Analysis Overview
SHA256
ee824f87af95d56734343563adb80f3618db0ed82dd342e172ff46ab36d89404
Threat Level: No (potentially) malicious behavior was detected
The file 8d334db438fc613ac708be5ce91f8f79_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-02 06:45
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-02 06:45
Reported
2024-06-02 06:48
Platform
win7-20240221-en
Max time kernel
135s
Max time network
129s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "13690" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "3944" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423472601" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "22704" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "32509" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "29056" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10010" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "22616" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "29056" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "13608" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10010" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "3862" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000f7b3a0b4ffa6f74dad7cccbaa7e32b3400000000020000000000106600000001000020000000a710a77fc201f62795d00e563d2eef6531cc791057d617d4c3b390c9e69907e2000000000e8000000002000020000000a6cbcf87b553b35700c27c2b98d205865716cc472aa8fda2a98d66601c2320ec200000007c247cff35f2195c1e208105f4ab6307a24415ac56ce1762e619420061eb9d5a400000005de684ed583fcf6513cd297d57f7138674bf8449d46cb6f1793c7550cee01068f7324294053d63cfafaffe41a9c864f88ffb124ad3f22b17b494eb0383351c09 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "3944" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "13690" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "22698" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "22616" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "3862" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "13690" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "22616" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19310" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10302" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000f7b3a0b4ffa6f74dad7cccbaa7e32b3400000000020000000000106600000001000020000000eda4a84bb2988396fd0da47db295d1540cf3bb36b40c0e556f73f3b626b5ef50000000000e800000000200002000000061536f7667b6e4f41169b66e3b87ac4a5ba2545ea6ec9e29c508511fff82e65090000000e55aef7ecbb907dc1e43a1ceadf55208e117608c8622a745cf82094fb95769ee5ff83715194de9d5f9a6b218a7393c18bcfcbbb8e9b84eb6b0631b8dbf67d9e829a0bba6b5162fb518f3fd6d9eb96bb784e8b90063a05e0ab3e97d622b62b6f0962fee59ab39b137410fd0eb2d05224849874f705406cf35d28cfa01001fcd3d835f476ef0288225bfc38fa7c408cae0400000007553bda0b010a9027904b41443dd551b67a16e89d30068ffef2abda42314c11e64fdc45b8a004dbd6201480b6e84c93a58586e62a67f11cfb6d32c864513e4fd | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2784 wrote to memory of 2652 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2784 wrote to memory of 2652 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2784 wrote to memory of 2652 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2784 wrote to memory of 2652 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8d334db438fc613ac708be5ce91f8f79_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2784 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.200.54:443 | i.ytimg.com | tcp |
| GB | 142.250.200.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 692279c5553e7a91afc1ca91c069ab0b |
| SHA1 | fc846f60a38c827cf36a93199aae2b31461062fb |
| SHA256 | 614599256797fc9aa08f02604b0e0c30bc7d9ba63d9a46142c66a3f3f1f05b8e |
| SHA512 | a91058ac441204387a78e3249a69574a18dab38f81f3c9fa632607be5379f950ff1fdf9fb7c7a1ac4f4bcd296d5af67cd8f968b40349bdb401191c0a225a8502 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 329baf53d0e3ed72fdb28b0a631b7efa |
| SHA1 | ffc55a7b1eeb73a490ecf68b8b5e3db64e80d9c3 |
| SHA256 | 484b6a3c8c3a2c7cba9b039a8ebd6f8c06b672f3cf9e050dbbbea18993a2622f |
| SHA512 | b528cdb6f235bbd1d87cbc52d01ee40c8d5acf8fb14aaa51d7f22a56becc3854c0e8fba9281180bca2fcc6571938a1a3a7318deddec7681efbc159720c48948a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\TarE6DD.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6f336046660a2d8dff1377ed3ded5c9d |
| SHA1 | b55462cab1b47fb9aebd5613a481d5f9dea7c4ca |
| SHA256 | df8b05886322f57d8d1869d88fc4e7a85e58dac12489249331d25a249aab269c |
| SHA512 | 1b5eeb7e247b7d2c8cd6bb2872e6fb9ce946da95c692beae34119123fd7110b8a634c8b1c4a9778eca611882a68b2f798bdd9952d8b960e0aaaa70ae75a22275 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_DBD1FAADD656881B5EBDBC1DB3D60301
| MD5 | 2a746abd2b1d5cb1b669ce302e66407b |
| SHA1 | 2ce24c349926a11bf7e0d01e3145f4cfedfaf84e |
| SHA256 | fd31a1969670ba4faf90e552b1d41c988067fa4fb658d8a952a891d4fa2a57d2 |
| SHA512 | 633539234c4d199ec28af36589af63980ad30a317badf3d68a8b089fc55a930d8e375f7bd21e26e75cdb697dda63b68d1707e6ba9f17a55a3574452f510048e2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_DBD1FAADD656881B5EBDBC1DB3D60301
| MD5 | 9e69d6f92027bd379f7a9d0e196e0d07 |
| SHA1 | d8d27b21cd87326b10c390f90575830697655e76 |
| SHA256 | 8dfd868db1060adeabc40573ce48eb9265a830955cf74a234c911d215a099132 |
| SHA512 | c92bc98245cdd106ca01c546a333ed14bb0d7a2d8d776ee4885423d55530281dc2b3e19bb334310169afaf3cc10921f909c9af6250aab87065e1908421c462ba |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\www-embed-player[1].js
| MD5 | d2056f8d081fbfffcab81d61ea45b151 |
| SHA1 | 710243082f40626f64943ad3b656400f444d7130 |
| SHA256 | 49fa9b168cc8bbc037cf4498e31c355509e9b438b0d19fcf750b1c5fbd1efcaa |
| SHA512 | 530ca2c291c44d3d2b5869b0ae661ac047748a5cab50de280a2c8dbd26b52cdd71a906b3730e8a849debece542eb919462a8407ef2410acf28c57d2b6068cc14 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\base[1].js
| MD5 | 9178a954abcce420219864651c7787b2 |
| SHA1 | f874d3e998441ba6439cfd7e89514facde08cff4 |
| SHA256 | 40cc1692dd4d8e1c8ed29593ee222240494b872b734c0e31da4628014da7346d |
| SHA512 | 927bf88499cdd64ce32f3780a0cfa88b14fdfbeac6a237454dcc43ee5d56b04754a40dbcba402519637ba1a3b0f948a597260a74ddb0b316698a41559d8e1cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | ed59ab401ec51a0eb0037c573c8bd1cf |
| SHA1 | d370ee0259333b00e0865fd7aa96d54d89daa278 |
| SHA256 | 6efaa575bf2e49e034b1b04e843810bcbc3ef5790e36190abeed4846002c9080 |
| SHA512 | fc8d8d7091ec7c22978869c0be4207014f68ea41bfa49b6cff891aa9aceaf4f4f1ddcf1bcab7b59d0c002534957747241d165c7cea511ef08fe2af8ddcd17cc3 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 71d04b8b688d99f6509ea86bbf7f9656 |
| SHA1 | a16c9aa295eab1ecd4624097dbb2dd98f7973a16 |
| SHA256 | 478aa5a29fa7a9d64263a369078313e515e5eefcad3bf3be9fd80e0c291e2450 |
| SHA512 | 3aa23992ffcd370d5afd2dc800e974b4946b0f8740725f693d1d84d73a4cbfc954bff2bc8a329f0bd792d12a0e5167d809387ad8f29511ea589153109c4142ea |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 7959675acc904748db6855351bd66ef8 |
| SHA1 | e3a8730b7a3b0015ab5c2bc19707af0466a3cfb2 |
| SHA256 | d63b0dfaa080557261f1142f78e00978286b8f7801308d5ecfbc3bb519c9278a |
| SHA512 | 4c1a9b3e8b14d518b6f011f6e5115a29f0c18bcbe0d3fbefd8091b7f6d53f556997c713397551d87faecaaf3c43dfefcacc75adc33b22aeaeebc286a66c8bcb7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | bf3b7ee1ce463285591e3cf02b1bb93a |
| SHA1 | 2d142caf8f17a0cf6799fc974d1ecbe5cb9ee361 |
| SHA256 | d3a09f2bfbc2cf2ece6e4ecc76f6191ad545b0dd3a559752aa0d6181752cd470 |
| SHA512 | 071f625c2d50b00339b718cfbfed2a2b67b6ee6f57448d7b1c2f199ae4ed119c8dfe7fa70b5fb8c49e4bc182fa9b1864a76382a083ebac16ea331829e0dcb147 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\embed[1].js
| MD5 | 322e970509e24ab233b6c326a9339623 |
| SHA1 | 10e2ea809ae638d5f32385d05c569922ab19bc17 |
| SHA256 | 99cbd012a57f19a3fc1b412866ba13d6b9de2a5bb22449dcbf14ec0a88937000 |
| SHA512 | 8f8bdc9418feed04e6fc7415e9e57f0934a6b136b1a763e0e39f67efa47e004a8c3385105a1c1dd9fa48ada83ac5a2a93940f20a99d6d16722ae903c93d9817c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\nOQ6CFFsFLFHJQRrU97H8zc3BH-Y1IdUHHiQ5lkOGko[1].js
| MD5 | 869ac18715dead8f7d2166bc029113a6 |
| SHA1 | 1ef11f05c6068103cbebd8c835b5f18a5eeb4002 |
| SHA256 | 9ce43a08516c14b14725046b53dec7f33737047f98d487541c7890e6590e1a4a |
| SHA512 | c3b71aaadd710e2137c3866d8aeaab6ad1ea34a44c5d77e01034242d256f7a1256d8379a186075c969aacada840283997915a6597d846e2eef530b9d797d219e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 7a4aa70d012ddad9b304edfdb9dca396 |
| SHA1 | 10ffc30424ff02489d71d9d51a92122ebc925231 |
| SHA256 | ecf7aad9d53a687a19024031f7abe318ff5d0d3dac44a028f2a18a63326291bd |
| SHA512 | ed98a8c31185f879cef87ff48364a0165769d526d1fd34be6cdd7ca81e486764d8d1eee5b20e147ba1f5bbd163379e4a56588d37128bf19d92c2a7594551ed10 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\remote[1].js
| MD5 | 9a260ebfcd9283c905736047a6710016 |
| SHA1 | abf83fabe75adada9ac80f1ea7478541a7af32ae |
| SHA256 | 2bb23e82fc1dd04738a92658823f00ba143cade8c16ab948bf7778fa2707e352 |
| SHA512 | ea0664517a12754450d940f5dab26e14cd3b6e30219b65354465f13faf59649b709131836c660096244e3188f425de428ef53c1d21bccffcdb707f39479304d3 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 06de50cd1d35a81209359a2ff0451986 |
| SHA1 | fe4241b75109e908a4b377ff710d0cb8eed0cd5a |
| SHA256 | f72a5964fa5af63eb4b64eec543a934fcefe10e5b9bcb5e2b94c26545ca39d0f |
| SHA512 | a1839a67716b79565c3ff7b4488df06ed0ccf4407d53edff12bd5d15907bab369acb55622842162f90251af5dbc5d2e3acf763a63aacd5198e6e7b6f147c32b6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 164242d0ef8b00e71d80cbc9ea0e8e0f |
| SHA1 | a8c324b4e24d118aca79427b23b2deca4497a02a |
| SHA256 | e17da3310862fe8c4b79a177d55e4a9f40045ac269db82f0a122a48ed2d2ee03 |
| SHA512 | 3dff32a206764f3fbfe34b92e02f0d45e32892f1a3b0852a3de7ee54d32ec962bdbe330313ba230076f0e98a43419d4e3210ea9d4fcc7fef4e129fa605ea1919 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 284e56b96ba638fe043d5d48ed07fbde |
| SHA1 | e50b41d457fa609272d8dade781e54775728ff18 |
| SHA256 | 7c1697fcd0528fb4ae7ac7b5d69b7810ad25cccffa15db336d81dea4953830fe |
| SHA512 | 108924c40affb288001f7a4baae4bcb079d34ea99b3ff72bc23d4ffc33f3e941c6273c5dacfb71a4b9fa7de5fc0d5ccaa657586c3b61c97207ce9faef6914ddb |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 79ac7f76798bcb57a7666e6f00588ffe |
| SHA1 | 9b84d85f45430dba7fcdd4d727b587beb2b02160 |
| SHA256 | 9ec4df4b38a58e7de26095b9d03f700ee63fd4255b69f850ddbbf356d09d5870 |
| SHA512 | 822f976a8b0031b6e3851f6d98455315c2bd8704b38c64a34b100fda2c46bc67608b21540a32b4fd4ad8790a0d70fa169913e1b3c16060904cd0ae5328c4db5b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 3dd7c45154a2bd9cc62f11280c048a76 |
| SHA1 | c9bb18cab4e665e2be49b78349d8ad0841a8df76 |
| SHA256 | 2c8052f0fa2d65e0c6c07d389246744186af2cfb22493f363dd9b168895e56e2 |
| SHA512 | 0d4ce6cf972724b5c1dd196697c66ab7ed0d63eba8403ca2345df3412692c91962d54d21b794c7e5abf9809c625f725aaa47483957282788e4fdb4c768121615 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | c502ffb4652b226e5c362100801407f1 |
| SHA1 | 76733c685d04ebbd9c5cfe85b1b14012bca8c246 |
| SHA256 | 19bde76e74b669b39699941032e253915d279baba83a4478618f487ca45a130c |
| SHA512 | f1e8a40092c9d894f36f4554a1b33e1c4934818c7f6f89b492a7dda9342dbae602e47443f654ee63b00f8f896619d1776000d568785ec5fe00718f496a152843 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 55563f093cf9e384be716451c3ab7d95 |
| SHA1 | 721b8290b6f43ecfb74570b5cb4a4f76d08a463c |
| SHA256 | 3b4ed8d9a707150638992bbcc34cf80ba575cc0d83a289449fe0c77274ef6a7e |
| SHA512 | afbdeffe8a7e57f085c1fe6ef95f14f103414bbd1bd86ab52141978c5b90564a2e1f2acd2a5652a0d971ef3cd042f0fa75ed2aa0a59e1e3aec7237ed53959cc0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 56deb977c7575ab19af6cecee1bd7a03 |
| SHA1 | 8433c85fda12944e628eda34eeb949f5fc101bc1 |
| SHA256 | 8b477c96fc815fd859b0a57ab5f7f10bf120ab5aad2111d2de9dfd70ec12f626 |
| SHA512 | 298d9e39fe4651350295b9280e76d2e98c269f0219d1f9e1ea78a808cb18c12510c81684ad97eeb7ccfc3d25309fe9435dd0d4e0b6a7272d67f72b358e0d15b0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | d09bc8e7db847a587dd576c1887dfcdc |
| SHA1 | ee9d1e377baf2b7c342a49a5127027f06b6bbd92 |
| SHA256 | e8f4d4b7599a839cb111e7fb020716375c92177390d96683ffd9a40c58634f0c |
| SHA512 | b0c3cdf27a2d402921f7e8fd69cef8387f7ba642a17eca6ce9028f9695ae0005a19953ec42b74c682cc5b7770027bcb71eed89fad7fbe3f5f8378d1b9fc47354 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 84110e87f6684009e7d15b02f3f55afb |
| SHA1 | 9fc01e35bd407ec75fe09cfe19735ddf03d50784 |
| SHA256 | a4c81e88e5945abfc84eaff55b29fb9125a522cd14bff422bcdbc621fc37eef4 |
| SHA512 | 527b05aba6085474cd6166cae29aa67529498deae7529e7f0ac44166d707cdaff438499d6df4df3b72ec71111efd2871f8a4123f4b9f5b0facca16d891a6fdc5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 5129675f7f79ba660b7dd0f3166c78d2 |
| SHA1 | db0ba3474b61dda91a45519ac2d28a2bc114c23f |
| SHA256 | f2b9672dcdacbfd471c23870909e848a3a6f90a52c6180f74a6393631e5cf0f3 |
| SHA512 | 18fe86d65fb0bd1817aba915bf1c279ec8b039c5078267f214e21bfd4deba8ea4c64a9f976b66e04ccda4c42f9df5896a0251b09fc49c218c6f576b7ee626d19 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | dc20efd0aeaff1834447a99bf717ed4c |
| SHA1 | 30b2b9692477bb63d164658cf0ac3aad8d05dfd6 |
| SHA256 | fffec15a92a161c404bcb3284f6eb40784481a3c1a02696bfd7ace27f5c7b1a1 |
| SHA512 | 02ca93005ccbc1dbb50e54eecf3b4e54159f57f2a97a0156a8b6e5e44b22358fcdc896015237d2e2c1817980e85560762266e7e0d233f2ad875a991a9e7b8658 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | fa893395486eb680e19f4744796936d8 |
| SHA1 | c4fdc9e0e3ee71b1c2dffa5b84473401038ce28c |
| SHA256 | 635a8d39a293265f5cba14e97f7c3879f4e5d1b053229d555acb57fbe336ef3f |
| SHA512 | b081592f9c827869a695388f4dced482e9d8a94ab4ef0ac4de64898885d1a62837a88f2669b510f9542a4daca549370258711362459ce5ba9002814589b92e95 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2064a1aaadf9648d0190bcc328dbf748 |
| SHA1 | 50308a698df68df57d51db74493e11ee1bcb565b |
| SHA256 | 795b4b6bbea329ce9efa8b08dc052ab3f9992e2c25bc6109b8c1a9ffdcd31899 |
| SHA512 | cdc2c0c48cfc3206e19e9c6f6e03ca0d0503cf38d67425a63c57555c91e58914d1cbf5c9f193577ac8f317b552448a21e3bd3090bc16da3620544bd96b269fae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5c459008e1f467355e0c809b61f8f5db |
| SHA1 | e13167c0620eeedc58ba5d171cf8d6870ac32047 |
| SHA256 | 273483fe3e29d7fd58c5008b81eceb16918fc73f0c8ec22d20e16987eaf900d2 |
| SHA512 | 33c1224acc39fbd6bb8cc5ba5fc9d780579f9110ad4632d5552be0cdb1d0148238b8ad36a76bd4f3417a904274fcc96b3210c0c646d0490287dad7403ce5cf64 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1c4da662e65dea1bb246254acb420621 |
| SHA1 | 0f4010702cd635bb0622516e9eaf028c55fcd06a |
| SHA256 | 61d6fc60546b7fc22e8229790e8cf6dd041f78ae3176e10a0c42f9afe1ec0718 |
| SHA512 | 1a751ed1485b7dc94419374723f09333bdde949031e4014b64f15423f577f76ecaf5b7ddf469793e0797b9b56fb13b3a912f5b8692746d955464de6f1b9c8d65 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c80d5adf33dd729e4a1ff90de9e3c428 |
| SHA1 | a3b339ad44168eb9b54f05cb4fb1580d235b798c |
| SHA256 | 460f9ae484fd99ba3fc2f3fd7f178e5ce908d1f00588e780c6d4e27865d8843a |
| SHA512 | 3a78db195ad0c002f8f47da1f8ee0ef2306f0a038d54afacee99ac67f8f3b31250a0f0c565880f4d6b90e6357044e27d1c381f8a3fdd7d6ef19f7e0ddcf1962e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 16bf1c9a1de04a2723d07bfd68290f35 |
| SHA1 | 6fae81347f1a6e65d892190254cae1fc0431909b |
| SHA256 | 0b62346c964a0a58a98c075c9bd278e673cb8ba1ae045db8f58af2033646aaba |
| SHA512 | 3b6a9d40edf45ef740796904495c1764aa84123cc3f2b05bc4b89640ee8a66acf05e003e83e2c7824bf4a70edc5f2ea7b040e9bf3723dd3b441eda3e5f898a0f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | de1234742895f57812a046ba6e990d85 |
| SHA1 | 983c0886757f4c598b5ddd5d8abcf7951f7532d5 |
| SHA256 | fe6d0de4a46e30b783b450551de7711b315b22799d054df1346ce88a0720ba0a |
| SHA512 | 0a9b4ce25d085c777ffc32d2b8049b41a5dbf7d3f940782d94f2b041df9eb51fcc5af612bac913b3abcd3b308939daf6be54b15a9e31ba3edb97165bf9079af3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c5d9f3075833accfd7e3f93096c66c4d |
| SHA1 | 3b14e2de47e8f4d9a4bac9b0d580e102a6de99d3 |
| SHA256 | 45e0e63beb0273eb762ae1610c2540fce7a7db1fd4cae16034471051397cecdf |
| SHA512 | 781e6e584f2577fd5e2a945ddea4bc5738115df2e14171cac02355fb6e5b116f81b887730bcd3fb521afee2e774ee64bfa157fedfb97002462403d6d592a374e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a3dc029eb53cd446e1515ab48f099741 |
| SHA1 | c047516148a407f9d3be0c4697e2b8fbc9d80a11 |
| SHA256 | 9641d498c8b1da9c30cc196c99612f2ac2226f027a609002e010147cb3ab44c8 |
| SHA512 | 0abe0128e75e9b886cbfd2c371b1c7901cb2dc22f294cddbbb4029b75370889adc15dfe714c72a66f99cb8f5f02158330ce64b42424cdad893e42aa1dc57659a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 8b161ef1ac6dfa2ded1b3dd694098011 |
| SHA1 | 3536a404e1e2ac6e54d57abefd0d5c2a3504cf2f |
| SHA256 | e608e136d54c1683c555c0e675ced65d8a77deb02f478e6887366c3395ebf0b1 |
| SHA512 | d24f5a053d0c7fd8313296d368030d3df79dad42bfccb7fc83351f01e6b3ea08889175d23f683e1181835dd0359712030cb484c310fa7f718e7fc30f92177d32 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | d736a6223a046c31663b385c378b6088 |
| SHA1 | 028d1f0325755f691fb37652c56c9453c5bd0c36 |
| SHA256 | 167bd2d37e997ca8770f41bd8025bda7a46b64c4a8d726f91da8af77dbfce526 |
| SHA512 | ac0ba05fcab3be562edab43399cce1fac5ac1d3bab6cd43b70c8f756f79a76d87fce6e82e1efbba6d9fbeef7b38f202fb2077930c9fa49fd9878405fab126962 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ba74d908e8cf23669216191ec84afa0b |
| SHA1 | d57eb1abfd2edff1d937d7e0dabaeaee4574139a |
| SHA256 | 9be55a7dad5493a5f7bba6439cd6ae1cdb299c5b44f41b1e3e7d11a1511badc7 |
| SHA512 | b8b69fe8a148e54c8834f0eecf83d4dd742503df15f457a04ef53e96779bd3d45ecdd3ad8115facd2752b8e8da4e27cb1f5b2f92057e6d5a9fa7ecfc6b372049 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c738231c076b4da242a09100f8d37347 |
| SHA1 | 131f217ddac295ec438ada4bc4ec0d400727602b |
| SHA256 | 8adefb37cbce63edb3bdd8d18f70aaed184306b04b29baf07091ef84fa3b47db |
| SHA512 | a2598ad01324bd7c3d86cab72c35a9211c6983855df04d4694d98bdcf73697a2670aadf2a8908a6a5f845d2718991cdd355a29c0e801f04fe573868bec6884e4 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | a0766cf084d603838ba76f6d6941ef52 |
| SHA1 | 6945c19d2af0c816daf50bb23879d24e23e97f0e |
| SHA256 | 095a38d3ee9aa4e4a3c1309841b390b637b31ede40bb30a8d4d8ab8a4ed933d8 |
| SHA512 | c88896ae0b9ff8a495cb9e9e295d84244c1007f666cb39d5dc60b3c670a29f794e355b361edcbcb384fe9d0f5d80a69514d77735dde42244fae65f72e19d0e09 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 026f6e1ca8c21fec3ed246f145d42690 |
| SHA1 | ecd9f6b78f5643cd500a6d4194ae717398becda0 |
| SHA256 | f9fa3889f822e60829684cce991e8812995aca13bff86761e0ddef798aaffa5a |
| SHA512 | 387e3f630e010cacd16949e0c39198ee3c7d5a3698e604d028d181420c500d29f3483f510adc165401b3f0e81bb28ee01bb8c6304a3379a35ed99ca0f191e8b9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | d96cc1eec6616aeacced26c2c0cf4472 |
| SHA1 | f7c7eed82ff163c3382746d6bd08f1bc56c8556d |
| SHA256 | ae76f21608da5c09bed54ef7b9932676ac92589ae76521bc452c4de03ca1f965 |
| SHA512 | 086f95594aba5a479b0af5130b2def5c322011cbe64b789d6282635a6e662c9d33ef1649942074958509e3ae379980f6857d6ad1deb216ab2055f817fdc030d9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 38c8fb85ff70c23c32ee343b406b123b |
| SHA1 | e64a01eadae3f777effa24a909036813df1e2f49 |
| SHA256 | 59f8ced3a1f51994b1dc5674547e91204b878c17ef5b6d09d06fb9f18ad428a0 |
| SHA512 | 46c4bb5ef41e2646504112188b042db07ea10064870a300d758c9477b678c4b385b5b14adac892134b26854f06e2291e9491ad03a340ea803617c8fac2dab7f3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | db155ca577751fc7d9e18f6cd8a4794e |
| SHA1 | bcd2f79e71ef5e1dd142f1e2323eebeb67f8e1a8 |
| SHA256 | f2be2a4a0aa642d8b3d4c0e5f833faa120531fe273f95bfdb482ddc24c8cf25f |
| SHA512 | 933a7ba083cc0b42f4793c13fd978a29c93b4307cbeaef1ec990b7ba9fdb79d3a3f1454d3e1402838d797ad1df0c26a29da661237f10ede616b291f256cfe892 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ecf1dfc92e020ce72e93e3d540b11dbf |
| SHA1 | c2e3eaaf164b934d923d80953c318afda68fd69b |
| SHA256 | 3d59fa41037b7bd79be24eb21a5edeaf8fa4a5161a2b3baaabd8ba8afcce3036 |
| SHA512 | 71a2a8ec5697ff3cec89b5329edc967acd3ddbe5aa3e8f939a8f3aff2e0e2ad6126ebbe3922f25ca18953e14327a99e676ae0f7a2eb50222325af6eb69625ee8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5f269788026e9aa794d5eb33ca1373f9 |
| SHA1 | a2499085f22a4673a74c0e886c20b78109cf9a77 |
| SHA256 | 38a4498354cce4b781be933c3688e3febfe2972d39e38bc462ed8cbf3da04a0b |
| SHA512 | 452a157a3ee119d6e99f6a05685891bc2310826160087780bee0137eb445ab1044817007a4416c296e6dfb2e2945d37badaeeecc06f678de0ebfbb8f721569e7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5f19a753eca6f1182b8bdb7c92eb7e8d |
| SHA1 | 98d07b0fa6122cc388fd4e349c00a82badaf34f5 |
| SHA256 | aefda1d851f0e90fa204965e2fa7f15a3b395ce526b6c0da89767b3b004f78d0 |
| SHA512 | 5427a6fbcc8efb9e9b48731affcd072886a2de139f8eb8ab8da9aa9ce9759afc5672b06ffc93df3cebf20419158f0c28e2d302334b3094359b93f8e9765ea383 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 86213eb25c42cc795b74d08c0e7db88a |
| SHA1 | d6f1d1778b3b3d06edad37dde83fd3de926f7781 |
| SHA256 | 58200dc122e43bb454c874051039e1f01d8f404bc35dc86698ba55f8b4eb8890 |
| SHA512 | b460f7cb0c31a2035a2e45430f81d91675acfb39960fc6032087779ab87a077a2e717a836df3a3c39355bf87c2761e2b5b791ff430477d179685b0cd77b2d442 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2468db3ea8bfdb2ccaf8feab052dbcf0 |
| SHA1 | 92a5db1d59eb94cf3f34198901ff1a39d2e39190 |
| SHA256 | 78c37ceb03f7cfbd9ca0203bf8f2e5e0bd8cc9b27b0d9a5519032fc2412ac4d4 |
| SHA512 | db183c4ad986e8ddf5e2fdca930521762d737414005483d0deb17c41dc58ec55095015f0f820a7d063ae0d913221b0bdea40b9515f717da5ef75ecb0a7f2cb9b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f42b0545ee2daee290f0a6ea5a8e70ac |
| SHA1 | 181507672e60b0862d762ccd4cd42f939d58994b |
| SHA256 | ec3e9023cb0b6a85efa121f8df6b5898c3ce8646d9c2dadfc810f2683a2125fb |
| SHA512 | b7d92978153c51e4160ef571af4cfced4000fae29c54f002ba19f3b544d7ec1d29b9a475715626c440be2671f2d854eb3b830cc8e500c3969facc891f80cd1bc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c8d3e07f5c9812eba9f3369f15288ab4 |
| SHA1 | d86ba93c4c7c04a30ab32f52eb9ab17292980c4d |
| SHA256 | c0e3bfc71c7a665f371cfadd94dfa29d1f9fbe7281efc8b5b8b0db29adbfd87e |
| SHA512 | 4f48e60ac268d7d5dbb95d792850fa6146d7cf1a47dc0d0a70d57971304cc63278f9555d77d81fa0b6c789ff170543ac6c8207d3b2989d225a1d8a2b64b7e04a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5b37167ceb2d231fea90870ed2ad82b0 |
| SHA1 | fd7ffc8f5280910fd6669a4bf2c101cc62786037 |
| SHA256 | eb8b6de5537ba315ec1b56b4e9200fa50920225e74342e6c40680aa0d86e9b07 |
| SHA512 | 37bc4436145dd288f8019b3b3b5bd6010e883bee3dce879237dfa60044b40b81b70b2100bc0d23f64ba03e8d20edf301a3df4e0946fd7f88af398b3482a5ed81 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fff493712309a3d81d1f3b58c41891b8 |
| SHA1 | 66fc0ce94bf9f66291823d99d96264d580e10d83 |
| SHA256 | 85e45a68c6c7943f71b6561ea272a033ca621db9f851b66d182fe5e046195f37 |
| SHA512 | 249d0cd22b3fe7eb235a0be825101cec3757eae7290df799782f6239180357aaade3ff3b3aa4e4b4f38d600db01a02fb73b2603a036493761fd8f393dde12549 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | f0e0f57a6edf5e1ee14f22b08280bee9 |
| SHA1 | 5360d97e568030c5a1e70a4657aac5cabfc177eb |
| SHA256 | 8baacfed398f8b70fac2f5cdfd5a186ee0a54cdcc26112c81a76289ae9a7ade0 |
| SHA512 | 7663171cf6e2ae170ae5f2184e64777b2d1b29525c2d1ec432c8c3a144a2e9f40892af4d7f1c047e65f1ec3d9bf4672ff4ce58c4193e95b7d6c3fdc636d712c7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 9dd5454b6438d3753d7d044bc198ef15 |
| SHA1 | fd3af5e1cef2e8e6dbc7e2cc66b33932ed0cd0f8 |
| SHA256 | ee168f7cd45482accfafbf6aea34ebd73cedc341de30f66a7d337a5056af03a1 |
| SHA512 | f233dd9b859035f5966a226139cc41762f85c9db7e03bf36f45202d1c6d3a8848caa7a254d2b58421656e109ab19e0871b3b29943da4dc534d13624de9bca62e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | 96ec4007696d74d94636ce35d372dd7f |
| SHA1 | efefc83819db23592a7424ef31fed50a93230bfb |
| SHA256 | f9b9e847c4536046f3f7ac1f64e897ccaa065d2b152f395df6da66f2dad6fa8a |
| SHA512 | 606524d55084e78516b079c986be9706ca881fc3e440d9cd2410c75f14333cddcc5a0fad44a1d56cfd3316425a1e8bb8091ed5923f0e29d053388bd7c29c1039 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRGEHVBC\www.youtube[1].xml
| MD5 | c0b547614f7179baa002256961d67050 |
| SHA1 | b18f1f8754280acd64f9be90d4f1a6ece3ec6a6d |
| SHA256 | 57ed1379f00a898f55aec444c4077c22cfffffcaef6b051daa4de2f29c5e6e65 |
| SHA512 | 14f85689876d1ffaf3fea261be46c508970e3e136761b24f4f8ac41fed742bb263548bda0366041bb40ebbc48ce4707a6ec16dc6d9a9c767c65737be93c0cbe4 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-02 06:45
Reported
2024-06-02 06:48
Platform
win10v2004-20240508-en
Max time kernel
145s
Max time network
140s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8d334db438fc613ac708be5ce91f8f79_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc4d6946f8,0x7ffc4d694708,0x7ffc4d694718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4720 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4720 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,18382456398720845451,11741150183444170238,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5748 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 142.250.200.54:443 | i.ytimg.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 54.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 612a6c4247ef652299b376221c984213 |
| SHA1 | d306f3b16bde39708aa862aee372345feb559750 |
| SHA256 | 9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a |
| SHA512 | 34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973 |
\??\pipe\LOCAL\crashpad_4652_GDJFHPKPPSXNSKOD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56641592f6e69f5f5fb06f2319384490 |
| SHA1 | 6a86be42e2c6d26b7830ad9f4e2627995fd91069 |
| SHA256 | 02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455 |
| SHA512 | c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d6dae3e34056d11a553dd05f26e32d20 |
| SHA1 | b0853dc497f5b6fcfbdb06ab448ae258c82bf6e7 |
| SHA256 | ac605a837fde12af420353e990e40a1f05881dbecf10feb15c7e459753a25238 |
| SHA512 | 2645bbf297c8f833c236acd9582a54ac08926a039296e970dda95568d724440a15913ff413600d83942f2fcd461ad1d2e49bb73995f437d1c10bff7de536ed80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 361197653b326dab44cce7df75f3e5f8 |
| SHA1 | 85dd330ad6baf69fd03bbe12c556772bf02bb117 |
| SHA256 | f36b1b9f1dccdc7976c4040fb4cb4c9f599a8ad00e61c4798fb8e1b1b455e9a3 |
| SHA512 | d74db75000861d6c3ae908bea2c64614c0f911fba109456f2c5ee4519da8b91feec742f95f18cdb811cd87294957972276625f7c3dc7808183c680132a9843ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1e9e1a7cef5970e800b9a578cde3de3b |
| SHA1 | c392987dff92ff15f3afba24643c88302db3cc6c |
| SHA256 | 46f6ee03100e13b54d2afe09fbb217a0068e34d419c4864e33564dcfa945cf78 |
| SHA512 | a9c9507a09c50bf16107645c7e0409f3ddb5e0190b6050446a3f1ce8aa3049e62430ad288389cf9334869dfeb0a498bbecadbb1745e0bb12cf9834ced0e4e9ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | de78830137fb8c4719f207a7c5cb5bab |
| SHA1 | 43c1fb28598a54d1a171e88786a2fc30b8b45082 |
| SHA256 | 360ed3ba4e6271364b97709d726b90935ced76901226315b611e399459c25739 |
| SHA512 | 50801c315fcc04d8716ab5f6b1ab95bccb2a4d2f4e3232f4d55cbe79a6d22a74ef3ae3bf3b7d3f3b78e250438af12eda9c119de180e13710b0c74c041ff93f2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 023a7df3b6d27ea2d1f5cdd65447176d |
| SHA1 | f416425a22042052be0e9080d758d8c6324caee6 |
| SHA256 | 717da4c0e6755911909016346322df68d1cfb64a8dc41c7943380e4f76dbfe55 |
| SHA512 | 118a6d67ef511e5ed3c097aa3b27c4a255244a5e3139d89b59955b4136e0b8508cb7515b6f2fd920eaff420ccb145e8936557b9d77b2d7684075ca9a574d6ba9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 596a502ad69654a8e03060444615a74a |
| SHA1 | ce799753888d96784e0423c94cb239c6f2a46791 |
| SHA256 | a4e5ccc7b3e3c51beb3d04cc44f670aaa1083ac9907df85185d03b4398d5fc80 |
| SHA512 | c0ca458852bb8478c3cf951c0952def7a5a3852e9d0aa43c1a10e3e77333fd59970e71c72dbd5db3ebddda45ccd4e9c9b5e18f3d787fb6a1d4c1170b28737b4b |