efb830ee91be87e2eba29ac1be70e6ba97f2e2cb117a65de28c56bc9a8950

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 6f4bbf9f906725b19f8dff3008f05eb9
SHA1 8df5a465bb21ff702e27a124c13dc38e1155e388
SHA256 da62671003100aa708bdb4924a814e984f1814ffc399d6d2c91b66df0d0d2646
SHA512 4f96269ee4d78dafff342090a63910b2f045becc1112d6f7cb38733db0b538fde4a6b6da18f9fb9182ab20146d77d536d2646132490aaa95a718a120ce522887

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 708afe6ee336af0afbabe3fcf3228f15
SHA1 dfcf3765afcf4caa13ffecb34b3705dcdd22273c
SHA256 33fb1ac67c6a6c9bccedfb0d456065d1cd9e411174d6d0b2d479ad3f7d66d5bf
SHA512 1fdc2b693711a673af53bc5886b4afffd92301959e2f7562d1ddf0a489acb1fd4bd5568cfef6415516fad58b0c179d85caf2ea918ec6a78b12c22cad8bb195d2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 f13b92780e0660783bc483d94fec6c92
SHA1 cddcc5d1eec4007d2b71af87b3d68f56ab61fb47
SHA256 d3506592b5f051efdbd1f1d10f955a33d5648edfe410f739cfdeab82c483b820
SHA512 edff2d8c69d24dedeb012ecd217d663d9e381986b31850abc034dcbcd303cae8ea286552eb7c1e1ad1feece9f9cd5d4ad472dc04f6f57402adaa7767fae9f323

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6a9b9880357ce0aa0754f798ddcf1bd4
SHA1 8a5a4449eda3313b5c1c553d413a73099103c25b
SHA256 f0ae1737f3ade8cefa6ab642aab46e799f1d2384dc3d1d5e771333bf0d29866b
SHA512 ae3a41298c958467060bd23e58ad93502d8b0769cf601eb0cf1d734ecaa9a2b6f212b29606eabbcb130cda612cae19a0444c950e8ba00a26eac5fd2823ed335c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ffb5ac0059b8ab9c1cb63f8dc1397363
SHA1 96336fc2829a624d673563d1a8354e9ce3cd7962
SHA256 716b08ad976f177be8fbc381244d09c86fd1280aa2d78bfeaaf4271979037603
SHA512 93a0ea1481eafd47f9e5ee41ecce900be3b9229577d11e17e518a62b14bf04ddd4b2cd27fbfa72266b0fa08a3f5deb229a23400b38e57953ecf5f4616b148ab6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 94b790db18205dee00ba740c5683acad
SHA1 e9391d40ca31626bbbb614de167d1f65ebadb1bd
SHA256 b27347f664a118308394ea39f265da7295137b8b159795d37719d38e01bc78c1
SHA512 f961dc6494cc1fc3a94e417f2c2a3370f3c9ec8f85152448897bbbb5824fe4dab790cb8d14b8014bcbcc5ff738c788acbc497760eb8529aa6cc87336c15c4d4e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 845566a2084df93cb3b735ab55f0380b
SHA1 4f3958466e6bab828d36b125297fd5040a62be94
SHA256 09fa01152a8f0dd237e806504a8973123b6947c06ca24312aebdbc5f7508fe33
SHA512 4f8c5781ed720cb40c6accbf7db8b80d742d909626a2833ee318085ea54b655654ef485a42eb905d2ca74af3525a1bf8b1c537927466e581cd832e75bbd4e220

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1a688d43ef19f4b90116e2fb32bf315f
SHA1 9f7f48e56201e7af706a8e98e3d7376aac46bc8a
SHA256 de013176f812f6a62c48f1e66d7544535b6263694e8800ab6064922575de3962
SHA512 f3085699021285f03976e31d0ceb22a05f840970feaa355d9f55c01553445683702145f51060aa9488f75e06acd0784385cc7321f29f417d7b295e5dd5832134

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dab89ae9ba4bbd1f6f63192b8727d65c
SHA1 efb87e9342cc08c2ba5e5d05cd21a8a717e12155
SHA256 1a1481b97ed36f5e6b8ddaa2be33e467b2b827a32c101df1bf9aaf9f0564e9ff
SHA512 638943fd9e2b4d30041dd47fc865ac8841739e874e89b68f53a262cb05791b9edcba2711863cd2e7abcba0d623582eac0a1d03d09b45d89a3b76b92f167a4739

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5d991691b3c816eb332a6e73e88607cd
SHA1 19f986e5bb67fed0612425e2283d6b8dfedc59fa
SHA256 0ec1f9bb7a751f3a32b33b73b111914487fe542754c6efcdcd28b645ab38b130
SHA512 7f1eb6cb0ec3db70b0cd4804f2e118d1d27fa46de8ee5ccdf6220973b0c7531090d55f3462220eb1a4f5d9a2c4d9663386d7b0f523692463a9aa1e535d532e9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5ca11eabbcf186e6f2dfbec92257c945
SHA1 448ce8c7d2979baf183828309ff1f02737e9d3b9
SHA256 e9f4055a9682e8cf4852cd476f81b7315c87eb0d72eff99e954391de8911e112
SHA512 4cc39b97e523c97784234cb10b52e274c32315b8a0320e7343f24a5cb08afef1881a1ac607c17c762523bb066aba4208970017ee511e11eb9bc42e61c7fa7f0e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 adee0a93ea42a51018779588a878b054
SHA1 99e64b689b4d5a549cc4a3cb712f26761b1013d8
SHA256 554306e1336df2bd9f4d70e89fbc9225fc6be34c1774129aba44e191cc205eba
SHA512 3d6a909b491e03d918ea9a989f7d0d47c003def77a67c13bec8231f7a0b9e988c3e0fe1b0033a46e752462806e83d77d092ff06c129c30411cf7bf4105b6e07d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bf1b4deb791f0af24eac61d6b5337f37
SHA1 39dfc39f502c42e5731fea040e96651cc1803d22
SHA256 f3fbfb91a88610685ef90a8c8721deac44b4d72e8aa377ae079c77210971fee7
SHA512 52db6837b96087d4db1e2a1b7cacfccd1530ef7aad06c26c95d9f122b733186f9d76da414d87dac545809d031371f02e0f18e81b8c1f729a2408a7df9bf39678

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 af7fc48fa96d8fa5ea881bfe16ee55b1
SHA1 557bb8a8902e740a4e74fb34af1690f05606faf2
SHA256 27801ba674337e434f0a9cff2a7d8cc765a1ba00b73f8a2029119aab05256128
SHA512 191ab8eff2a7c6eee6eef7264f5e534c2896dc9ca526bcbb375719da6aaa588d450c8386699fc016be318159b04b812e5043ad6495bcc714a31d4f75862be5cf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 718d0fb136122d51546f094c826f1f78
SHA1 e3962f97a6b3be76f623f7682036bd33f3f67431
SHA256 7f64c183b3af9354870d1c8f31d22c1cdf1bc9d37d1a748f6fb56ca9965eba90
SHA512 2acb7c54e7a49a0a654c6e11661fc3d0f4d0f895139147f6119a39333095377b2b0da650732cf8ae95ae1ac8a024a24831503716bb663529672ab7dd0b2bdc78

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 03c3d157293bdd7b9cda1775687ab117
SHA1 3ce237cf2deef2af26670bddb5ea64bc161b0a87
SHA256 f2540c3396b7482052d5072759e90354d316e933024603b59e11f5ff15a4b373
SHA512 fe84c01be59e27202d2b01f7bf94f373fb1003405d48e3fa2b87c796aa9ad4b1fc671c06362631d3a78b144e9649122f5a6f983e801a02b86c0aa8cc33a44e57

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b85bbf3b4654c0f142e83dd87d979cc0
SHA1 ae6d205afa3a53f7e02ea8d49c65759931a4e1ff
SHA256 8b10dacbe6ab9d084748f15e8121b5ddec85b83cc8819427ca364cae6fc0cba3
SHA512 debb71ca6beed8f21e16efc8a71459ff4db83e498f040aeb3db14c3a7989cba31539877bf9e3751e9d7200a9cd2fd630df236a8cefad422a3ceaa420ecee92ab

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 08c4a793bf9402a8745fb4cc174d240c
SHA1 3be2021048e475a9795f90332bcf80c51d556ec9
SHA256 1da36f70dc11334fa28d616d1b687168ef134a3a109b293bf3a688a6c709fb6d
SHA512 855ef0b09bcdc88533c8e984e7b4d3509b6a4c1471d9912e89ca84c88adfbd6d7857c7a6d49dd7dbfd4b7dd4a58b3cc15b1f5190243bc6efc808414a1ba7f013

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 54509b600d2a56e191f47143509669e2
SHA1 a0c61b415d9778d8fb5dd1bb1568f9faf23ac421
SHA256 2e1e5d025e0eb935e8dbeb1d11bbc925f0d3fe03dc68279263a9bb44e8649ac0
SHA512 054333be9601bca8595c1b6256712965f152b96f61665382bbaf541568b76b98044af56f647faf0d542df98f5ed270bf0cd2b3643ed1278095dbc96eb27dffb4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3da73ab448788a3f5e252268c06e1d2b
SHA1 61c0502f250f6d0c1d6c3b38438bad37458de084
SHA256 10ef2d333f085b388afa4b3a128528b502b6f103010e4d484354402434d9623f
SHA512 85f11a5989165c59084e0b70b29ab8139cf14a99d9818a536f74951b7c74a31ec3eb66439406ed190b58d86d63f5430cc7be09ea6d349f66d6c023414b47fc4c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cb2f12b857a7068312b38b8e91439206
SHA1 d3fa8c1d59546aca596fbc66294c2aa59087545f
SHA256 619c087664310becd90c567b26dac3ded26d83a7aa2a3e8dbc45d2c329a02bb7
SHA512 06617a49b76226b45e6efedd59592248a58cc56ad32c26e0e5853486a4559bd52b6ecdb50a2ae68e47fe5335b674928e0b3eed4fa7483673250e7796bb9e9f3c

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-02 04:50

Reported

2024-06-02 04:52

Platform

win10v2004-20240508-en

Max time kernel

135s

Max time network

144s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8ceeabc150ec300de937ce5b5c66488d_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8ceeabc150ec300de937ce5b5c66488d_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3760,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=1952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4844,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=4872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5276,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5316,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5408 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5352,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5552 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5900,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=5940,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=6332,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=6364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5692,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5816 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
IE 94.245.104.56:443 api.edgeoffer.microsoft.com tcp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 56.104.245.94.in-addr.arpa udp
US 2.17.251.4:443 bzib.nelreports.net tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 www.mercadoracing.org udp
US 8.8.8.8:53 www.mercadoracing.org udp
US 8.8.8.8:53 astonmartineffect.in udp
US 8.8.8.8:53 astonmartineffect.in udp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 astonmartineffect.in udp
US 8.8.8.8:53 www.microsoft.com udp
FR 92.204.53.119:80 www.mercadoracing.org tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.ridewalls.com udp
US 8.8.8.8:53 www.ridewalls.com udp
BE 23.55.97.181:443 www.microsoft.com tcp
US 8.8.8.8:53 www.ridewalls.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 keywebtracker.com udp
US 8.8.8.8:53 keywebtracker.com udp
US 8.8.8.8:53 keywebtracker.com udp
US 8.8.8.8:53 www.carsandracingstuff.com udp
US 8.8.8.8:53 www.carsandracingstuff.com udp
US 8.8.8.8:53 www.coches.com udp
US 8.8.8.8:53 www.coches.com udp
US 8.8.8.8:53 www.dodgecolors.info udp
US 8.8.8.8:53 www.dodgecolors.info udp
US 8.8.8.8:53 www.seriouswheels.com udp
US 8.8.8.8:53 www.seriouswheels.com udp
US 8.8.8.8:53 img246.imageshack.us udp
US 8.8.8.8:53 img246.imageshack.us udp
US 8.8.8.8:53 www.auto-tuning-news.com udp
US 8.8.8.8:53 www.auto-tuning-news.com udp
US 8.8.8.8:53 www.luxuo.com udp
US 8.8.8.8:53 www.luxuo.com udp
US 8.8.8.8:53 www.v12-gt.com udp
US 8.8.8.8:53 www.v12-gt.com udp
US 8.8.8.8:53 www.projectm71.com udp
US 8.8.8.8:53 www.projectm71.com udp
US 45.223.166.145:80 www.coches.com tcp
US 13.248.169.48:80 www.seriouswheels.com tcp
GB 51.38.84.145:80 www.projectm71.com tcp
DE 87.106.2.215:80 www.auto-tuning-news.com tcp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 www.luxuo.com udp
US 8.8.8.8:53 www.luxuo.com udp
DE 185.53.177.52:80 www.dodgecolors.info tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.v12-gt.com udp
US 8.8.8.8:53 www.v12-gt.com udp
US 104.21.80.131:443 www.luxuo.com udp
US 8.8.8.8:53 cdn2.worldcarfans.co udp
US 8.8.8.8:53 cdn2.worldcarfans.co udp
US 8.8.8.8:53 maseratieffect.in udp
US 8.8.8.8:53 maseratieffect.in udp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
US 8.8.8.8:53 maseratieffect.in udp
US 104.21.25.101:443 www.v12-gt.com tcp
US 69.162.80.54:80 keywebtracker.com tcp
FR 92.204.53.119:80 www.mercadoracing.org tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 69.162.80.54:80 keywebtracker.com tcp
US 8.8.8.8:53 carphotos.cardomain.com udp
US 8.8.8.8:53 carphotos.cardomain.com udp
US 8.8.8.8:53 www.chinashopmag.com udp
US 8.8.8.8:53 www.chinashopmag.com udp
US 8.8.8.8:53 forums.pelicanparts.com udp
US 8.8.8.8:53 forums.pelicanparts.com udp
GB 216.58.201.98:445 pagead2.googlesyndication.com tcp
US 38.99.77.17:80 img246.imageshack.us tcp
US 192.254.234.146:80 www.carsandracingstuff.com tcp
US 192.254.234.146:80 www.carsandracingstuff.com tcp
US 45.223.166.145:80 www.coches.com tcp
US 38.99.77.17:80 img246.imageshack.us tcp
US 3.33.130.190:80 www.chinashopmag.com tcp
US 207.136.153.230:80 forums.pelicanparts.com tcp
US 8.8.8.8:53 carphotos.cardomain.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 cdn2.worldcarfans.co udp
US 8.8.8.8:53 cdn2.worldcarfans.co udp
US 8.8.8.8:53 www.nfscars.net udp
US 8.8.8.8:53 www.nfscars.net udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.lanciaflavia.it udp
US 8.8.8.8:53 www.lanciaflavia.it udp
CA 192.95.3.44:80 www.nfscars.net tcp
NL 142.250.27.84:443 accounts.google.com tcp
IT 89.46.110.78:80 www.lanciaflavia.it tcp
US 8.8.8.8:53 lh6.ggpht.com udp
US 8.8.8.8:53 lh6.ggpht.com udp
US 8.8.8.8:53 macleodinternational.co.uk udp
US 8.8.8.8:53 macleodinternational.co.uk udp
GB 172.217.16.225:80 lh6.ggpht.com tcp
US 8.8.8.8:53 macleodinternational.co.uk udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 8.8.8.8:53 www.carsandracingstuff.com udp
US 8.8.8.8:53 www.carsandracingstuff.com udp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 192.254.234.146:443 www.carsandracingstuff.com tcp
US 192.254.234.146:443 www.carsandracingstuff.com tcp
US 8.8.8.8:53 www.coches.com udp
US 8.8.8.8:53 www.coches.com udp
US 8.8.8.8:53 cdn2.worldcarfans.co udp
US 45.223.166.145:443 www.coches.com tcp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 4.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 9.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 181.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 215.2.106.87.in-addr.arpa udp
US 8.8.8.8:53 131.80.21.104.in-addr.arpa udp
US 8.8.8.8:53 48.169.248.13.in-addr.arpa udp
US 8.8.8.8:53 101.25.21.104.in-addr.arpa udp
US 8.8.8.8:53 54.80.162.69.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 145.166.223.45.in-addr.arpa udp
US 8.8.8.8:53 146.234.254.192.in-addr.arpa udp
US 8.8.8.8:53 17.77.99.38.in-addr.arpa udp
US 8.8.8.8:53 190.130.33.3.in-addr.arpa udp
US 8.8.8.8:53 230.153.136.207.in-addr.arpa udp
US 8.8.8.8:53 16.24.18.2.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 44.3.95.192.in-addr.arpa udp
US 8.8.8.8:53 78.110.46.89.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.nfscars.net udp
US 8.8.8.8:53 www.nfscars.net udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
CA 192.95.3.44:443 www.nfscars.net tcp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.200.14:443 apis.google.com tcp
US 45.223.166.145:443 www.coches.com tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
GB 172.165.61.93:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 nav-edge.smartscreen.microsoft.com tcp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
CA 192.95.3.44:443 www.nfscars.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 93.61.165.172.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
GB 216.58.201.98:139 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:445 www.blogger.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 31.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp

Files

N/A