Analysis Overview
SHA256
5c9e2de0202f0a15b8bc9e3787e1bf608190877b2620c4b88221228b227b566a
Threat Level: No (potentially) malicious behavior was detected
The file 8ceeabc150ec300de937ce5b5c66488d_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-02 04:50
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-02 04:50
Reported
2024-06-02 04:52
Platform
win7-20240221-en
Max time kernel
142s
Max time network
147s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{93380AF1-209B-11EF-87C3-6E6327E9C5D7} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 701ee480a8b4da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bbb623e34db2f74abf3a9681ca975b5a00000000020000000000106600000001000020000000a669ce3bd0ddb071d8970a068fce84f5be84d3e594049c987ed1a63b9d920e9d000000000e80000000020000200000006cbc1e3a9fc897987197e3252967a6910f7bff8874287813528d0ef72668e33620000000f93082daae0f09534599f1e24d5db4a2a8937c29206d30ebfabb0cdde3f9c32c4000000082610b7aa2c5044350bcdcfc58cd92e6331df61b5618f0871cd4fe55badd2db321b589488f156d8b6faca33b6d12d45d76816bc921dea51795bbed735dc98616 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423465670" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bbb623e34db2f74abf3a9681ca975b5a000000000200000000001066000000010000200000005b1eb18b80bd04c51952c346a5ec9f3c2f8353cf94fc78c6f88dcbd27fd2eb3f000000000e8000000002000020000000c27e8c7a5b309bc8ecfd79a9f541a86cfdc117fce6122caad504d9f66ea69328900000005645f5569607875988e3938a661550f10eb43b4840d3e0618d636d9c3837ae5f344ae27552819501190ef3b7d9dcedb5224452971023ab21268fe2ab3ce244ca8c7fdceaf1d7cefa7d228a26fe20e8245296a84da51487d0f64874480c521862e458e96b5df45c1cbd262d18ec72102246d35686c1aed35dbff254f372084b880daa92002022e53080c8977588f860ff40000000eeff8984f87f9a542e393bebecca5e3d39a14f9a9a9e5fa789eb347ee5366333e99aab9b3a243b25605c3ae8a8746c9ac9bf3da96296c273fd95364fb3ba8a30 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1972 wrote to memory of 2212 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1972 wrote to memory of 2212 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1972 wrote to memory of 2212 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1972 wrote to memory of 2212 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8ceeabc150ec300de937ce5b5c66488d_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1972 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.mercadoracing.org | udp |
| US | 8.8.8.8:53 | astonmartineffect.in | udp |
| US | 8.8.8.8:53 | www.ridewalls.com | udp |
| US | 8.8.8.8:53 | www.coches.com | udp |
| US | 8.8.8.8:53 | www.carsandracingstuff.com | udp |
| US | 8.8.8.8:53 | img246.imageshack.us | udp |
| US | 8.8.8.8:53 | www.auto-tuning-news.com | udp |
| US | 8.8.8.8:53 | www.luxuo.com | udp |
| US | 8.8.8.8:53 | www.dodgecolors.info | udp |
| US | 8.8.8.8:53 | www.seriouswheels.com | udp |
| US | 8.8.8.8:53 | www.projectm71.com | udp |
| US | 8.8.8.8:53 | www.v12-gt.com | udp |
| US | 8.8.8.8:53 | maseratieffect.in | udp |
| US | 8.8.8.8:53 | cdn2.worldcarfans.co | udp |
| US | 8.8.8.8:53 | www.chinashopmag.com | udp |
| US | 8.8.8.8:53 | carphotos.cardomain.com | udp |
| US | 8.8.8.8:53 | forums.pelicanparts.com | udp |
| US | 8.8.8.8:53 | www.nfscars.net | udp |
| US | 8.8.8.8:53 | www.lanciaflavia.it | udp |
| US | 8.8.8.8:53 | lh6.ggpht.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | macleodinternational.co.uk | udp |
| US | 172.67.182.56:80 | www.luxuo.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 172.67.182.56:80 | www.luxuo.com | tcp |
| US | 38.99.77.16:80 | img246.imageshack.us | tcp |
| US | 38.99.77.16:80 | img246.imageshack.us | tcp |
| DE | 87.106.2.215:80 | www.auto-tuning-news.com | tcp |
| DE | 87.106.2.215:80 | www.auto-tuning-news.com | tcp |
| US | 45.223.166.145:80 | www.coches.com | tcp |
| US | 45.223.166.145:80 | www.coches.com | tcp |
| FR | 92.204.53.119:80 | www.mercadoracing.org | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| FR | 92.204.53.119:80 | www.mercadoracing.org | tcp |
| US | 13.248.169.48:80 | www.seriouswheels.com | tcp |
| US | 13.248.169.48:80 | www.seriouswheels.com | tcp |
| GB | 51.38.84.145:80 | www.projectm71.com | tcp |
| US | 104.21.25.101:80 | www.v12-gt.com | tcp |
| US | 104.21.25.101:80 | www.v12-gt.com | tcp |
| GB | 51.38.84.145:80 | www.projectm71.com | tcp |
| CA | 192.95.3.44:80 | www.nfscars.net | tcp |
| CA | 192.95.3.44:80 | www.nfscars.net | tcp |
| US | 207.136.153.230:80 | forums.pelicanparts.com | tcp |
| US | 207.136.153.230:80 | forums.pelicanparts.com | tcp |
| US | 3.33.130.190:80 | www.chinashopmag.com | tcp |
| US | 3.33.130.190:80 | www.chinashopmag.com | tcp |
| DE | 185.53.177.52:80 | www.dodgecolors.info | tcp |
| DE | 185.53.177.52:80 | www.dodgecolors.info | tcp |
| GB | 172.217.16.225:80 | lh6.ggpht.com | tcp |
| GB | 172.217.16.225:80 | lh6.ggpht.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| IT | 89.46.110.78:80 | www.lanciaflavia.it | tcp |
| IT | 89.46.110.78:80 | www.lanciaflavia.it | tcp |
| US | 104.21.25.101:443 | www.v12-gt.com | tcp |
| US | 172.67.182.56:443 | www.luxuo.com | tcp |
| US | 192.254.234.146:80 | www.carsandracingstuff.com | tcp |
| US | 192.254.234.146:80 | www.carsandracingstuff.com | tcp |
| US | 8.8.8.8:53 | cdn2.worldcarfans.co | udp |
| CA | 192.95.3.44:443 | www.nfscars.net | tcp |
| US | 192.254.234.146:443 | www.carsandracingstuff.com | tcp |
| US | 192.254.234.146:443 | www.carsandracingstuff.com | tcp |
| US | 45.223.166.145:443 | www.coches.com | tcp |
| US | 8.8.8.8:53 | keywebtracker.com | udp |
| US | 192.254.234.146:443 | www.carsandracingstuff.com | tcp |
| US | 192.254.234.146:443 | www.carsandracingstuff.com | tcp |
| US | 69.162.80.54:80 | keywebtracker.com | tcp |
| US | 69.162.80.54:80 | keywebtracker.com | tcp |
| US | 192.254.234.146:443 | www.carsandracingstuff.com | tcp |
| US | 192.254.234.146:443 | www.carsandracingstuff.com | tcp |
| US | 192.254.234.146:443 | www.carsandracingstuff.com | tcp |
| US | 192.254.234.146:443 | www.carsandracingstuff.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | ww1.keywebtracker.com | udp |
| US | 199.59.243.225:80 | ww1.keywebtracker.com | tcp |
| US | 199.59.243.225:80 | ww1.keywebtracker.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 45.223.166.145:443 | www.coches.com | tcp |
| FR | 92.204.53.119:80 | www.mercadoracing.org | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | e45e619e897e3e3fb040001c59f1492a |
| SHA1 | 192c331e72c5e85908b2518c9fddc45bc0d79fac |
| SHA256 | 159933a20be82cac22c71e112cce4a3e7394cbc1dce3d1d8461b9ac689173594 |
| SHA512 | b30b8299082c4c78dc6652ddfe9026d26a1a0d7e1492011447a1a21259a8932e3ee6888700fb6e5ab92418dc11a4dc9dfc632bba55bb9edf3047681446d5aa84 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 1978680c6ea66ad5b56ea7871e328ffd |
| SHA1 | 5d0c38f0b69ee0d41d2cb337254166a08dc37e14 |
| SHA256 | 896057bb2157c58692d711ae7fdca8021637241364c925d79ff8ed09cc80bc5b |
| SHA512 | 2a68ad9b894095fe5cfe43d964fbac911d8589af88fbea81570f729337e26f0c4e3214dc53fd73bc9d4b24211329905e85f61d5dd63d17eb2dbfd91d7db27b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | ebe72978bff9d88535f0097421ac448f |
| SHA1 | ae9bb2b3e859106c7695f1975b0579581a46035c |
| SHA256 | bd59dce23ff6ddef6961bdc23dc8bebafa05ab05d3d3799cd0120a5f2b1f57a1 |
| SHA512 | 3cca3ec9dd2960abdc662ff462db54f7a996c7ece0bbf5b4f360d905b58e17a43313894b3f7419a61239c5e42bc202e6eb92ad22de79a9b0a50aee0428642a0f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | df6074e56b9f08e0096c151d12ef9c67 |
| SHA1 | 80246c87a492295e2118576133f6ed14327e6b2c |
| SHA256 | 2cb50085eef3b137834bc533f5abed2a43f4b2e68cea6075f51e674043078c85 |
| SHA512 | c5291cfbce45241d79ca5cfdd3d7e23d7187b4358913613b005bf54928927f3b1175d752d7537fe89d18572c39d9b16121d3a7c6b9738aff5f3df2dd7382071f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_827A2BD464611B5891D523F77B43FEB1
| MD5 | ebe9fff245c12f154e546da1ad738f90 |
| SHA1 | 633d7e9d0afedd2e9c6a5c2503ed176191aa8ea9 |
| SHA256 | 83ad8e030a9b9a79f55dba98cb05e2ddbd586e53432bfdb7e6960bd5fce53268 |
| SHA512 | 0859f186aeb61119dfd40633e9110157e3a125a01cefbb4e326615fe6d9fd1abbb1e42cf3d98865920d5bf9c6e92fe4c056a8249492581334f7c63446b5e8179 |
C:\Users\Admin\AppData\Local\Temp\Cab21F4.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OORQXHVT\plusone[1].js
| MD5 | 53e032294d7b74dc7c3e47b03a045d1a |
| SHA1 | f462da8a8f40b78d570a665668ba8d1a834960c2 |
| SHA256 | 8076b082eadf0cab4a8823dbd7628a0b44f174c17b3221221c0e31e7c60307a2 |
| SHA512 | fe263fe86aea2ba1b86d86305650cdeee45cd1f7b4339f9d4fb81db776b78abedccd0ae77262f45d579751daa26f81385354b3d126fdb5577036e9dd1db33276 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar2343.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\cb=gapi[1].js
| MD5 | f9255a0dec7524a9a3e867a9f878a68b |
| SHA1 | 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b |
| SHA256 | d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d |
| SHA512 | d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | d814032648d260cbf8c33e27b4c52978 |
| SHA1 | c73d1dd9e7a34b78896ec6179f2bc39ed4288853 |
| SHA256 | bc1ffafb33cf5280724a2cccb7e9b36f4df9f5f46889758b609aa571076f66e1 |
| SHA512 | d60e09ef44a30851dbf3f7b40c7f29a658848335c0c5753b078aab8be5d0ab426b8b4f0763bbc23af05893331731df7ae69b4b33459ddc0eb0988e9f09d69632 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | c5dfb849ca051355ee2dba1ac33eb028 |
| SHA1 | d69b561148f01c77c54578c10926df5b856976ad |
| SHA256 | cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b |
| SHA512 | 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6afde7a8ce9306e2a1336e29f9299055 |
| SHA1 | dfdfb9e8e4b9a72abc4fd700dfd736f702df3b7b |
| SHA256 | 22343d0146429d99fe29f1d860075fc133102daf1ecd11d0ca2479718cccad1d |
| SHA512 | 0f6103849bad90c22bcf4572a969e7bf6a6b34451df67dd846a2e0efd65cea3a4d9565c54562e3de93ea812c70e6f702f1b2ea09b425186f3096e0023bbecb8b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cb00f9353581e97ffa7e0efde9d95912 |
| SHA1 | 41f3b50f22d3f340ac96a061d76cd06190ffcc86 |
| SHA256 | 665462be25019feea6d07b33d308784cb1b80c86d3f59512fe83218fa2fafd8b |
| SHA512 | 71dc982c069a830caa652a574e69717ce36b0995075100370787ef48478ec2f0483efb830ee91be87e2eba29ac1be70e6ba97f2e2cb117a65de28c56bc9a8950 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 6f4bbf9f906725b19f8dff3008f05eb9 |
| SHA1 | 8df5a465bb21ff702e27a124c13dc38e1155e388 |
| SHA256 | da62671003100aa708bdb4924a814e984f1814ffc399d6d2c91b66df0d0d2646 |
| SHA512 | 4f96269ee4d78dafff342090a63910b2f045becc1112d6f7cb38733db0b538fde4a6b6da18f9fb9182ab20146d77d536d2646132490aaa95a718a120ce522887 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 708afe6ee336af0afbabe3fcf3228f15 |
| SHA1 | dfcf3765afcf4caa13ffecb34b3705dcdd22273c |
| SHA256 | 33fb1ac67c6a6c9bccedfb0d456065d1cd9e411174d6d0b2d479ad3f7d66d5bf |
| SHA512 | 1fdc2b693711a673af53bc5886b4afffd92301959e2f7562d1ddf0a489acb1fd4bd5568cfef6415516fad58b0c179d85caf2ea918ec6a78b12c22cad8bb195d2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | f13b92780e0660783bc483d94fec6c92 |
| SHA1 | cddcc5d1eec4007d2b71af87b3d68f56ab61fb47 |
| SHA256 | d3506592b5f051efdbd1f1d10f955a33d5648edfe410f739cfdeab82c483b820 |
| SHA512 | edff2d8c69d24dedeb012ecd217d663d9e381986b31850abc034dcbcd303cae8ea286552eb7c1e1ad1feece9f9cd5d4ad472dc04f6f57402adaa7767fae9f323 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6a9b9880357ce0aa0754f798ddcf1bd4 |
| SHA1 | 8a5a4449eda3313b5c1c553d413a73099103c25b |
| SHA256 | f0ae1737f3ade8cefa6ab642aab46e799f1d2384dc3d1d5e771333bf0d29866b |
| SHA512 | ae3a41298c958467060bd23e58ad93502d8b0769cf601eb0cf1d734ecaa9a2b6f212b29606eabbcb130cda612cae19a0444c950e8ba00a26eac5fd2823ed335c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ffb5ac0059b8ab9c1cb63f8dc1397363 |
| SHA1 | 96336fc2829a624d673563d1a8354e9ce3cd7962 |
| SHA256 | 716b08ad976f177be8fbc381244d09c86fd1280aa2d78bfeaaf4271979037603 |
| SHA512 | 93a0ea1481eafd47f9e5ee41ecce900be3b9229577d11e17e518a62b14bf04ddd4b2cd27fbfa72266b0fa08a3f5deb229a23400b38e57953ecf5f4616b148ab6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 94b790db18205dee00ba740c5683acad |
| SHA1 | e9391d40ca31626bbbb614de167d1f65ebadb1bd |
| SHA256 | b27347f664a118308394ea39f265da7295137b8b159795d37719d38e01bc78c1 |
| SHA512 | f961dc6494cc1fc3a94e417f2c2a3370f3c9ec8f85152448897bbbb5824fe4dab790cb8d14b8014bcbcc5ff738c788acbc497760eb8529aa6cc87336c15c4d4e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 845566a2084df93cb3b735ab55f0380b |
| SHA1 | 4f3958466e6bab828d36b125297fd5040a62be94 |
| SHA256 | 09fa01152a8f0dd237e806504a8973123b6947c06ca24312aebdbc5f7508fe33 |
| SHA512 | 4f8c5781ed720cb40c6accbf7db8b80d742d909626a2833ee318085ea54b655654ef485a42eb905d2ca74af3525a1bf8b1c537927466e581cd832e75bbd4e220 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1a688d43ef19f4b90116e2fb32bf315f |
| SHA1 | 9f7f48e56201e7af706a8e98e3d7376aac46bc8a |
| SHA256 | de013176f812f6a62c48f1e66d7544535b6263694e8800ab6064922575de3962 |
| SHA512 | f3085699021285f03976e31d0ceb22a05f840970feaa355d9f55c01553445683702145f51060aa9488f75e06acd0784385cc7321f29f417d7b295e5dd5832134 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dab89ae9ba4bbd1f6f63192b8727d65c |
| SHA1 | efb87e9342cc08c2ba5e5d05cd21a8a717e12155 |
| SHA256 | 1a1481b97ed36f5e6b8ddaa2be33e467b2b827a32c101df1bf9aaf9f0564e9ff |
| SHA512 | 638943fd9e2b4d30041dd47fc865ac8841739e874e89b68f53a262cb05791b9edcba2711863cd2e7abcba0d623582eac0a1d03d09b45d89a3b76b92f167a4739 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5d991691b3c816eb332a6e73e88607cd |
| SHA1 | 19f986e5bb67fed0612425e2283d6b8dfedc59fa |
| SHA256 | 0ec1f9bb7a751f3a32b33b73b111914487fe542754c6efcdcd28b645ab38b130 |
| SHA512 | 7f1eb6cb0ec3db70b0cd4804f2e118d1d27fa46de8ee5ccdf6220973b0c7531090d55f3462220eb1a4f5d9a2c4d9663386d7b0f523692463a9aa1e535d532e9c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5ca11eabbcf186e6f2dfbec92257c945 |
| SHA1 | 448ce8c7d2979baf183828309ff1f02737e9d3b9 |
| SHA256 | e9f4055a9682e8cf4852cd476f81b7315c87eb0d72eff99e954391de8911e112 |
| SHA512 | 4cc39b97e523c97784234cb10b52e274c32315b8a0320e7343f24a5cb08afef1881a1ac607c17c762523bb066aba4208970017ee511e11eb9bc42e61c7fa7f0e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | adee0a93ea42a51018779588a878b054 |
| SHA1 | 99e64b689b4d5a549cc4a3cb712f26761b1013d8 |
| SHA256 | 554306e1336df2bd9f4d70e89fbc9225fc6be34c1774129aba44e191cc205eba |
| SHA512 | 3d6a909b491e03d918ea9a989f7d0d47c003def77a67c13bec8231f7a0b9e988c3e0fe1b0033a46e752462806e83d77d092ff06c129c30411cf7bf4105b6e07d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bf1b4deb791f0af24eac61d6b5337f37 |
| SHA1 | 39dfc39f502c42e5731fea040e96651cc1803d22 |
| SHA256 | f3fbfb91a88610685ef90a8c8721deac44b4d72e8aa377ae079c77210971fee7 |
| SHA512 | 52db6837b96087d4db1e2a1b7cacfccd1530ef7aad06c26c95d9f122b733186f9d76da414d87dac545809d031371f02e0f18e81b8c1f729a2408a7df9bf39678 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | af7fc48fa96d8fa5ea881bfe16ee55b1 |
| SHA1 | 557bb8a8902e740a4e74fb34af1690f05606faf2 |
| SHA256 | 27801ba674337e434f0a9cff2a7d8cc765a1ba00b73f8a2029119aab05256128 |
| SHA512 | 191ab8eff2a7c6eee6eef7264f5e534c2896dc9ca526bcbb375719da6aaa588d450c8386699fc016be318159b04b812e5043ad6495bcc714a31d4f75862be5cf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 718d0fb136122d51546f094c826f1f78 |
| SHA1 | e3962f97a6b3be76f623f7682036bd33f3f67431 |
| SHA256 | 7f64c183b3af9354870d1c8f31d22c1cdf1bc9d37d1a748f6fb56ca9965eba90 |
| SHA512 | 2acb7c54e7a49a0a654c6e11661fc3d0f4d0f895139147f6119a39333095377b2b0da650732cf8ae95ae1ac8a024a24831503716bb663529672ab7dd0b2bdc78 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 03c3d157293bdd7b9cda1775687ab117 |
| SHA1 | 3ce237cf2deef2af26670bddb5ea64bc161b0a87 |
| SHA256 | f2540c3396b7482052d5072759e90354d316e933024603b59e11f5ff15a4b373 |
| SHA512 | fe84c01be59e27202d2b01f7bf94f373fb1003405d48e3fa2b87c796aa9ad4b1fc671c06362631d3a78b144e9649122f5a6f983e801a02b86c0aa8cc33a44e57 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b85bbf3b4654c0f142e83dd87d979cc0 |
| SHA1 | ae6d205afa3a53f7e02ea8d49c65759931a4e1ff |
| SHA256 | 8b10dacbe6ab9d084748f15e8121b5ddec85b83cc8819427ca364cae6fc0cba3 |
| SHA512 | debb71ca6beed8f21e16efc8a71459ff4db83e498f040aeb3db14c3a7989cba31539877bf9e3751e9d7200a9cd2fd630df236a8cefad422a3ceaa420ecee92ab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 08c4a793bf9402a8745fb4cc174d240c |
| SHA1 | 3be2021048e475a9795f90332bcf80c51d556ec9 |
| SHA256 | 1da36f70dc11334fa28d616d1b687168ef134a3a109b293bf3a688a6c709fb6d |
| SHA512 | 855ef0b09bcdc88533c8e984e7b4d3509b6a4c1471d9912e89ca84c88adfbd6d7857c7a6d49dd7dbfd4b7dd4a58b3cc15b1f5190243bc6efc808414a1ba7f013 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 54509b600d2a56e191f47143509669e2 |
| SHA1 | a0c61b415d9778d8fb5dd1bb1568f9faf23ac421 |
| SHA256 | 2e1e5d025e0eb935e8dbeb1d11bbc925f0d3fe03dc68279263a9bb44e8649ac0 |
| SHA512 | 054333be9601bca8595c1b6256712965f152b96f61665382bbaf541568b76b98044af56f647faf0d542df98f5ed270bf0cd2b3643ed1278095dbc96eb27dffb4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3da73ab448788a3f5e252268c06e1d2b |
| SHA1 | 61c0502f250f6d0c1d6c3b38438bad37458de084 |
| SHA256 | 10ef2d333f085b388afa4b3a128528b502b6f103010e4d484354402434d9623f |
| SHA512 | 85f11a5989165c59084e0b70b29ab8139cf14a99d9818a536f74951b7c74a31ec3eb66439406ed190b58d86d63f5430cc7be09ea6d349f66d6c023414b47fc4c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cb2f12b857a7068312b38b8e91439206 |
| SHA1 | d3fa8c1d59546aca596fbc66294c2aa59087545f |
| SHA256 | 619c087664310becd90c567b26dac3ded26d83a7aa2a3e8dbc45d2c329a02bb7 |
| SHA512 | 06617a49b76226b45e6efedd59592248a58cc56ad32c26e0e5853486a4559bd52b6ecdb50a2ae68e47fe5335b674928e0b3eed4fa7483673250e7796bb9e9f3c |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-02 04:50
Reported
2024-06-02 04:52
Platform
win10v2004-20240508-en
Max time kernel
135s
Max time network
144s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8ceeabc150ec300de937ce5b5c66488d_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3760,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=1952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4844,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=4872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5276,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5316,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5408 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5352,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5552 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5900,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=5940,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=6332,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=6364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5692,i,17096020621006928097,15544233752327415349,262144 --variations-seed-version --mojo-platform-channel-handle=5816 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 2.17.251.4:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.mercadoracing.org | udp |
| US | 8.8.8.8:53 | www.mercadoracing.org | udp |
| US | 8.8.8.8:53 | astonmartineffect.in | udp |
| US | 8.8.8.8:53 | astonmartineffect.in | udp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | astonmartineffect.in | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| FR | 92.204.53.119:80 | www.mercadoracing.org | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.ridewalls.com | udp |
| US | 8.8.8.8:53 | www.ridewalls.com | udp |
| BE | 23.55.97.181:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.ridewalls.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | keywebtracker.com | udp |
| US | 8.8.8.8:53 | keywebtracker.com | udp |
| US | 8.8.8.8:53 | keywebtracker.com | udp |
| US | 8.8.8.8:53 | www.carsandracingstuff.com | udp |
| US | 8.8.8.8:53 | www.carsandracingstuff.com | udp |
| US | 8.8.8.8:53 | www.coches.com | udp |
| US | 8.8.8.8:53 | www.coches.com | udp |
| US | 8.8.8.8:53 | www.dodgecolors.info | udp |
| US | 8.8.8.8:53 | www.dodgecolors.info | udp |
| US | 8.8.8.8:53 | www.seriouswheels.com | udp |
| US | 8.8.8.8:53 | www.seriouswheels.com | udp |
| US | 8.8.8.8:53 | img246.imageshack.us | udp |
| US | 8.8.8.8:53 | img246.imageshack.us | udp |
| US | 8.8.8.8:53 | www.auto-tuning-news.com | udp |
| US | 8.8.8.8:53 | www.auto-tuning-news.com | udp |
| US | 8.8.8.8:53 | www.luxuo.com | udp |
| US | 8.8.8.8:53 | www.luxuo.com | udp |
| US | 8.8.8.8:53 | www.v12-gt.com | udp |
| US | 8.8.8.8:53 | www.v12-gt.com | udp |
| US | 8.8.8.8:53 | www.projectm71.com | udp |
| US | 8.8.8.8:53 | www.projectm71.com | udp |
| US | 45.223.166.145:80 | www.coches.com | tcp |
| US | 13.248.169.48:80 | www.seriouswheels.com | tcp |
| GB | 51.38.84.145:80 | www.projectm71.com | tcp |
| DE | 87.106.2.215:80 | www.auto-tuning-news.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.luxuo.com | udp |
| US | 8.8.8.8:53 | www.luxuo.com | udp |
| DE | 185.53.177.52:80 | www.dodgecolors.info | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.v12-gt.com | udp |
| US | 8.8.8.8:53 | www.v12-gt.com | udp |
| US | 104.21.80.131:443 | www.luxuo.com | udp |
| US | 8.8.8.8:53 | cdn2.worldcarfans.co | udp |
| US | 8.8.8.8:53 | cdn2.worldcarfans.co | udp |
| US | 8.8.8.8:53 | maseratieffect.in | udp |
| US | 8.8.8.8:53 | maseratieffect.in | udp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| US | 8.8.8.8:53 | maseratieffect.in | udp |
| US | 104.21.25.101:443 | www.v12-gt.com | tcp |
| US | 69.162.80.54:80 | keywebtracker.com | tcp |
| FR | 92.204.53.119:80 | www.mercadoracing.org | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 69.162.80.54:80 | keywebtracker.com | tcp |
| US | 8.8.8.8:53 | carphotos.cardomain.com | udp |
| US | 8.8.8.8:53 | carphotos.cardomain.com | udp |
| US | 8.8.8.8:53 | www.chinashopmag.com | udp |
| US | 8.8.8.8:53 | www.chinashopmag.com | udp |
| US | 8.8.8.8:53 | forums.pelicanparts.com | udp |
| US | 8.8.8.8:53 | forums.pelicanparts.com | udp |
| GB | 216.58.201.98:445 | pagead2.googlesyndication.com | tcp |
| US | 38.99.77.17:80 | img246.imageshack.us | tcp |
| US | 192.254.234.146:80 | www.carsandracingstuff.com | tcp |
| US | 192.254.234.146:80 | www.carsandracingstuff.com | tcp |
| US | 45.223.166.145:80 | www.coches.com | tcp |
| US | 38.99.77.17:80 | img246.imageshack.us | tcp |
| US | 3.33.130.190:80 | www.chinashopmag.com | tcp |
| US | 207.136.153.230:80 | forums.pelicanparts.com | tcp |
| US | 8.8.8.8:53 | carphotos.cardomain.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | cdn2.worldcarfans.co | udp |
| US | 8.8.8.8:53 | cdn2.worldcarfans.co | udp |
| US | 8.8.8.8:53 | www.nfscars.net | udp |
| US | 8.8.8.8:53 | www.nfscars.net | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.lanciaflavia.it | udp |
| US | 8.8.8.8:53 | www.lanciaflavia.it | udp |
| CA | 192.95.3.44:80 | www.nfscars.net | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| IT | 89.46.110.78:80 | www.lanciaflavia.it | tcp |
| US | 8.8.8.8:53 | lh6.ggpht.com | udp |
| US | 8.8.8.8:53 | lh6.ggpht.com | udp |
| US | 8.8.8.8:53 | macleodinternational.co.uk | udp |
| US | 8.8.8.8:53 | macleodinternational.co.uk | udp |
| GB | 172.217.16.225:80 | lh6.ggpht.com | tcp |
| US | 8.8.8.8:53 | macleodinternational.co.uk | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| US | 8.8.8.8:53 | www.carsandracingstuff.com | udp |
| US | 8.8.8.8:53 | www.carsandracingstuff.com | udp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| US | 192.254.234.146:443 | www.carsandracingstuff.com | tcp |
| US | 192.254.234.146:443 | www.carsandracingstuff.com | tcp |
| US | 8.8.8.8:53 | www.coches.com | udp |
| US | 8.8.8.8:53 | www.coches.com | udp |
| US | 8.8.8.8:53 | cdn2.worldcarfans.co | udp |
| US | 45.223.166.145:443 | www.coches.com | tcp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.2.106.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.80.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.169.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.25.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.80.162.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.166.223.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.234.254.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.77.99.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.130.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.153.136.207.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.3.95.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.110.46.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.nfscars.net | udp |
| US | 8.8.8.8:53 | www.nfscars.net | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| CA | 192.95.3.44:443 | www.nfscars.net | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 45.223.166.145:443 | www.coches.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| CA | 192.95.3.44:443 | www.nfscars.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| GB | 216.58.201.98:139 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| GB | 142.250.178.9:445 | www.blogger.com | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |