Malware Analysis Report

2025-04-14 00:17

Sample ID 240602-hjsrzsef35
Target 8d33e768814272b65e47b5d3c6176276_JaffaCakes118
SHA256 ed0df2eae504243e2651b7fdd43956df5c9321ed5efe765fe96a1f64db427021
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

ed0df2eae504243e2651b7fdd43956df5c9321ed5efe765fe96a1f64db427021

Threat Level: No (potentially) malicious behavior was detected

The file 8d33e768814272b65e47b5d3c6176276_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-02 06:46

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-02 06:46

Reported

2024-06-02 06:49

Platform

win7-20240221-en

Max time kernel

145s

Max time network

149s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8d33e768814272b65e47b5d3c6176276_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d91d723ae10eee4eb523d6c35b22936100000000020000000000106600000001000020000000bd737b6ed6f6d12c361cafab8d2778f100033376f9b879ac64754a4e92184416000000000e80000000020000200000007969c147d8638b9e4a7ba87ab07aa53f6b9644e652f223b9ea27072239899118200000003d87c601e7deceba76f339cb176bb116dab1f4317c38cbc344660f8e421c9a514000000023467cca379bc1543f6ecb472960c56eebb216c14ec481d01e8bd4f3d54ec26eb549d4384c7af067a8c35736e78d77ea2068fb397de0388876d3e67783d19693 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 202a1daeb8b4da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d91d723ae10eee4eb523d6c35b229361000000000200000000001066000000010000200000006699311bd6b63728270bf37ad2a8fa0178a84a55cce42a89c089311d61ab014f000000000e8000000002000020000000da3d99906ee5dbc79d2e00c1e8b2ce1eb4a8aff93ba167e38f673bae1c05901c90000000c73f9761cd2622f95e64145fcf1e9bc7ed2addfc182405f87b1963243a834530a21e1cdaf3b22a8e3b0ec06ca88f663f2ac660a033d84978392e10f20fdabab86a539a08a4c7757eeb4e1e71e84ebd48ed150b029228e481dda511d4c9e71670cd2a2bafb3e39d30d4e492105f19ba0c22185e196900eceb791dd5da25d6418f30a8b9b38ec18b3f28d6a1929242918a400000007988b994256474bab75fac71a9695c7e9b4c5e7d925f65272ecd3691c15a35e8c484bca3a1c162a19adee5f04f1fe838b3535df4c7e95c3d6021d3cb104f4220 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423472655" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D5C9B021-20AB-11EF-B2DC-EA263619F6CB} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8d33e768814272b65e47b5d3c6176276_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2892 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 172.217.16.234:80 ajax.googleapis.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 151.101.2.137:80 code.jquery.com tcp
GB 172.217.16.234:80 ajax.googleapis.com tcp
US 151.101.2.137:80 code.jquery.com tcp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 692279c5553e7a91afc1ca91c069ab0b
SHA1 fc846f60a38c827cf36a93199aae2b31461062fb
SHA256 614599256797fc9aa08f02604b0e0c30bc7d9ba63d9a46142c66a3f3f1f05b8e
SHA512 a91058ac441204387a78e3249a69574a18dab38f81f3c9fa632607be5379f950ff1fdf9fb7c7a1ac4f4bcd296d5af67cd8f968b40349bdb401191c0a225a8502

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 f9251293dfafe12777ac8551f78e6b0c
SHA1 b54d3b5f6dffa643c50cdeb8b8e8d1c1c1013f3a
SHA256 f793120f2a9c175903800742bb57c03f595ee4a4ac75f91ed6013c11fc59493e
SHA512 c58571e30af46d945922a5d7c4dbf15bc17434b9c7bf43f88d7c215f7dc155fdd61198907417feffa832a6227b8e670d31a0a978cfb382a465e6da787ea4917d

C:\Users\Admin\AppData\Local\Temp\Cab9D69.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8A9A2DI\platform_gapi.iframes.style.common[1].js

MD5 682c26af19b240f98d2cb951721fa54d
SHA1 18e58b652c7f82a55ab4b1910693686049e25d62
SHA256 96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980
SHA512 078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8A9A2DI\cb=gapi[1].js

MD5 f9255a0dec7524a9a3e867a9f878a68b
SHA1 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b
SHA256 d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d
SHA512 d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 49372bd30c4a3ef8bc2fbfe3af382510
SHA1 633bc8aa45322e8ce322b0991c6e8a046068531a
SHA256 9d88fd013d9d5e372cff8f87896ddb1f0a0a6af6ca212f56a9a75eb52a64abe0
SHA512 32bd4e2b73fc1c69753b1fa67407d22abefb606153a24db2f48725e6d09209e1041fcf543dbf7daba87f5bf8bc2a8cfb83d4b4edd61f44ebe3c96cc730b6cd69

C:\Users\Admin\AppData\Local\Temp\TarCB3D.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5a373253fd7d2d092eb79820bc447789
SHA1 e8ba1a55c0493a7a0530fcc8414cf778985b613d
SHA256 9005c085d8bfe66d44f269336892397b01e94cd961d5b428352f58c2bbf40873
SHA512 a5e966ddeb76988322e15e597d4561e7582b6f998ac631bd42b69acd0319756ddf9102fd8c00b443b372f5ca2c49b4a5ab0418e000225965c067e6fb29df43d6

C:\Users\Admin\AppData\Local\Temp\TarCC8D.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fc55412b37896576aa15c39ce6530a37
SHA1 31b60f43f50c16d8313a73ed4e88b54d6300ae3f
SHA256 4d4f961cf51075c5e01dfb6d6fc8e53c653e3df773f18b38c7a5dbcded75dcdb
SHA512 fdd9cda0e426cda4d92ded1622e34d6050733bb8ffe9157548f77bff50a0e676d29c12f9c68b86be3d0d29fb8583659d31eac71967041c18054bb40af94543b1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b91b0c8288050d9701e450b6e45371b0
SHA1 10dfe07f8e062255bad409cbcb7ce9abc022d315
SHA256 880721ac387a47d3ef0cc094a1bc500cd6528e7fd024dabe2dce8c61e21a7889
SHA512 97007a40d635bf3d08cb9dcfc85ed36b9bf2ccb771acff97d489b98079cbb5bcf88296072a3657e45d6bde0a289bfc5c6eabfff6d1fdc28da090d913dd953194

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 699467cac44f84c8aa3390a9db7b2477
SHA1 b6cd3c722679d536b6ea17a7c9c5ab5a8453f340
SHA256 2331fa1a8f76c5205315503d5f942b9847284807ab5d160b2a17d8086038af66
SHA512 94d15942d427ad56a8fa80082c28ccae6c18d157463d21a6508675972832b954a6338b2444aeefbb6fadaf3945240f2b427fd47ca72eb7c9ea33552d10a93fbc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6ba67da75eb3a4d02e83133f61fcce5c
SHA1 0eda4fc7e2833d1804df7db5ccd1b57304cc506c
SHA256 c685ca4d8676349fcef14ceb9d4175511169eb2e7251993682f700ebed740f07
SHA512 8b829d5954953c8c6c86bae0e526301f41c2867ac51030c9aaeadfb9f62d34c504805fbee2a205bb1592823cd8491b2c5e063d554de5c9f2aaed71321a0de049

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 263e61d56ca8e363487fb48a80ba12a0
SHA1 97fb3c2aa7a03988f0e7bbb1ca453a8d12526752
SHA256 8e2fd346727bd1284b9123b8b7e5aeca64492d5c4ca26f482592023820c2afb1
SHA512 b912cfc00b755244578d5420ad32aef181c0c8449f50d576fc9a304d66c302e21e9ace2b73eeefb448217e69489a8929ff6fef1c7027813c25f93933dfcca0b4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1a8626786321bc49c55009f3f7b0c32c
SHA1 745f9c296f24f79e7c126bf38d08f0af0f3a757b
SHA256 9438632e00eaab312b145a0206d9c277ea63b876be95cb7e95444e50b831d1f0
SHA512 7fc2e52fd8a6cc52bd6baa321a52360ccca33e4f1baaf44bf15be6388f01a78bafb6f6e5b21b967d51adb1626b2e7d8f8bec693ef893dbaf24f89a3d5af40d27

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0ba04f3074d28a085026ea6eb7cf3bc6
SHA1 d13a3bfa271ca29f2065232af1041daab3f72031
SHA256 d731023fb5c22b7f5ca597da7f90e03746af1ea0891cb36829707a659bb0b36e
SHA512 c628491281a2957f5d0dc14e695add1c7ecfd1d82ea05335654c934746c9af9c8011b6c6f4819c467cfdd0fea1f53683015fd6e6211431be84ad522db3c06fce

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M0HR0P6\14020288-widget_css_bundle[1].css

MD5 5ec495a540668499224a6ecc03a0e90f
SHA1 56c4b560dec53b4c20b94d14579c398ed9fcdaf4
SHA256 cab30da88a231117c2a5ec535b0c4caec1c1f86a680f3077b272ea7265b33cb0
SHA512 ed6a0629dc6f947ac190ba6c83b15704bde9669b8d7c033bbcfb61b98872778d06cbcf25e1294eb73821869fbd8b8b1d22ce4a5fa8edc234cf8e49a8a700ce5a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\jquery-ui.min[1].js

MD5 e436a692a06f26c45eca6061e44095ea
SHA1 f9a30c981cb03c5bfa2ecad82bd2e450e8b9491b
SHA256 7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040
SHA512 1b09a98336cbc0c8ff0f535a457a3db3cd3902e4a724bb2e56563648ed1a36201dd84e63f45dcea80bb6edfe80a17db388379417386dec76341fb9eadbafa88c

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\jquery-2.1.1[1].js

MD5 7403060950f4a13be3b3dfde0490ee05
SHA1 8d55aabf2b76486cc311fdc553a3613cad46aa3f
SHA256 140ff438eaaede046f1ceba27579d16dc980595709391873fa9bf74d7dbe53ac
SHA512 ee8d83b5a07a12e0308ceca7f3abf84041d014d0572748ec967e64af79af6f123b6c2335cf5a68b5551cc28042b7828d010870ed54a69c80e9e843a1c4d233cf

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M0HR0P6\cb=gapi[2].js

MD5 c04a96a32e1bdaae41c01eacfb6d31fb
SHA1 85565d4044533daa3f3299a5b7f4eff50722bea0
SHA256 26dbbc454d8fe1a45505373d52d6fac8fba69396d0146ee04792a48759d2cf95
SHA512 cda140904dcf9d7c9e07978cf514f96bca438101d7b631ad1419127690bd732b8aae38a2966c27f6c423736c9e079150314bc1564a9f1542b6fbc3183193b626

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7aaa9abd485ba816e7197d89f2cf3cc2
SHA1 e4dc68ff6a188c8e607c982227409bf4987ee600
SHA256 c7e5458ee2263a19ca44916df0f0fec77369ab1abcc256cc2ddf3bee47cb9407
SHA512 609dfecf2f0655d965c2b22cfe3f66a7cb2ca0c4166b95b62133b11fe299c27dabcfaf247daf98a9d441e7477934b0fc255d2823721d154da0a63eaad2eac057

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 7c35f837cd16ef8530a698136d13ab1d
SHA1 7fc03c27c68c438674a5bb41ed48168ce670074f
SHA256 4692dc34a37203079ab2a2ec769f44c9834ea2b3635d524e0a4891cc7461df4b
SHA512 1117cfa908bb2c8a051a5acc15d9e12f08b0a9ade28939933c764570cc11f303b57d3acd5277a50e5906340ba9f332aa337bb188c1f36daf8da2b3a3100e6fab

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a8e2c5456239416035fdbde10053599b
SHA1 eee3eeb9e3162e91889b9168177a4ccf91cd039a
SHA256 65c15ecfadb42482f0a5d1af4c46c180de038fa086484d38944ae54dd77409e3
SHA512 56e58d111ad27226862c52606627b1fd97885f2d57e2e06b5837d1f69666c373843ee3f792286be0f99b20aa68959404b0cfb6b17f33e4205dd5d4a3ea6dc91f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d89dd034f44f12dca53af7360c940a01
SHA1 dca770b2f154344ff7e5ddc4148e497908f44e77
SHA256 7a1adce44182cd050971f9f1582d1fe2c704f82a51d99746fa914936364edcf5
SHA512 36fc1506fac4dbd39b4930bb70d4b0f1b136f7d1fbd95845af74b94ff3a22f46aaba852cd40a8d6c5fa12b090f7e404878346ef64bec9c06f8336dbf3932e141

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0934964b6f34744f9d249bf680799d92
SHA1 47d495f06629c39df270f90eb89d70bc36a7ed1c
SHA256 feaca613d4c499fecaec06a36bccd771bd9ceeadfeed3a63f518789ce5c08695
SHA512 da9d5720b21c95c9a028ed6a77ce6be500e6bad9c30cacb68049a8b2a031190754d6a18211e99bed40a93f6d5f3a78a7fca435b7d7b81040af64e69428c12b83

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1734bcd8df0de0499e6fd1c45589a7be
SHA1 dbc72fd302bd1e584efc528fe1fbb9274dc04d25
SHA256 ebd1e730c16c5f5d87afb40887ce746619bf21a4cd9f68c31fb7a1617ced93bc
SHA512 6fcf57c143c14f893dcc53cf297efc2d3631ccab74a481dd9c3d7af3ad93f495c344925f13917e15cc43eae960f143de0264ea307058b5e9c6ca554052924b1c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f519b7aacfc7531431acf4098166121e
SHA1 b68857dc7e2d104659270fdb6120811106ad1de9
SHA256 cb5178aacd2f91ab51d6627bbbbd4b918a73167c4b105b4d59b20d8f856f07fb
SHA512 b70f4a9e63fb54066957cf6c57e19410d0e647a028c5b14cf9cd23ffb1b7b82c87f16271a3306c4772eb0fae0a1c2c930a9cd840f1ff5b3cc9739145aaf4113d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5675dc3c2359e915950f378b0c2adb58
SHA1 061021b761f36b7c8178094778404052ee9152a1
SHA256 b3e656adfdc570d5fe9cd9bf1be4e854425632bc90364bb56d35a7b1f417817d
SHA512 81f51e1315077e7c63748d258cb5148c03a086e3cb948df10cbaa94a7607e9b98c6ede04ea8a7414e152ff661a4c667becbdf3200b54f53b750563c4c2f53494

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bdf516f25fe81e5749a1ef9640c40bcf
SHA1 e483cbfd2890cd9389f8c198cc6b60746d8e7772
SHA256 052b4e295e5c51ea189bbcb66635f48476f5c9d79cc25065cb0eb9a612e211da
SHA512 6e0b31233be582e3924b50f4b1f40b6f099d5dd57e1407a0488c2d504066843322152b30e2493d0ce5774a1d09970222b4f252c52891fbdfe7fc0ad6742c1667

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 659923478b692aefb0514ce635bba8bc
SHA1 57dd63e0eae05bd46680885b397ff310b496edfb
SHA256 2097750f160cc362c7814c44d44ee80214da7f378887657583c3d9797e0da0c2
SHA512 aeefea3fe135b0382c61719c7a8f8818dd7b0d121fb4c8ccfa8d87bd9d9b5f5602bbb2af4505935912f698c134fe6a450bc1c2b988d6fd1920d598a056aed1bb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 17d884cc757bec788bd805246349d49d
SHA1 f915b89578a99f0252d21178dc92b0bd197624bf
SHA256 6506c1657692c894e9f6bba64f7ce3afb2d1d04f7ee4c6a4b7b0cc86ead7b439
SHA512 33a2d1b3d31855fc7367971ed3fcdfa8fbeb2104ee4a078014c1643b86d5ef31ed8f06c755ba4bda4f1f7fe59825e47f2df221df987c4bd060831ffd57813c72

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 59edece53c7e56aeb7fe2007d3f9c576
SHA1 f97e05b72a468b630a5d4256c70a52b2d3464c66
SHA256 3524875d07af62c08afc3bd6390b7779c7b7f34b1fcdbbae620a0208ae60a378
SHA512 bed133b7fa711dab73d93f08ab30050bbf95eb5dcde9530336c887f75ee792558064bb79fb411cca872756e033d886713d6bfce3074e092bd4da8afaa8dd840a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9b364312a359f88b5d848a899e137098
SHA1 7a27cd134d04ba1abed7db9cf2aeb9c5d0059b81
SHA256 636a74095fc7927ebb866d6962d38eae01e4a8998c9ed01e403f20ffc86d840c
SHA512 401fa8226d3072766b8a7245c0ceea16cf08a92cf283b5616d5f1bcae53d8ca7237e62716a6143295cbcf456a161546fe71873930c6271bd1e87d2c14b1af4e2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6aa76757147df5c1fac14198eb31df88
SHA1 f83a6aeae7f25689d8e7731ec05b0551f76d20d4
SHA256 db362b38031e305ce0297b2163e0e3bd2e31a20a29c9683146e963ffd6f3ec18
SHA512 b16a184bc9a895b1e98dfd8d77617929af423e0da02324db9dcf0d8eb9bf2b621e607b5035d4ccdf0c80fc5a9b36f5c1c86ae7a082e2b845776818b7f8e55061

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8A9A2DI\followers[1].htm

MD5 c80b51361303e8788367abbea7b24f33
SHA1 6e0e9b9283885d38dd76e27f182ac731a35456f4
SHA256 17469079c73464054402c0b03f7861f0eff5b2515fc4169b7c61a62ba9fb5410
SHA512 aa0f39eed1ca0efea0257be22876f83d7269bf9b56c2d8ae5a977dd844782fb3442f15fda73898ec2926337bf52d76bcdaebd92411da8fb8651f57d1cbdce319

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M0HR0P6\navbar[1].htm

MD5 afad3ca625a6f1e0abe2b58cb7eca654
SHA1 34dda70e9b6dfd241927b0d98882b6615fdf9875
SHA256 5e17f044142314c52a280e031f7bd9391bc1828e3d1aa08759db6274bf3ca678
SHA512 a91ad737a2aef1e67c280564572b3af22552651edca87635b1a2f661aae04ac2595edf7e4a53f5473e35fd83f68e62e8062c5ac2e09012769912e33f9ca97348

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M0HR0P6\followers[1].htm

MD5 d53d7683e97da8305e62a703b0274db5
SHA1 5e492a19b8e266acd57f0ee02420ba065db193ec
SHA256 71e4637e4b559bb8dae280e6738a2da2664912a0ebde4b417f60ed9b78f5fd6a
SHA512 fe41499c2abcbbe881cdd49e97a8c8c79ff44721512200c238ee72eca65e263f75ed07c29bfede864be2601e3df12e9062638627fd0ea9137c9553e142e2d724

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Idool[1].jpg

MD5 e57924d189e7747924e2ececadf5d91f
SHA1 9304d20b2381bfaf974b1712a58aa03ee76b4816
SHA256 ff99bb4813e541fa6b09c95e1a99ef8da29ae4fb16b0eec50299f53455026063
SHA512 84a8fee1de19cbf36895a4b55b7c4e56a655be4f42bb276135316c49af30f363dedbefdfa50a3e2f3ede1899e1c4aa9049b7da3b84046b222b9246cba80ebcdb

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\New-Bridal-Wear-Anarkali-Frocks-From-Summer-2014-By-Zara-Ahmad-1[1][1].jpg

MD5 d49913048b3fe66cc8ba8d4eb296e39f
SHA1 d9844db6f3280b0104d8b4640c63459025064e95
SHA256 1f5972b3557bc6f7ed86698b086aebec11bbf84913c707c10abc18d7d48f65c3
SHA512 9e4db2d4331ddc6cd07ca7007346b987e5bd2c23a5800db4768cea1e23f6a01370edc83002cf598ea8713de7bc14a2a8864d72a7f0a200ee4a257a4acc1e87d0

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Latest-And-Stylish-Churidar-Suits-With-Amisha-Patel-From-Summer-2014-By-Natasha-Couture-9[1][1].jpg

MD5 fe5ed6cc504a69f41405323b23635235
SHA1 f08a58411a0ce8932991446b5e48984c959e80dd
SHA256 575919e608530baadd1e425fae96d85a68d1691b1fda69d29030141918d0cb92
SHA512 0150f85993bd02760aa935bc01b416f8b5d8ceb58947e963ac5de5a26d139870ec67875a74c370c84949d09ff12c6c5e950a864822d00de0a8869ef4b7f9c789

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Stylish-Collection-Of-Flat-Sandals-For-Girls-From-Summer-Season-2014-6[1][1].jpg

MD5 0f71c7723316fc2813cd081e10ddd4c9
SHA1 feb46c0c137ebf84fca4a0a295dac0fd848a3711
SHA256 2168de6f16dc8101c67ed7f6e3a53e874cfec5efcc45d21bdf92e617551b8461
SHA512 78032303c1b493d844ff04717f6d133a6390501024c05e27b4c1c6c3d80eba139caacdd9768d37a283e0ed2b78164d72b499e77b2f6a964d88e0bff9e022832e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Decor-Your-Nails-With-Latest-Nails-Designs-For-Girls-From-2014-1[1].jpg

MD5 79d6c52a55d4834349d8ec7001c5dfe7
SHA1 ce5d4f07f30a9f3ee413e18df923d017bdff1c2c
SHA256 7752947e9203a8f705bf491e5e11581fe8f5733679351d80da5a8967b1da4aac
SHA512 3a5ab9e1f0c1f2cc8f0439b366812583951fd179bafb136f60885a73b59b353cb344dd899bc79ef41efa1dcbf86005909a67d9c175de7656a48dd70a01a5a96e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\Summer-Wear-Shalwar-Kameez-Collection-For-Girls-Vol-2-By-Shirin-Hassan-2014-1[1][1].jpg

MD5 66a678c944cbeebb6441450c347618f1
SHA1 2301420e85d1a76ff6e788e9e28e20ccffa1f2c8
SHA256 0c22470305e2565b484ee60727811ee4ab98c047aeed9b87602b395018ded067
SHA512 4e1e7544493a177b279a8a410598a1a33854c7a5a449d92c336efa42830f41fe81d6bc7fc2937d47b9da372029927cc8e9f311480355bbdcc81c1048c50106e8

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Colorful-Printed-Summer-Wear-Lawn-Collection-For-Girls-By-Nishat-Linen-From-2014-3[1][1].jpg

MD5 e34a94f7ef3ec6efee2c7667bc06b6d7
SHA1 b463c856b8c0d74260da44225c92c9b1db4f58a4
SHA256 c9d06fd4291728301f52228f577812d74597481deb0aad645d7125bbfaf8bd13
SHA512 e64827052f31d976ad46824cadf2f56217e6a72a491cd84efa2f5a927dc57d800e82fed8bba326f1d26e2e9d8f3201fa7e3c6a84556d75474f447cab63e80a2f

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Latest-Collection-Of-Sun-Glasses-For-Girls-From-Spring-2014-1[1][1].jpg

MD5 7cea28636c170c74fd5bf5037f09b4d4
SHA1 87fc0525fa555330a88a3bef3a49317facff6522
SHA256 47b35e95c7a125680f2ca050ee71c6b6da0aa9808818c4bb19a93d9463019ea4
SHA512 c56e9a39b85291b5490ac5571c74beb58e98c564caa370a4f6d0ff2fea65b5688c3eac2466df3c35a01de12c21ab686c4266cf295ae19010c6d81363f8bd83b5

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Exclusive-Summer-Party-Wear-Shalwar-Kameez-Collection-For-Young-Girls-By-Armenna-Khan-From-2014-14[1][1].jpg

MD5 b4572c90928f0291c7efd0d6f9a0e030
SHA1 59ed6007c84ccb10b2e4c4ac85ca4f0c60e176fa
SHA256 2d3e18f4ed8443dc461cb2982e387c0fb93e59b968203d031102c6a38a5da5cc
SHA512 db06331a12c924df6c88544cdf90dc6130b55f4741c6095e72366cd1a9740b29b12095324367953e23d8bbeefd05c427be2bcf9b6e924ff716902baa39fb2fe3

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Latest-Long-Layerd-Hair-Style-For-Asian-Girls-2014-1[1][1].jpg

MD5 f3193eb80311116f575de1e1fd552fc5
SHA1 d97432d1734b7066c5e74b09056f3a5f50d39d68
SHA256 02ef6788b3faae8c1e424a8cf8675fd02ae6e5495b236472794a88930a30cfe2
SHA512 5c8b678d20a557cb6522c35b72be4984ef00bd39b46adda4a3f4aaeec11ca84b38c8c10885085918cc42f32ab7580c58770e9c18568b17fbe9758c348a7cfcd7

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\gf[1][1].jpg

MD5 5443948736a40f2b9ff812aa65353a6f
SHA1 443c6c5ba6db3cf24f711e8f21828835ee3438ab
SHA256 8bb286204aa2bc1d36d84aa0c7910f504a628d60a6d19595b2abbe3a1dfb98f6
SHA512 6df514b376e6e1bd3a0954399d5442588f8c01a132a6a6ff3be403274c2a5b90f4e1e8c601742ab7e01e4257bf8e30ee50dafeb8efc5c31aca1fdb44d475ec57

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8A9A2DI\icon18_wrench_allbkg[1].png

MD5 f617effe6d96c15acfea8b2e8aae551f
SHA1 6d676af11ad2e84b620cce4d5992b657cb2d8ab6
SHA256 d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
SHA512 3189a6281ad065848afc700a47bea885cd3905dae11ccb28b88c81d3b28f73f4dfa2d5d1883bb9325dc7729a32aa29b7d1181ae5752df00f6931624b50571986

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Latest-Bridal-Choli-Lehengas-By-Zarilane-From-The-Collection-Of-2014-1[1][1].jpg

MD5 2ce73905ee3dc2f04f75d375603609c5
SHA1 775dad6e193f6af9972b261c31faab265ee1d03a
SHA256 840a264bf2525c2f49170a52838c7aece88c7903bc0981798aa6a10e680be6aa
SHA512 c35428b80a98bb863481846d66a3c546f3628dcbb3e4c6f371da3d95a3aea3c4baeb687673aa08efde908b50e5c0ce60a08ca5e3ac58d02500200f133452e592

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\2134135749[1][1].jpg

MD5 c846d1e8a9fb5738a5bc23ea9fc660ee
SHA1 4728dddc31ffa0ca627a09a9b0f4184fb1ec5b19
SHA256 59b3bc7699156dc06a1b0acf06b402a3706168bac6fea06f38ef766c46b80eeb
SHA512 78ff08ca7c8aee0696d582893a2d20a35f825d50d704f71b730fe961f4f85eabc9382fa7d48ba49fabfda6f165f3e2dcb6b5d83491e66af93186cf18c75f73a4

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Ready-Made-Frocks-Collection-For-Girls-By-Pehchan-2014-9[1][1].jpg

MD5 f3b101cce9610491ff24cf5c98aae8e6
SHA1 4c2d382bbeb02e9baf41166d515eb1789138caeb
SHA256 71f5c8f37329af611a7ce7279acc7f12db3fd6e3146aab9e4b9904304a19c0a6
SHA512 90fcb2be218f98075ac3067a7726afce249eb56319e98ccb41d4c01bebcb76d351ba03e4b2104efa465770fc3912190d7527dd9eea3c687e97d2834ab9c4b4c9

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Latest-Mehndi-Designs-For-New-Year-2014-1[1][1].jpg

MD5 50c0f09e48bd2bd28f2d0fb7e12ac8a3
SHA1 23b4f03b0a47b8021553cff8d1fa7777d1038a46
SHA256 3bcb4ca0a87b177d91edbfae82fd30d762996daaa2ceef7471fa79502a1bd5b9
SHA512 b47dd514835c5e5cfe54e87ab53ff21451b779c2d2fd594ceb835b91ec44c29ee2d7dfd364ffd94d28b6f0b7b4c37b33a623e437f77b1372f840f87153b6387a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Latest-Bun-And-Messy-Bun-Hair-Styles-For-Young-Brides-From-2014-1[1][1].jpg

MD5 97aa52c01e7496db260996ac80fa594f
SHA1 eb2c2bfedeaca8b664e4d69c15b6d996aa64bd4a
SHA256 99f2e42f064de8e4fd9d592093832889809653ccdbb34299595710f977c4bfa6
SHA512 60e5fe9cd9638f5fd66aa7b77822096151dcf0a003c8f910ffc9722d9d232712b4ccab339699c7f04a987534db2ee1842f6f1cfa8b8a3a52a2c0653968634059

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Latest-Summer-High-Heels-Collection-For-Girls-By-Unze-From-2014-1[1][1].jpg

MD5 e3a179b36b0ae5111d24accf1cb7e9e5
SHA1 a3494168b20ea3ce856994e9a33892a5ce3caf85
SHA256 17373a0f1003896b5f10ee4bad8feacd15dde8e22e9737affbe97bad153e87b7
SHA512 527990672a0b76f92e291a49da3bfcd9c73e4a14eeee81187e5315f3c18eb61ee61d4b99b2d17865d7b971c0b579fa04d149126d264f0c5ca8786ceb933b0c6f

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\Long-Hair-Styles-For-Women-At-New-Year-2014-1[1][1].jpg

MD5 1229992b00f19b19199436f2a14c61e0
SHA1 3486ff9bb6e5d21112d43dfdb148354bb0cc5c31
SHA256 42fd2cf6d782ef4451297f2a1c6090ea4daf68605f8ee272ad344b8ace4ab1ca
SHA512 4d2dc682bb8b46da36e8411bb33771541296f4e092b29ae0572052a7ddaf4b803b7a18c73253cc90fde88586804958681f65a3569ae573f662d027c4c6577a8a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\arrow_right[1].gif

MD5 4f97031eaa2c107d45635065b8105dbb
SHA1 42bda037423c40045f7852bdace0e657dd94ecbf
SHA256 fb57165d255438328c270b4fd85a6873c65f61a6ba64eedcd2dbade61386edf4
SHA512 cee33327bc5f5f34aa392ab2ba3df755348f1279ec10cf18da4119f3a5884b5a4304228b8c0fa2d35b81ed166874efebaba1503d5685cd089ba5a4e86898b99d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\arrow_down[1].gif

MD5 3b2441ef107848e00feb754f18dfe880
SHA1 8098172ecdec9b8554172f028e91c7a30352bfde
SHA256 ebe34389aa08d8f4494fc8c0c7e8a90029e7092d9b857ca635fa493999716675
SHA512 6bd089121f9d60150ce194805e48ddca7e05337eda40413f0f7a9a4a7eb51ffb69ad04d1045b3a8bf9704c7e7bf6606703f1ccc431ad2f734fa4b3eff0072e54

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\batas[1].gif

MD5 5b5bc61d7b5c90d91dd6a9e681481e2f
SHA1 773779311ddb80233f5700f60e4b675f96c9c0f3
SHA256 dbe40fa96687ac16e7d79ce7d0cada9b5fbda6a3021a79c0681e8396211c04a0
SHA512 e3d8144000a16673bd6f2a7bf9c2385047aae4f1aecaeacb32a505c6964a701b7dacfeb91f5e446f2630e2e670b66eaff98fa7de53132f6156487f640b8e896b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\mas-icons[1].png

MD5 7254aebcb28e58b107e3061e58e3d566
SHA1 f0caf3ac71e6befcc4f71a0a2b9d3a17337639c2
SHA256 e790c0b9d9e105156cd6b11826164561836a5687632c6d2eeb5ced4cfa883fb4
SHA512 64edae8c9d4f757b4bd8414032168dc510034267b08c22b76f6896d6ae91abf88329481c0f1f0aff862a30ce2ba9ca4d00be253b02dc34b3faa10ecc5cc1e737

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\dnserrordiagoff[1]

MD5 47f581b112d58eda23ea8b2e08cf0ff0
SHA1 6ec1df5eaec1439573aef0fb96dabfc953305e5b
SHA256 b1c947d00db5fce43314c56c663dbeae0ffa13407c9c16225c17ccefc3afa928
SHA512 187383eef3d646091e9f68eff680a11c7947b3d9b54a78cc6de4a04629d7037e9c97673ac054a6f1cf591235c110ca181a6b69ecba0e5032168f56f4486fff92

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8A9A2DI\NewErrorPageTemplate[1]

MD5 cdf81e591d9cbfb47a7f97a2bcdb70b9
SHA1 8f12010dfaacdecad77b70a3e781c707cf328496
SHA256 204d95c6fb161368c795bb63e538fe0b11f9e406494bb5758b3b0d60c5f651bd
SHA512 977dcc2c6488acaf0e5970cef1a7a72c9f9dc6bb82da54f057e0853c8e939e4ab01b163eb7a5058e093a8bc44ecad9d06880fdc883e67e28ac67fee4d070a4cc

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M0HR0P6\errorPageStrings[2]

MD5 e3e4a98353f119b80b323302f26b78fa
SHA1 20ee35a370cdd3a8a7d04b506410300fd0a6a864
SHA256 9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66
SHA512 d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M0HR0P6\httpErrorPagesScripts[1]

MD5 3f57b781cb3ef114dd0b665151571b7b
SHA1 ce6a63f996df3a1cccb81720e21204b825e0238c
SHA256 46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad
SHA512 8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-02 06:46

Reported

2024-06-02 06:48

Platform

win10v2004-20240226-en

Max time kernel

140s

Max time network

153s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8d33e768814272b65e47b5d3c6176276_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\8d33e768814272b65e47b5d3c6176276_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3940 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4124 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4800 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5432 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5516 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=5900 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5060 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
GB 172.165.69.228:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 code.jquery.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 151.101.194.137:80 code.jquery.com tcp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
GB 142.250.178.9:443 www.blogger.com tcp
US 8.8.8.8:53 www.microsoft.com udp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
GB 172.217.16.234:80 ajax.googleapis.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
BE 23.55.97.181:443 www.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
GB 104.91.71.133:443 bzib.nelreports.net tcp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 228.69.165.172.in-addr.arpa udp
US 8.8.8.8:53 9.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 137.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 133.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 181.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 8.8.8.8:53 www.microsoft.com udp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 91.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 216.58.204.66:445 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.200.14:443 apis.google.com udp
GB 216.58.204.66:139 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.189.173.22:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 22.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
NL 23.62.61.171:443 www.bing.com tcp
US 8.8.8.8:53 171.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 216.58.204.66:445 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com udp
GB 216.58.204.66:139 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.blogger.com udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 170.117.168.52.in-addr.arpa udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
GB 216.58.204.66:445 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 www.cebr.info udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 216.58.204.66:139 pagead2.googlesyndication.com tcp

Files

N/A