Analysis Overview
SHA256
28b57b236001cce636c9cdd949967052b5702ef10a52eb27842605fabb0e64ad
Threat Level: No (potentially) malicious behavior was detected
The file 913054e9a69aa5ff7a0e75a19150c9ed_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 08:52
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 08:52
Reported
2024-06-03 08:55
Platform
win7-20231129-en
Max time kernel
132s
Max time network
139s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "29866" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "31651" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "32142" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AEBED921-2186-11EF-910D-CE7E212FECBD} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "19644" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "21926" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "20141" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9824" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "19562" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9736" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "21920" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "21838" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "31645" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "41469" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "32142" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 808e328a93b5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "31651" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "20141" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "41469" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9736" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423566648" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19562" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "21920" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "31563" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "21926" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10315" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9736" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "21926" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a044a562330f6446b06cb573766e5c7300000000020000000000106600000001000020000000e291fd95205646bb0a41fd73dc6a0b2017594527f1198edb1d2a8342b2df458d000000000e8000000002000020000000795b9d3aede5b332ad5343ddacee87d1f5e00a5eccb6e434dce50d2f6a013f0090000000961ec10bd886b392b8c15bf17624a2752c6c73103fccb1a9fadbd9fada70debfe0ce057b77c2c6f862a05c640d7ba520b5e341f7d1dfc140e702d4c689025f3c4c93261c0ee7c5b786270884c78d8fcbcdd563a8084e0d66085cc74131425a7d954a0d2fef88d248bfcf859590128bae8640dda7d745fa02b071ba065ae057c8e0ed47148e51b3c12d5fafe13c57881d40000000f0cedb16fd15525db3201e24eae09e2ef91a50de72509ade706fad66ff0dd8e368e8cf04f0300aa42372679f72c9124bf5992ca8117669e6eb4785a0a2aced3d | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "21838" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2232 wrote to memory of 2376 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2232 wrote to memory of 2376 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2232 wrote to memory of 2376 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2232 wrote to memory of 2376 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\913054e9a69aa5ff7a0e75a19150c9ed_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.147.35:80 | www.facebook.com | tcp |
| GB | 163.70.147.35:80 | www.facebook.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| NL | 23.62.61.89:80 | www.bing.com | tcp |
| NL | 23.62.61.89:80 | www.bing.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar1DE2.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 3e455215095192e1b75d379fb187298a |
| SHA1 | b1bc968bd4f49d622aa89a81f2150152a41d829c |
| SHA256 | ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99 |
| SHA512 | 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 7a420d561dde5dcf926738a7468926e8 |
| SHA1 | 75598e2144bd981ac946977bf574caf9888dccda |
| SHA256 | 66f65d1c459bc33ae62f9f255a0bac79756563ae8d9e05c0596c125d61c5a80b |
| SHA512 | f5b684a9db3311227aef5818343c4c8eda18b061107b24d67122fbc8b56d9132db5621d1b7c8192ccccc0d8b99db63ae44274ace69058526094c9016e81f9960 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 14a091df5d7ad4ed50834359cc5b3d38 |
| SHA1 | 1b8c9a4e2504a79e5810bb08b84a1ca77f06d323 |
| SHA256 | aebef2e68c9d1377ad4f4d5a14b88807c1f9b346ff0ff220dd606efa10c418c3 |
| SHA512 | b08051f3816110991ab8bb384b5d60ca1552347b14e7185364db3745c5ec039591601cf99c6f730746d257706897f9dd1d4a8d0a9e1782eb44881ed4c1161bed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 8d7cf7ba3f3b4e475b7b7af502b6b964 |
| SHA1 | 2f4943f314071d6f46fc30f152515c504c3a3c79 |
| SHA256 | ddcdb23a6d7961b32b9af02c8db265933bad89e09131727321f7e7f890e198b8 |
| SHA512 | 358a4e6296c21b2c177c63ae9d2659fab316977d3b31999c1370073e292b0aba722dfc10d7d8b49ab051c2f1ef4b67794aec7de669bb9e5e9e077a35f35c09d5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d8b497afee32d8c2c0c4de9631566e24 |
| SHA1 | 1d95a9d6f5713df306869005ee8de817cc74f0d9 |
| SHA256 | a1c5d85291dd490bbd01e3c1ad8cc991f787aae58d21e2b24fc304220b46b0fd |
| SHA512 | 48a292a0dd4faebfa3c5cab70a2d23dd00762e740964dba9df571c647649f49c84cd995b0a804ca71f6c5de482c15f47c2ecaaa7cc6289b79c68b0ae7e8a5962 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 76577bfc24396d93b6fde8ab94918ab5 |
| SHA1 | 99bd44abc875cf1baafaedfc890463281836e9ef |
| SHA256 | 1dee5c9c1377550c6ffd353209a102ae4a78be436f98b09d4510813ad608b2a3 |
| SHA512 | c4fc508429b90d02af3603cdf40658876a5d85b6c5276c0d2e5215d023230e5970e3d55042b1641a4262e658353734b6dbb4b62e2df95099ff421bf9053fcbaa |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYASLIJN\www-embed-player[1].js
| MD5 | d2056f8d081fbfffcab81d61ea45b151 |
| SHA1 | 710243082f40626f64943ad3b656400f444d7130 |
| SHA256 | 49fa9b168cc8bbc037cf4498e31c355509e9b438b0d19fcf750b1c5fbd1efcaa |
| SHA512 | 530ca2c291c44d3d2b5869b0ae661ac047748a5cab50de280a2c8dbd26b52cdd71a906b3730e8a849debece542eb919462a8407ef2410acf28c57d2b6068cc14 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYASLIJN\www-player[1].css
| MD5 | 6e076abc1095221e4e3e21dbd9d1db4f |
| SHA1 | e908cc0f7829aea16b42d8fec6aad567c41f587d |
| SHA256 | c7e69ec7e436426c5edb45bb5fdd943623f987ecfdb86413528b596e5b0888e9 |
| SHA512 | 3ceb46ea8e5d5abca4a1a053f20b38ac6d6c9ee60594da54122f4ff09422495261dc9356d0ed0c240ba44324c37bde120a90655b2ea40556280df674ab44fe2a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYASLIJN\base[1].js
| MD5 | 9178a954abcce420219864651c7787b2 |
| SHA1 | f874d3e998441ba6439cfd7e89514facde08cff4 |
| SHA256 | 40cc1692dd4d8e1c8ed29593ee222240494b872b734c0e31da4628014da7346d |
| SHA512 | 927bf88499cdd64ce32f3780a0cfa88b14fdfbeac6a237454dcc43ee5d56b04754a40dbcba402519637ba1a3b0f948a597260a74ddb0b316698a41559d8e1cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYASLIJN\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYASLIJN\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 65ef7d86246b27cb79a465938b53986f |
| SHA1 | 46aa00c097937faf9f3c85eb15d66eaa05ae6014 |
| SHA256 | 8e091e6ce0db4a6de51030638963de7b8d9c686f9c94df0c59fd00f8a03adfe7 |
| SHA512 | 26b22e5f6bd02f824e92bb05d20086cfa34d593dfe020b409e5af036945fcfad207943de1e7d2f58f07f782252d817b414a21e281f344961f9b8b25a6c4bdb4d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YU4FOQND\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | df2980765acbd53463c6f06dc134f618 |
| SHA1 | 43b5d1ae97e7cd7cc6b13296fdde39f2fd64e46d |
| SHA256 | 00dd7097abcab18a01c66d265adac2194b4bf822f44ee0644c20f5755dca04b4 |
| SHA512 | f95cf47db7d4e90fd0dcbed23ce18576afe2388133185ee320d2c901a30de8df3fe0edcc3140194c85dab8888b6ef700dbded93a69ffc6492178c1ba75f47810 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9I620M9P\embed[2].js
| MD5 | 322e970509e24ab233b6c326a9339623 |
| SHA1 | 10e2ea809ae638d5f32385d05c569922ab19bc17 |
| SHA256 | 99cbd012a57f19a3fc1b412866ba13d6b9de2a5bb22449dcbf14ec0a88937000 |
| SHA512 | 8f8bdc9418feed04e6fc7415e9e57f0934a6b136b1a763e0e39f67efa47e004a8c3385105a1c1dd9fa48ada83ac5a2a93940f20a99d6d16722ae903c93d9817c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | beaecd3c6af2d482c55f28bb4b094e01 |
| SHA1 | a2783c58bf95e00b794fde4ea5cba8546572dbbb |
| SHA256 | cd4fa25fcec0457a9b63572b144c1c793dfe99a521c96ef591f5a430303832e2 |
| SHA512 | a6de6f89921c969dcc29fda9fdfbb1958ede02bc9695ed634caa38cf2434f26b33c2d2d13223e5fbb8c2086eec92704cd93b497171e6297b9b56f30fa4382ee0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 28a4fcdc4ebc9d1035de241cc320f4eb |
| SHA1 | f2def054c004a8a0740b57e43886fa82b4ea466f |
| SHA256 | 637feee2eb11aea7aa4d59c4791f08853b15a6a81e35a3756c28fbc4a1d35e84 |
| SHA512 | d7193cadaf2d94bfb227591b64addfa757e237fda320a0a698117edc7df997037a421a5a267f704600446264653fc1769fc2bfb074f41cdd80d5c440667c35b5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 50548aa63882a3d407d83be796b8ef29 |
| SHA1 | 88b15bc149ee0b90718d78fec095d9af5942f476 |
| SHA256 | 7a3450e15b6511cc2b4e5891c5d14ac218dd8d9ea34b8fa207706ec509024e4d |
| SHA512 | 44b18cb89f0e0c4ba1d1b3c72659e97c476c37f7b19c3888b9892c78e032b06e406ac6cc2b8decc12cce7547289d293bd315835487c13759466d20f726fd77c6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | eb41611fe1a6291f6f62d5515f0de90b |
| SHA1 | 69232091c169d8f6d01f0892681d98890371e8bc |
| SHA256 | 4a118bd8dbe9420d8ca9a4e9035f0a63e191e0edce32f1d2ee92b4796439237a |
| SHA512 | 9e24679856ece6fad048e016553c6e0531ece6339b1cb9fd206eca5d1c6a01372a3f44842dfda3308f52ba756c53ea180bcc562b5979f39a0699deb08808d5fa |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | e8835f493216830f6fd595dfbef906c4 |
| SHA1 | 736098d459c9f90d8eead492b9b5acbb5b8735db |
| SHA256 | accc70dc0fb78ff0f561165bcd5c2fd8ade1fd9eddece4099fcf60b4c54107d0 |
| SHA512 | 14b4f7ecfb6f68e863dac575e2ef7212a6dc96ffc2024952e5c6784b6fdade235f5b0ba9bb0922a499e81d3ac8527229f1f47ebd0638d48d02953abe6cdc191c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 58c55cb8e0bb7e954956646265993d75 |
| SHA1 | 8e18ee5a83cc67dc3eb120dfb875fb168911fb19 |
| SHA256 | 01d9ad0c55db04eb26b401282f8bd0eddef1b2ce841d1aa18ffa669405316759 |
| SHA512 | 3136503d1ec5bb9f76236597087da38f026ed9f9153651c9e801eab44c408c1ed5cbf984604a6f829db0dd50819394d98354e775a02bb283696ef5e74ab42050 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 9ec4e64e696169244a6950b673a200ee |
| SHA1 | 25f49114b48ece9ee0bd8d642209eeb953525ca5 |
| SHA256 | 4c2c2b8e913f773ceaec673bd23175e2d1fb1f9ef4e74072d31125c142dd667c |
| SHA512 | c3ee1b2165dd5f0f12560914443d5bddb98b42d3b4af7d0442a1adb61fd6319e0ca7873b74f40be75aaff7526ba22addbd01a6090e752197641d6ce2e1d54a5a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 597298fcbcdece383085ed172b5c3d38 |
| SHA1 | 92e351abb51ea80f8f4cc3a08efdeaf2f1aac68b |
| SHA256 | 71ab2938c8b180e2c211b70392dbe4143fccedf0286176490002bbe1bba44c26 |
| SHA512 | e141f6ba4b81ab771f7471592f435d0f6b31361eff860214aa6f9070730625c3cfdb7e4c31eb34c96a0e3de977af4baa975a4882f9fc3e2f8ca844e8b7eda557 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | b97aa13efc2f5737d418c53149cac80c |
| SHA1 | 9ca7597a5d18eab42da3cba76958e2176388ec97 |
| SHA256 | 26f7fa7e7c8a9332982682ba04780bc40c3309cd8b81985458399756dcdab18d |
| SHA512 | 8355e1996f3e707f66a3521d41c30c48d90c0eb9d3d35424103dfe6ea142b72219ba7424410055bcb66854c44375dd5ff12dff732d19ac8315174ab556c484fe |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | c7253a715b6172e77a4eeb82924e2262 |
| SHA1 | b2573aa115a465fb040be7b3b26cb8b696b7e977 |
| SHA256 | 5e5aa0c40c79590627965627a4e2e2b8a88308a6f14badc8ee18a0d6b80dfe0e |
| SHA512 | 869467257eb0410655c351f8290da27599aafd0f56f19d7947e30e4f3d538f8844955fc3811256a2e68064d8df3197ce559634f9d94528e60981d82491547fdf |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 62fa51f3a9212523bbf7a7d87dd6e33e |
| SHA1 | bc0bfc508901086497ff2189dbf3bb011a2130a9 |
| SHA256 | 9c3f9c4d75576c56a8e67d75f878e262b514120f3f160be40dcb3899adacfa28 |
| SHA512 | dfe5cc5c260c7f3539050b883402fc25c14463b85ed0e4f2c3a5a050ed4adca8f50f2c4053a37d4e8d3e9b62f5a42febd4b49cc9ed8ca94b68d10f22275f07da |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 1fb7f15febf44cb75b7fed3b82cf00dd |
| SHA1 | cbc8e4fa107076f0e3f95d69d9f41cfe969cdc9d |
| SHA256 | e50d745ebff180dd350ec17414b086ac0807da60b4b07c858f8dcb5a112d1ce9 |
| SHA512 | 15633b269a4fe8b168ae254b30140db45faf8b14c44c698640b2b566a321132804edefe940a5ca98aba5204da91204999ab0958dade586d618acf23b8f7d28e1 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | e8386ca98cb97a8493fa12e9976bd9da |
| SHA1 | 3a86c10f60f78e0ae07bc7b7247aa18fc61a3afc |
| SHA256 | c13a5140d9f3ee828eefe8b1cc660b3b46a3e5ca47140ba17b72805cdc590665 |
| SHA512 | 0ce75b1d4346d07c6eeff991c94f29dbb208fac06fc89356522c7ec72ecb57e3d3330d488a65d95ed10297782dcb7c72d5788c213f666cb4345f0c41139c0820 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 41db7d64d125de31180740ce20ed735a |
| SHA1 | 7a2c7e2d6f3a1713f3ec2d4cb61fbc4d7b806e04 |
| SHA256 | 4446f804236ab4c52d4cd7d54928d22c72ebb79e992f764bec7c995fec67973f |
| SHA512 | cd0cab26ce33e5a37981622e750de5f94ff85faa1b0a9ff0871d202911f62d63a05fa7cea5bc9109142143cae67ccfb7c556e458ef4edcfedee29f2ab72a1317 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 16efe83ed056e6ff161bff86eda988ef |
| SHA1 | bf9183241317e2ae3fb731c5501fa4f64d9dd3cc |
| SHA256 | 1fc51a7a40ccefa20258342d05925a13d34815955413e47024ef1bafc4d33813 |
| SHA512 | 1cf03653a17710c0d9976d297da7845a88ff13840ac2a72ede20ab341b9f301300909f27b649bb41675b21edeee68545486c75930f170fe248b291d914fcb0a3 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | c55548a3cd54185673a5cf81aa16639f |
| SHA1 | 751b69899e0dcf76087d82b233df1b015eaf17d1 |
| SHA256 | 0c76d2d7fd59f6bc2d4360f2e8846a4cbf2f8438d52906e5c066bccef3e51c82 |
| SHA512 | 20c3c93bd4e352300010a2e6c2a75f9e722427c508b2533a6b406e6ef25c600321c9de0ea12e25832ab7071d28f47f82d58b73962ec361dca3c619dc8f7d42bd |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | d502c9bd3ed2a049c9ccaf5ae5c41686 |
| SHA1 | 2ae8d55d1e3035e8ce9aef563d15865edc22f829 |
| SHA256 | bc6adbd2e243c389058230e771907ed64d5d3e902a739446857b75d02cff638e |
| SHA512 | f7bf3dfcd850c9775cfde12eacba761b6c97bf1f1f10d219d7f5bc55bc8a85d278f14ad5c8e6b181868910c3d7209b7ad84021551419c803507ea4d3ef89debf |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | f2126279e967b84dae5e18ef91ddf169 |
| SHA1 | 4f806c279e152869154eb346878c12b26cc466c0 |
| SHA256 | 2ed4bce95aaddb6f1db5db936827f1a979dfda3b883e09ceee14d82aeb249a86 |
| SHA512 | be75458c5e3d6f75e67acf75dd180a57dddaeabd09b0272c361d2c29941b404be8da0b8c2d1fc6e43923864f80b2a6977f90711efa013cad82319d8cc90dc239 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | f16db58c611092d75370f138d62d3896 |
| SHA1 | 826dcbffc28891a4440091a9452e96f417565ca1 |
| SHA256 | 8e30abfc3202cbbecd49cf0d8613b2f503ac1f202eb02e5db681056a1bd0d3bb |
| SHA512 | ca0816f089ead4980e962d255c1a6ab20aba4a4cb01a91421a9cee7ab9291ec6e7596a28a1d44f9adbfa48881884afa93269544b0e992f029733319d19bb14a4 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | a0a1153c616830bc73371335590d7da0 |
| SHA1 | d99954b3d3a73571ed101bed0e921552ef8353ca |
| SHA256 | 977dd589be9de77287012a6fce49890142cbcede66bc796542fd32e62abb8558 |
| SHA512 | 6fc9cfd20ba62aac1bbca872a64a9fea7b9aeac651a339b29d7c1f42dca69b2b34e6c4fbc60f27586f6715f96f7aa5b6adc3c205073679d7ff5e96e54108232f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 95a3cf309682d97a3da0723264168acb |
| SHA1 | 58390b2f73c6da252a2f9af72b46af996fecf53e |
| SHA256 | de9fef330fa5e20b8104f6be20cc7f3caf82773360e9b896f1f9a063e5843bc7 |
| SHA512 | 42d35afac3253362273f9764e687fcca532d6cc84f3619188c94e70c161c3610294af38a08305d2275665dfebc1c96e3dc0a7fe39d6dad3200f3cf0eb7441d81 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 30473c425259d186e0461fed04099241 |
| SHA1 | 9c821e3d67f7517ebe54148ae8bc24092b5d9819 |
| SHA256 | f17e13a4d49edf1bbdcfc3e842fd68274090c49b2b28500391e54dcda5aab248 |
| SHA512 | 1e14c9131d809aba6512b0d4c04c6fe4ac0ea97165c4705dcc8edbd7678076dd27ff863c0b4e560e60c5c76715346aa975a83f6e2e7953c8909cde7ba2b1d601 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3e88951da95bf6eb00e86dc4a5853e49 |
| SHA1 | fcf9a2e8b5806a010769768ecbfcd03a3b423f6b |
| SHA256 | bc890794114bcd02bfdc5ca7aa2b81ec1fd8ea1a7e8f6e5d3be1ddad0f7ce580 |
| SHA512 | 67fb51dc105a7e2c5f2733121423d87a91919756e94d4448d48cc351363a032ecab696633b4d795dd3e452a5dea70962f28a50c9e05cf888c378b5b394879872 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b93074aec3b38364ba7b579c914f19f6 |
| SHA1 | 8a6bc5c2f7e7b28fd05ccfba415de206052b7738 |
| SHA256 | a315a94aa768b326e52a89b4180a37d9ccf44f8f75be589d649890c5a0205550 |
| SHA512 | 475111e2eb1bd1224b4b1d2eb34d72dc5c0cdb64909f55d970406aaac33e611b8cc30a1ed683731d80f9a5763ccb3358a81eb63ba754e9c28aebc31cb6c7638d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f7ba9a69c442c4b65147046225a77d2a |
| SHA1 | 4fbc76acfe19e3d81a4369e29f7d39d898e29a35 |
| SHA256 | 41012256f0b0276230711b5785a46fc73ac0856396ed6bc396a576559f38ba9b |
| SHA512 | 79fc12081a32325ddc0041f079c4164294af90ae6093b4906723387949e6d2bb05e6e9c30c0cabf1fe0fea00f5ded1e6559e2e029986ea2600ea9645a0a6abdf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ba0eab2801a4fc67c22324864e0bf0b3 |
| SHA1 | b6ebbd4588a303e55245a562c6a94c204794e6c6 |
| SHA256 | a52efcac8b4fa7b57ed856cc727141e29046accdda3f1f97392ddf603a801b55 |
| SHA512 | b5a2f5c44601a38299407a74c6ed48af5da1db4309684a0fe4456f4d21e47f426e97fc769a3df54afb23d8a4fb11b5e0063109d86636030384faa86bcc770b0f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3b2590b7a65a56dab45a50539390a959 |
| SHA1 | cabec74dd1a29d497d3acb6a004c9b867645bdcb |
| SHA256 | bd4268a08afb69bbf07dbe13aacef5d349e6a02579e4abd63a909b9c9a4bdfe3 |
| SHA512 | db4df9bdcf9b826d65202f4df9a46cb18f0cd56c98b4f5d2ae2b1be7dcaefd95b7e87cf6db4b0cf8f182f9d90fd69f14d58c8fbd0b26be510c3855f6dae4a3ae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b4d7d22a8eda8a26a4c2b9e592d58e4c |
| SHA1 | 5a752aeee50da4e2e9bddecb3290f85fdf26b69c |
| SHA256 | db8e23eb378db601d4dafeab9892dd425097c5f6734f93939783dd150dea17c4 |
| SHA512 | 0f2e9bd0c0f85822c33f253e72f352779a68cb6da1341e8ae37d187496ae97aaba56530440ea331b09395feaf171de6a4a73f80e49c7566e56a81f1e0bf035ea |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 0ad7c93e05eb1e352a7a1fa933d0d488 |
| SHA1 | 860ec60111c8d8e88dfc5d8666a6877d3d50a8b3 |
| SHA256 | e36ece199defc4f17c7df93b7ce9cf36f8bd705e0c3029163de3dbd8e949cd3e |
| SHA512 | 00acbbc307e8c98ef1915fd7ecc6696c1e692b343c45c62c1d52852ea2b33ac2c149257215f6bf8aabbe158ab16199644735ea1849928e6b3e25fa6b0eb8d3a7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f407e6b688b606a762459b03c4d8fd14 |
| SHA1 | d0d6f4929fab8693117dea70bacaac7d83ca4541 |
| SHA256 | 11baf478ac27072a31221524879b07420698e7e2aec42acb40c8779b77707ce9 |
| SHA512 | 7755200bd1963e30bdb53f404ae7a65ca771b7b72906015525c0955f7eb9a1823752c5a1a3db5ddbd4077fa4982b11353060d0c1407077de5264db44f5557a04 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0f3b95ec83af3e0d06d23eb4132887dc |
| SHA1 | 05720509adb1214221c6b66afcd92ad540148146 |
| SHA256 | 1cd3b0a719512ee6f9b7598b0fe4d519dba137c833212b3565b2846ef36e3208 |
| SHA512 | a58ba3c5fb480ed38695b6fa1d2d042bc1621e104a9eb7085ca202bda76353e8370203a0cba831a75a41c58bb44012f62918a2bd90c20463438da0179b714ca9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 789820176bc57047c76439369933d68f |
| SHA1 | bbd72512594f93db17582d4b6abfb7966090362a |
| SHA256 | 82358e36e2d020a846635eeef8c1cba944ab14356425613cd9990c10c5555335 |
| SHA512 | fb696edcc4fb05295e98ae8c04f62b6d3f6a5082648d8762418fdfc8e292ccf04fb6f3903ee7c503b81c626be9d54508e7463ab8fc54147d943082f62e4121db |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | b39e36b530c6dd6e7bd8dd755d02c059 |
| SHA1 | 123514925fe0c8218ff9d0a5650957bff085526b |
| SHA256 | 7d45236bc2dee8541717c2bd01e2875c2c396da69dc7305b9081b11e52f5f841 |
| SHA512 | 5265ab7907991e665578f294a4d0ebe17fa7a9096584758785622e771cbfb5409465a7d46db9e1133a1e9393fe9d0489c6924c938a9f5d14b620e8fb62e1fea8 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | 0a100d102cbbaf030cc84e0995868c43 |
| SHA1 | 409e5d6f79d5600d724333e03202e7f1219e3f5c |
| SHA256 | de235380aa9269b85a58346c70dd494b5ac274d44120465179897beb3259ff12 |
| SHA512 | 3101c093ef90fbb51ab49a02befd341b5b80ce58a86cabe67ee5a30c9b25d231a7927a966ee235ed7ce3630e489957f3411d2a867823624fe86f37a44bcf8527 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BKVTGO08\www.youtube[1].xml
| MD5 | a9b2c8ba712ebe9a07087cbab2735f1d |
| SHA1 | 785fd26bb6acafa384c4d319656c492f0f44434c |
| SHA256 | 7a4144e00bc305108a37037cb06b9f385f3dee78cad56c38fc04bf3494c5038a |
| SHA512 | e24efd40927c54c224f8d6732e2337f50f92c3557370a0ee03fd00921896779ce57a25b721ee75d4e4600da732706e010a36fd397000654844eac03ef17e29b8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9d5bdf8265b092526ee01ea34ddbf94b |
| SHA1 | 19dfcda908e3d562e2a2e412128d5183fbcf07fb |
| SHA256 | 5e55c2789002849dc8cdbbb505877c9e706b0349654b13830bb551e478d8b950 |
| SHA512 | 758534f85d6a7330091089cac7cd41d296a4941485e2019612df88267bbc07dcc5fd0ed69ab8cd522ea43ac0593b37937181ac77c15d970ab1c80ba59fd4c6ad |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 65c6fb573285114491853838dc412b6d |
| SHA1 | 80878c335e21c5b0082afbd5949ce281c3c42264 |
| SHA256 | bf3e12df5ecf4241fd5d59cfcea637c5c27a21ce61881dfe67a9640a0bbe83c3 |
| SHA512 | 0f55e30073d583f1f7a86fda65bd42a5cb0956fe72acce30db746f17e0614950dbfb081d27f9589fbf6e55e02d8f9958016ad74bcb3fc2fa09849cbd4284b4cf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3eef695d4a57fed69b6c4983d5c09158 |
| SHA1 | 0e8c0dc86310ceefc1ad3215deed95d9a2adae09 |
| SHA256 | 227ff4bec10993eb3d25bccaa14d3676cc0da4320f607e863399a2e71d471ba5 |
| SHA512 | 701aaa823ce57e4614af142795838876c4a386fb08b303abf82b6abe17070206a7523dfa460b37ba47f1ee3614e5ebd7d8698527183ce9b7b9af4222d43591cf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d12a321a8db5c3591fdaa8a580c14715 |
| SHA1 | 2d0ae5a0f90bba62637f089cb2451644960a5a84 |
| SHA256 | 2b8d1725266e16a0bf1bcc6dc14671442620595f1e2d965bf6a7de0e7f4dcb0a |
| SHA512 | fb31ef0b4d47362070d8ec2e50f56433293e448094339311a6f18f57ca4f3a697a1e516263b450422472b72f2f9333a916762226278b3318c8b25c5d0a51569f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9ff3cd9cb1715661cb55fb945602a4e0 |
| SHA1 | 9ba9595966e15bb0818034f87a64d87148e2046a |
| SHA256 | ef1645e29bb72208df6e62c8df70b17a8fa571a3e4149bc80f55ee02961e0024 |
| SHA512 | 2359eea44afa57cf32062145d293f0f3d15f801cb80a2ef5da1ce3c7a7fbfd16a3622c3097bf4a2c0ebdc8beb6b5e592b2e39f62d9ea999c68a92ef8be202d05 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5e2d46b201123947faccafbe9ba42a40 |
| SHA1 | 5fc06511b9a1954893521b4401be31f4d338c3db |
| SHA256 | c5346e5cb426ff654d3c9be4e38d8682bb91af8006ec96939213bd42aee2827f |
| SHA512 | afef656801345cc76d8aaa4f979b382bfdc5c7847b7c2fe47b86ce738d0ef0f8c686dac939a1b1b0fa2010956634c8612446bb45ea1ab558fd68cca26448ed53 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4abe455db24b573fbaa8704d6c713a8b |
| SHA1 | 66897fc3667da08e5697262eb5c584ea612b0d0c |
| SHA256 | b80aed957cf54acc80e04ff4b1d9f8ab850432f5ca17b5521529147f2b25b03e |
| SHA512 | 3f436c1e6ee9a157946ed0ff9324d08b60a970e6fae766ceccb4b85af63ca73f5235c7b207bacf2e51e38f4579e8c73656a5d4d6b310eb0fa54ad6529baf1a87 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7b494107c4e96014856e9a2606f5e700 |
| SHA1 | 6be03d87e470fd4c2559568812b401715bd073d4 |
| SHA256 | f3760b173430768a38912bd29d16ddb648675327c801a4d976f6117bfd3b997a |
| SHA512 | 0c0a4a4603860968965cd917a63ecac1b9099573966b94d444ed669b0213b2db460dd8c16541931e4485a830edd038972137d975b2bc268b3ef190465c218784 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 481da1e091c57f99b13f212e8134e7dc |
| SHA1 | f598a044af8b617cacd1d4959472646788903af9 |
| SHA256 | 8c32c816d469dd9c6b1058c35248bf0123bd7539731b7f255067ec4333a8b3ec |
| SHA512 | 64e2ca433795e939fee7bd55427b7ce0d6b139f2741f66213f941989bf528f57da96ad4c80b33f2005f0acd23590f606fba5eadd05dde08050ae11e40245aae5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f403ba2fe28b90811da92e870f05288c |
| SHA1 | 36fe68e77cba0b86d7260404730f8674d243817e |
| SHA256 | eea49a341612b2ad70be7dc5f12dd930459517c81937e957dd2e54b6badd6b09 |
| SHA512 | 9aee08c4723e5ae56b5ec92ef38ae970a263f57053ccd59fedc3f5d8d70adb2040a5f6d2bdf31c6bd5b130d69b291674ff093158d6d9b30f79e0b23501187eda |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 08:52
Reported
2024-06-03 08:55
Platform
win10v2004-20240508-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\913054e9a69aa5ff7a0e75a19150c9ed_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdc65f46f8,0x7ffdc65f4708,0x7ffdc65f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2052 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2728 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,5358273559759896506,16948398723394362108,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| GB | 216.58.212.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 246.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.251.17.2.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 12.173.189.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4158365912175436289496136e7912c2 |
| SHA1 | 813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59 |
| SHA256 | 354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1 |
| SHA512 | 74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b |
\??\pipe\LOCAL\crashpad_4600_IKWJLVAZRMFNHIIU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ce4c898f8fc7601e2fbc252fdadb5115 |
| SHA1 | 01bf06badc5da353e539c7c07527d30dccc55a91 |
| SHA256 | bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa |
| SHA512 | 80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6cdb63cefd30b741565b2b7d19b9fc5d |
| SHA1 | ea1d21e5486f3e9011477643bbea591072207d59 |
| SHA256 | f107239dd2dde8409ded8bb79dbe94757ab2d20781471d4a0a415e920654f4e7 |
| SHA512 | 9584656846f5bf025ef2d479a7127041ce5a013d00c48ce5ebf5e8f7639612516d02708cc9a3e0278aeb2e4816b4ca292eff3c6c87e3f5d59d1ee90461fa2d31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 975126eeb6dff065c3c85bd84506fbf8 |
| SHA1 | a0fcbe173a1176992594741202b0b8a73bb933f1 |
| SHA256 | b74ae69ef27702bf915dfafd39ff249d5d460387d78d7bc38ef5822a76746abe |
| SHA512 | 02b3b69b4e8fc51646b1b7fdcc4e047da02787baf469a679d0f2a4edde508376506b7381f611a983f23b48ea39d2406161062bff2b57037ec2b77687a2fcccaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bc5d99ab083c28d4915dca2b8c55bee2 |
| SHA1 | 6d1b69c4e40241ab2354080d2a6f3f3c29284704 |
| SHA256 | 3832d4b3fd7ae12121d754362557894ca614adf6ef2548b803f2108961958062 |
| SHA512 | 98f296d47dd9841e9e9b1513ab9b2f8d39e69fc98df1462d4f47607af9942ee59fd6aacefb537039a9c0343a7d10e1eead7c4dd9004de69feed511430a6fef6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6409d24158d0afea2835203a1a4cd8d3 |
| SHA1 | a8b662cce8dba5ac40b5c02198944cc236157f86 |
| SHA256 | 198d8d2d0cb319b541cd9849723e77f53af362de1f6a1df4cb2971d07bb5f57f |
| SHA512 | dfdb247ae124d57899f5dace20c7cf0f5c9ec864503764868b8a0bea82519364085fc19459b691cc7586932a4be014cb6b036b696fefa7c47d221ae9863eb123 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b43abe86bb752f649cc64c1986bfc6cd |
| SHA1 | 17ede343c5d6855b3ebe1d6507ef8bcd7f62200d |
| SHA256 | 034fcee5b20891ca4c45b366f015f3ab98a6f33be7245906b935aa4219505d25 |
| SHA512 | dafd3251b9331b568ebe256330bc2a601671395760224737502f57ddd1a18916e2941d36f8122853bda42abf39d791993551bbab2206a064bc042bf1a2e58913 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9f0405e965c223090c6b90b4d7355171 |
| SHA1 | 677d6378d6e944d9774b13712633c33a751875d9 |
| SHA256 | 58e646e98251e7581e2ce4fb545adfd75344a664830bb61c018b38a639e93f55 |
| SHA512 | 046055e0dd611d22ed8eaa1833d4622abd344dd2208df38a5b1fd11c095f52227907f558950961ce71c2339ce32f763195b8a3f346ebcdbb8b1317aabb3ee7c5 |