Analysis Overview
SHA256
61ca18dd75d7e5a3db62b598ed89cfff4673f0af77a9326e72d504dcb57800ea
Threat Level: No (potentially) malicious behavior was detected
The file 91786440413c414f08b83e5f8fe467dc_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 10:37
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 10:37
Reported
2024-06-03 10:39
Platform
win7-20240508-en
Max time kernel
129s
Max time network
146s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "400" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "18933" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8755" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10003" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "19298" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8673" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10003" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10003" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "19021" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10286" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "28810" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10286" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19298" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8673" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "7450" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e93610000000002000000000010660000000100002000000007369f3b87f276f71b5c9b2cf93353ce1bc22b08c0cd4e79ef99ec8937b156df000000000e800000000200002000000098d08ea37022e338d920746189b8ed0fc4db557ea494d64f98411a682b2b22b620000000a1860a3e1bc1fa29ff668697c672f40f6a935ae78f84e6770ef3d4628908af8040000000e55d9be630d33dccf17b38953e945988798130a34f015a01c305fc9bef5a123ed560ecbb2e5d148ec1fc0a1da118672f3f9239565d8fa18262a0f329e5de7d19 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8761" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "400" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19021" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9921" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000666f6aab25dc17748fb5aeca16afc67f4ce7638f4761a5ab9aa1fd0bc0d5485c000000000e800000000200002000000079fc323e9c47699204d550a41711b048f5e5317c21d48c127793dde64f1e091e90000000b752751ad5d8c7ea8f0d51dee4d4ba0fabe4dd2038cdecad7a3e6e709e1154fc832a4fd0c87f47fea555b2f1316b339e189460d858d986026e7db83fb6a125889abe2a1cf5777d9382e41be3bb101d5463e3ef88fd27d8e86da4fbd043d40d9b77b03aab67dd653107523578cac87a18e60ef929d6712863bd140816a00bdba7c673f199079a11cfd50886d8c7a28ad3400000000eae464ed7aa2a78ecd8e66de5ecb6098cca274884d25e384e430029b14bfab88210e5e49d197c7200e6a3d2c6b889f5bc8d4253b1950e92160a2f0d6f594888 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8761" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10009" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10009" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "19015" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2432 wrote to memory of 2708 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2432 wrote to memory of 2708 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2432 wrote to memory of 2708 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2432 wrote to memory of 2708 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91786440413c414f08b83e5f8fe467dc_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2432 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 172.217.169.14:80 | www.youtube.com | tcp |
| GB | 172.217.169.14:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 172.217.169.14:80 | www.youtube.com | tcp |
| GB | 172.217.169.14:80 | www.youtube.com | tcp |
| GB | 172.217.169.14:80 | www.youtube.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 13ed5e0369cedc64c8437eb9a493a981 |
| SHA1 | 880053c91809fef7b2a3d688143f554d5a05c0bd |
| SHA256 | 3560614f2f62c19498d2ad6c3b9fa8f232883167479de05e924a5a3ab19a8454 |
| SHA512 | 18b3c940a3b722b58c476af4141ab987ed9f7557c1e52f3f20548b2c209abd67c943761d22e20ed59c36d69f8cd911285aff7efdf2d20f51c35cad62932aefa0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar2756.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_DBD1FAADD656881B5EBDBC1DB3D60301
| MD5 | 10297340a6fdf3b94c75a0a3c999ea38 |
| SHA1 | bdb2a4cfbf72fb5c4226384f7607a3c915622e8d |
| SHA256 | a05a5be2a343ea192b29857d8280590df0f85c2c6e880564b95d228178fa15e2 |
| SHA512 | c0605edebb6dc58f49fd85ce5ba67b41a31c61ec1bf7e8fbe7ba85ba2424eb4ae461318e1b34f61d03375d2b06e10a703d1515d9f47bd7a779ff3acaeb30d279 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G17BROQF\www-embed-player[1].js
| MD5 | d2056f8d081fbfffcab81d61ea45b151 |
| SHA1 | 710243082f40626f64943ad3b656400f444d7130 |
| SHA256 | 49fa9b168cc8bbc037cf4498e31c355509e9b438b0d19fcf750b1c5fbd1efcaa |
| SHA512 | 530ca2c291c44d3d2b5869b0ae661ac047748a5cab50de280a2c8dbd26b52cdd71a906b3730e8a849debece542eb919462a8407ef2410acf28c57d2b6068cc14 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G17BROQF\base[1].js
| MD5 | 9178a954abcce420219864651c7787b2 |
| SHA1 | f874d3e998441ba6439cfd7e89514facde08cff4 |
| SHA256 | 40cc1692dd4d8e1c8ed29593ee222240494b872b734c0e31da4628014da7346d |
| SHA512 | 927bf88499cdd64ce32f3780a0cfa88b14fdfbeac6a237454dcc43ee5d56b04754a40dbcba402519637ba1a3b0f948a597260a74ddb0b316698a41559d8e1cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G17BROQF\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8SD872Q\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 2462e7b47451e61edf4d2d36136e0120 |
| SHA1 | ca7bc2b9cbb57338c8b882c4f24b56d14fdc90d1 |
| SHA256 | 9361e6f330c74320af2debe1e51b2c841df7d4ca0d03db224086be6d63d21ca9 |
| SHA512 | 77b9fe073daea887844950b08081a0cb7d6a1b9ccfb14235f131b21bcbe5c3d4fe30db827fe2daf58f6734cf2e153bc3bb13208632f408e883c0dfcc610b85ec |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 9ad80e7e92a852bf555bd7ad684a3353 |
| SHA1 | d7596d09302738b1fcf04f11bb25b70316872320 |
| SHA256 | 7f199be35bca5ded3e3c37af8581a797ce5a2e3a109c75fe1b2a7ecb54187923 |
| SHA512 | 14d188ae86e51224ac8dbe16fe02c21806905ad7e2c8d9cea64624fa5846802769dbb48e0c372ff9fdf5b5772cb794a0c952759b4522ced237366130736b9949 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTL9DZJ3\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G17BROQF\embed[1].js
| MD5 | 322e970509e24ab233b6c326a9339623 |
| SHA1 | 10e2ea809ae638d5f32385d05c569922ab19bc17 |
| SHA256 | 99cbd012a57f19a3fc1b412866ba13d6b9de2a5bb22449dcbf14ec0a88937000 |
| SHA512 | 8f8bdc9418feed04e6fc7415e9e57f0934a6b136b1a763e0e39f67efa47e004a8c3385105a1c1dd9fa48ada83ac5a2a93940f20a99d6d16722ae903c93d9817c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 30478b65d2f28fb025d77de51e2f1361 |
| SHA1 | a55a1c26572c29363588bd6aef853fb11483fbcb |
| SHA256 | 4795f910758ffa9621c379039e874e3b656fee2fcb6c5a271c8466658b44d49b |
| SHA512 | 2244b937acf000735e98333bbcdb37c05264a08ffb52e5ccb849a3a1cc0393af339e4f0d9b38559ad7947c698cb7294ea01bd742fe8fbe9789d5f376ea4eb208 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | b8c4b20c73285591400b683559f82828 |
| SHA1 | 2019a8d80888d47589ce75aff82794404c645711 |
| SHA256 | db001b12f4a43259528a4db4fb160d3ca6f2135acb5e530f3f3afd3af1591e63 |
| SHA512 | 9d06d9c360ae3d674a47b30c994d6a102bb356ba61d003c5f9b53203feb93cfc3c69cbfd72a112df4f4224d3ff027824bee156077c4bc3fbb9fa95066b53be88 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 306635538714ee5483609e2d09b15f61 |
| SHA1 | ca70e5dd5efa47575e3b7e6969a409aa224cadd0 |
| SHA256 | b12c5f8e2bdcd75364126f06980ad0c8bb20a486dba22f0a8cc108136dae91a9 |
| SHA512 | 2866635a11b84f782c7e1637973270532d3eeb5a7c120167ab113e471d1f79439fc84e09afdfb22323d10785697cb1497da38bb576b0cbede34385637c8c0097 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 23a93da30acf76ea3f39a28bf3f7a8b8 |
| SHA1 | 8c734baabb6249e14a3ecd6691805f57a7271a1e |
| SHA256 | 0ba3f54fdb9bf4a00db0429d3afbd9b9aa67924c67a2d7e4ad6bd5bede9f5863 |
| SHA512 | 983a9da3293c16e82bfc9cb96b1b7bc416bdf7f37238bf7e7c541900e626d7a7933391ac44be75e09b0beb156075f45c4563240c2918af635b5c347b65fff9cc |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | a86ab90e31d68e5ae37e014235e9d5e6 |
| SHA1 | 08ceb9790908d14e11381b6036cf0ee01150e8b8 |
| SHA256 | e400e22f551957f9a818c1afb7e461c30c6b4b23c03452e2dd1a33b0a1fe0866 |
| SHA512 | 620f7751601bf998302738604e5ab1dae5ab53ec085f965bfd6c9a71bf813e8758190f538ef0f28f98cbc2e026370fa88b1d0b7d88c61a57172c7286996042b6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 5c9f29df8f5bcec89e42a619b91068a5 |
| SHA1 | 9263dc0bd4d78056a68760366ddde9b0bb9b2113 |
| SHA256 | 9241a5c7e6483ee2dabb5a1f7348f17c42ed4d42b11497cef71f9aec35127a08 |
| SHA512 | 6af4fe2ed1d333c832b88e20436a07a83a703a4f009bb495b4637690b9edcfe3a8c4e220e61c3591f415b26128aa9f3f6839caa1f808b3a522bc33a66f7ab082 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 1f4baa98ebee18fd7e19d109a92850b0 |
| SHA1 | fe53f06dd61eec902e028caf9526d2dce54b35dd |
| SHA256 | 63a6ae31001b3e0dace70102df2f538568b8fe396f24f364875efbfe21831c55 |
| SHA512 | 85228624188eecfe5c0c2b27827bf36b2853d0955640f46c58333e59867f3f25c9d88cbf29f41a7a3a846577b27623f5b8e132ad3467f1027b57e909b445f30f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 5a444f910a56374768682d63e8af1f29 |
| SHA1 | ea983d915c0bec514bbe0519e3939161521f27b5 |
| SHA256 | 930fe14b4cdf4139cb70fe9e930ce0a16c75476dd627efcf8eda9d88bcad8f47 |
| SHA512 | 0121fc8a709621f7ac1c963b1c89317b208b48c4cbb47c1e7a58adee8d6787999c0cfaa044695cd021a9680be8f583c2bfde1b09e531ed8fc6e7302638b775c2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 34f938909316a6488848987373b64f89 |
| SHA1 | e16ee868dc95788b0a5386e23e35aa24296470fd |
| SHA256 | a30678c2f1003d66cd76ac10569ac8385bf283a6b7184e84476712074596eab6 |
| SHA512 | 69484bf58ac7a1281b21840be3b7054357fcd1591b63494adb77d17ed71d584c11cc011a21942bc4aeed86da428e01f3d3e0c59b7c0fcbf989522710826ae441 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | ddedf05971a3cc6bd270c59c4729720c |
| SHA1 | efa7ca86ee3c626ff69051736278971f6838a500 |
| SHA256 | 432a6d748184812d69495e722072e13aeec7243c94906afc44ebef9459ac5f9c |
| SHA512 | 9049da641fd36a3ac672c12c08e1df5637a5c7bc9d41191d84b4cf42eabd8ecad9000fe6263d14f046b8cccfc20e807563e777c0d6fb2655674f0c3f107252c2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 555dd47efbceda8e84bff81eb2f7e85f |
| SHA1 | 61bbea69969605422d3c548362786b22fadd9922 |
| SHA256 | b840bc7c1023de76b84625db7eb75a699aef667ba969d5347eceb5f74474c293 |
| SHA512 | b2f2eb3056dd833c4f8f7384c9c2ea7643e551b19640fbc2d7f82dc59ef507ba33b69ef13e96c7df6da6253d53065f28b01745561cd6b39fe880392e708e2fdb |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 637d54895f5f7d2f27714f5d15bfe548 |
| SHA1 | bff4cd4b54ac83ec5563abad1f53ac22d0a0bf12 |
| SHA256 | dda3f249ce1cbdff2d5a17490783287414a865b6bb4c65c44fdb4953d1f12b49 |
| SHA512 | 1af96cb0898440fb454714c1f8de10b41c63be9d911f2097f6810e230d7ce0e5b534a365fb3458c188179887be7de3eef0ed5f56d9e62f0793b7090f67e06378 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 0da2294a72e0a28b289c80d8c280a39d |
| SHA1 | 66744ab746337549374d9248bbad53a10041b257 |
| SHA256 | 255c214d7f77dd0d38f0e0f2877a77da67533ff0b14d41449600c7c8944e5de9 |
| SHA512 | 1c896e54c2911c2281c4d5c2c8354adc77467e429aa04de6cc4eb3cf4e4127f72814615568bbe3b6fbdd9ff393042534199405667b5c9e918d103b1ca716fe05 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | dca5779dd4c57edb7fddc1f74527d73a |
| SHA1 | 2142d55544d5fdf569c395a863cee4fb63ca400b |
| SHA256 | 631b0ad46515421752f166c40965cd2565475dc0a8d463442432dc11a7e62a13 |
| SHA512 | 77f0f57177678d12db98a13ce5b5dddc4cf55d524f5030178b44caba96ce2606176695181526170f36cb8912855f07e601af087518d7d95886f7ce7c7b540cc1 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 95e48a95f3d71fffa0ae4f6f48faa4fa |
| SHA1 | 04796fe236fff5afba972c76e918c1bbcf27b64f |
| SHA256 | 09fbf6412f1b697977f9d897c6061ad9328129fa7e80b2a637790ac66080ed0d |
| SHA512 | 4599b6cf659544235d16451a49c7dd59c87077486f13386d52ab8ce6f836a324eac7f6beafd957209c710f3ad898a846caf1019e65c873d1527e821825960148 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 02f419ad658be7588fcf361799433848 |
| SHA1 | 3eedc20806c91094adc8e965309abd4251a11ffa |
| SHA256 | da63de8e68a676a60d137d3ea3a738fe71ee64fb822c40008c06d47501011dad |
| SHA512 | 106f3933c0f5917351a16a330ddf88f14632260d1f6b0f6438f1aaa2f84b989fa0c80787fb9b6bcc3090a45811edbdf43c592ab9ac025e99d729b2ab0915165e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 5e22e59dd9869a3b8e735f0aeee4b713 |
| SHA1 | 0d0b33a590b3e7fc89d165959c1dc866c44fa122 |
| SHA256 | f0becd7eff8890a15eeba10004a17d44bdc592ba49c4f2b84697c9fc45a2914f |
| SHA512 | 1ca21850308bf37681952b8602b9e500f72bd518a7e2c7b2ddbe38e1d0abb70a8409a118f41e1bab90a48ef998c653c9e6bc2b49a1095796dd58e2d0871aa3c5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 3a1e21a742bbba3dcbcf805fe853f49e |
| SHA1 | aab214f4b7e94aa6af5c63f8a479693f7fc33825 |
| SHA256 | 1fd0dd94fb48a23dc1757378ce5834f92dfd9192cc858bd51a7618d624922a2f |
| SHA512 | 838a206a9f654f5106862e639300b5869d4d15e2a1ed620ef2865fa01dbeff2efb25f6fdea35684ad455b18d24e5f8eaa3da7a437fac045620bdc1b6ad3e3789 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 748e1e5ab3a9b19735cb7b81b946be7c |
| SHA1 | 759d9d24e7a65b1b2fe073b3dd9f376feff5be9f |
| SHA256 | 2a41bcd4ee44ec7cef3514d74ff2a2de904fdb14de906d830df94e45b3ac3d5b |
| SHA512 | 0aa43fdd71f9e67466e43eb73f0f839bc8fc4c64518f88f9b08e761ff69665f6b768a0fe1a7b7d53f3fb293cf14a80f5b246b8e2da2b70ce27dd2488f2e03938 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 2bd038d9e4f81129ba9ace4532158987 |
| SHA1 | b5c6085a08470a74cbcc1bce783a96c4087a2550 |
| SHA256 | 58737c99c3637ae2e4ea6dc8d979b4b64e30d333fa0ff4ff5f0b1ee39df19b44 |
| SHA512 | d08ac6ba6c834e88c0652eb7077fee2065b71d6face26b0a3eded59de282d2d60a6ae4e67a93bed99e4621f3f5737a8433b2e3d958e1558a1aa8c0e04bedd1d9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | d0f40f8049f6c5010f97cff3c5f5b6e2 |
| SHA1 | 701db898e35f257984accabac77ebd1a7328bc01 |
| SHA256 | a6e68770f9530895782af189520baddb75893638b74ae245dd1a0fb74463aaa2 |
| SHA512 | d7d58aec716a6569e779a8eefcc26136e930586b1359c4634d63921e42d2d6db20874ea501895b0de6c35c859379fb31004b2180df13a8b45203a6b50d26ec1d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 62d164cda417d12eae683135fc0d08b2 |
| SHA1 | ad1304ae11e28b60f195848b6f477b5adb3db4bd |
| SHA256 | 5e80e7256ce01e5a1d6626acc4a28ee81ce98c1a2d00c1e7994d3b1de40d498f |
| SHA512 | 401b80d55bc0813ff3634f2bcec2150f889b5a6877bf6ac3a695fa5b2f955ca25fb850be1be7e829be47aa785510381eb0ab0bfbd38f2150da5e5c125db310cd |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 0d895c205be163e975c3aac21b35a968 |
| SHA1 | 7eed2703c8af76f1302d3a5c52b1eabd950ae795 |
| SHA256 | c4acc39b996c3040d8f21929e9d0ea29c4b7e42f5d6fafb667fdaddea7a9794e |
| SHA512 | aba7b9c8ac314c8862efc6825223cf750bd59026f5b4a8c509a229369efeccafb1b7f3809a2058f711a7931141afd28167c17e8d6f3a02086ab147470458200d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | ca7747519ebaccaa55147d99ecbfc235 |
| SHA1 | ca8de8f1fe292723c6d35cb4b8c69904302eeafd |
| SHA256 | 2658140a2af5d7bcf4183f1fc34b42f9d5656e7c11aa8e7fb1b93b5f8fbf7255 |
| SHA512 | 44bf19677be9d8262e72584faa44d6dec198a62e9e1ccecfa9016f361483236458731553a5060993b15ddb57a5bd8209d13f71a8230722e037a159fa0b2ca496 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 7486a5e4cff31d0cd3cca52315ac4d73 |
| SHA1 | 58a75bccd04206621d225f023734f5f06a46a63b |
| SHA256 | 0c413fad0e270240d67f43942da497c2162c8f1870aef6af25a7b6fd70101c79 |
| SHA512 | 33605bc53943d49fa64b03a363a55eb0691241ce8a09ec7f6eabdf3b3fc93b8a7d992d925ab7acc211963389b58d583f7380e0b0a9ed05b506d128287ee37ab8 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 4e1d026b732248d55b3adcb4d4992064 |
| SHA1 | 67e9798c47d3cdfb5e2ed523888eec0a825afb12 |
| SHA256 | 8b5cdce0bfdab5d010c70fca1b6af37ddbad0ac158c737f13baf0577b50bb9fa |
| SHA512 | 35ce462dcc0643c61426e93929514ff60d5b89765f10635394c28329e2a68a821be151c494c3d6cb903b9c0d92ca45e8407d20b4a835e8c051f390cbe845313a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 7f7cff00d7c7d66177c1f27143eca149 |
| SHA1 | e7d1d9de94cc2ea906e6ac15fd8d488eb4aa5f17 |
| SHA256 | c8295138c58b3b5b76dcad16838278748b4e27fd17eaa6715dd30272aa1c79e0 |
| SHA512 | ccce6f0144589c9906597cef7fae6b482651f200ff2a37859473c7b29966ad5a84810c6c2870bf8f78e1669533209c11ada10f7e03416284561e2328a223f135 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | d0b49f898884f81f583a688ed59669fe |
| SHA1 | 3baa31adcc6c44bed9ee18e8b0efd85e7af61e5a |
| SHA256 | b5bc05156f04961754701a33bcaad241290404dda24608ee3f0bc6ced71ccea8 |
| SHA512 | b625c83b8951f9f1ac16c8826cd4a672f5f147cc460864ba03620484a859dfbf9d3dcbf3a8476b90e282eb20b6f38f612350ab2f97c77e92b0aed65c631125e9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 05669720d806cc1c4df927c69ee91778 |
| SHA1 | aab744879fe6a91f28b44398d519a34fb228144f |
| SHA256 | 36ef9dd800d834fa92e167efef385f5e008c9f0b60d941aa69767a7739a585b9 |
| SHA512 | 48de46c157451fcabbf858730777a258d70a87d34a803f1bf5b226b1b29256b752dbfdee08eb45372472d6f4a8e3ef909bb28d66b2f67d6760144fded0f40221 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 63fe98bfc3849e92c5adc0ce5df64c29 |
| SHA1 | 688c5550e7c10006e429777d608af4801456097b |
| SHA256 | 7af273a09eaaf32f91f73ded2486a34a6a8c48f05639561fe7e036ece5bbe142 |
| SHA512 | 243b678f2cdec682d734922646802f2e301506a6ce91a9b198d803e32ae46b75b48ccd281ea0313fcbcc2fdedd6693157297f3b9f151e3602fed854952e30f16 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 34fff487737e11ee68c3b2f94507bb53 |
| SHA1 | cd152e6f650bc735ebbc7f134120b3c287cd7a51 |
| SHA256 | 4b562b151cb970a90d27ef8946842c0f9315f1a6340a4ea0683aa6a9253d868e |
| SHA512 | 4d56a50ab58df1a2ee87f503a5e06e429d59a464e37b1df44547985b481e095e88564f1aabca21bbc32cfca3717525ecb46c387b2ffe4cff3fa27f676021ea6c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1bf08c83bc26cb730debe3ee6f99a965 |
| SHA1 | 7ca732c1052ae6e318c999b421e68d4ddfb1e153 |
| SHA256 | c591a82bc261b7544a2e3f8a26200ae965f1066743d4a0997626302db63cff77 |
| SHA512 | 2fb747f7d35734d9691581db96c867ba9e26daa903db51cbb0fb86b73d697b575a3fd249c2cbe0815d5df2eaf46cb1c2a63fe4c6837532cacc35b5d971c149a5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6c6d0e83318e501c24090eaa649f6c58 |
| SHA1 | b8836ca8dc33d841a4ffd71bd6d2107604f24091 |
| SHA256 | 1bec8bf82f96ef7dbf3a4518a1a348461400a2179b9f8c656ff15de3d4f0ab81 |
| SHA512 | 759872dae92f0e7090e9f4cd01480d6bdfa85106b4c32e4b9f2fc1f3ec9d94752fd302caab9f82424676739f1fe1837a497a7c211859300b571fc83d613ae1c5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e8d72455539b034ac948ebca6eab539b |
| SHA1 | 3df0fe34e4779d45d54707a006654c3bbbb3d782 |
| SHA256 | 128889a44ac4781284e1c4f53f1266b4f991d0af2468a3941e3b351b243f4978 |
| SHA512 | 385f111ab6343b87c67ca527a22680cf4f57de825a6edaa23c1a0fc204953af4ed22de110a82487f69060942cc2b6c7a0eb3b9cad2f993f12be05445c77dda52 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d7ea685569d8a0e534a181b20d09a29f |
| SHA1 | 6bf919cfd10982a79bf73a01eeaa8c4865929db1 |
| SHA256 | 6aed1c4b6ecde733f19cdb2d287826b81e12a3f783ad905db54241bacc3bd100 |
| SHA512 | 56238d8196ea18b65236af043d0cf5877cc01f20276c7eb3b82e38da523c36f0b1c6b53b88c55a228bd4b5ea875e52b881800bb79c680f257d6b74775599d7c3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1f94d286ed93d21c5bb17109aa17e71f |
| SHA1 | f58ac1b0104ccade06f2f1db025305e69f325e46 |
| SHA256 | d771912266fc2e9f5d596b853ea62adafba411ada1f8ab1b66c982649c6a2b17 |
| SHA512 | 583d236b07f62fda56817c8e1e3815ab7d80b9c41944f259d3da11cd2b6608c444f31259a3059631502d6edc1c9730f9aa24094903a811d3549f4973a19296f7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0841c15de2b6d9536d47686462ab4419 |
| SHA1 | 7923161a3ceea2a9145c7279c3cf812c0c557d0d |
| SHA256 | 017ac9aaf28f6e41a15831fa5368b8e9a0267df5a1a531ef8590903eda617a81 |
| SHA512 | 3f94379f93f1e3c78eefac5d5d444223f9c693ebf8756e6eb9477ac0ac26db0edd899758b85366cf36083a5cf30c431e23d1ebf273d789d0cf1f947b1cd090d1 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 3ed37243d9dd6c0210ae5457cdba1650 |
| SHA1 | dff67cc22b73cf3afdd2030a9bab0218ad0f6c20 |
| SHA256 | 23f5fbaa5f28e2dbd3950d03b0f91d1ac41b04fe7a7d6d2e8b78bf8a82183c64 |
| SHA512 | a74f1efcb6acb888e62fdd167d4a77fb04561c45039a6678a58873897bdf1161b7d199c1524edf969ff15b2e9d528958627241a294ad4f41e22dd6e7efaf1af2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 48a0e874394977ee85b16fecd05f2b02 |
| SHA1 | 97801e12f4766af5838556b065f1719a23f90c7d |
| SHA256 | c931963e96dae9e61939c1c2a11aead929c2ae82b468cee50073862027b56874 |
| SHA512 | 285fb29569b3991c1726d58364a470c2c7403b6cf0d82255092a8f852bd5c3376b1cc9fa7618d6412d1b1717671ea2aee87f573d30a51cd3e7c5f4c228e084d2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\66E4LQ1N\www.youtube[1].xml
| MD5 | 1551cd9d0fab73d9b79c1d7839fb8e96 |
| SHA1 | f06e071fe60a64770639b809a0b466cbf7bfb37d |
| SHA256 | adea992043c2dcbb61e35a44816722d7befcdb0b3d4335961d66dc25cececb5f |
| SHA512 | d5f9115c597ab786799726da556988f020286e8890554d859cf409a6b04ce9f2394723b07e4538b7034492ba4515eed878a16fb1090d0959bbea694cf6b51369 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5ead6c2b6a1b4065352ed760cf76e153 |
| SHA1 | c12bf89659347e561b899f80c7db2f233bb27b00 |
| SHA256 | e82d156d314468969956124356ef061b42d4910c780743ff60f447be974d2f41 |
| SHA512 | f403d0c0815b8f171a035053e40b7fb0f668b1ea7198a337d95187f967302cd38f140e1bcab12836be41a8fb6fe1aa705d7c7c40c4bc501bd38b8c41c41087ee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f770e113ea811555aab02e99d9ce6aa5 |
| SHA1 | 97c553f05cd2a179e1d966ea8ef12557b733bbe7 |
| SHA256 | 36c52e4e9d70dd85c46bfd41fa698999a0572f7b4478a62dd1b4e3f73e8bd1ca |
| SHA512 | 69130a2e87768e0b79facce29efe8568adc288c3cce2080ea3a901369fcbe58b08204c594b89f745fffc790333fa6905910e3fb6b6f2c2b2ab1d3f6e1c93a9b4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 871ea6b2db60bc79356eba39e8d41ef7 |
| SHA1 | d0c87f3d8ee8e204ee4588e5a6b1ee893d3824d1 |
| SHA256 | e92b7e95f8805c97bf0f946a9729d9384b3415f263e9982dda1c3228555dab54 |
| SHA512 | a2b97e85b523f2afc97f1eddee4f7c3d1a2d0fe6d7bc48cde4a72e295e33a149a6e4fa21bbdb6b4ca1e2706bbf1a47651a4f4f791a80186f36e137ac267f51ad |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2fb5a2d60e40cf8e2cc1cf3dd38fc976 |
| SHA1 | 07314b5de1323432f105ab9b23936e6e15fdec30 |
| SHA256 | df2afe28bf830a0e469a617db8e038c742bc80956c23adfdf32aac894563dc3b |
| SHA512 | 4df638678eb2686dbb81020fa8dccdb769d20351f4b38b15e2493dd7ae75a22ee2b48a0f64996d58275f153afdc2d9cc800ef262805e34b7892cbac0d103972f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cdacfcdf7d8d8a9f98d80ca726c60dee |
| SHA1 | eb81b8c2a4499606003794697753069235650f98 |
| SHA256 | d66d745e3ad0eb3cfa09ee07fcefc25f8df6d1f4486fa613dbf1a47b1de1b457 |
| SHA512 | e01fa8513adae9692e505d42f25856c727050110790652896035108ca3b945e319d4b05db75e99b27065d886bede82cca206d8983bb95212fd683fe7e96b922d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5b6aa4e6c80e91e790031ab34874f723 |
| SHA1 | 17c39e57d79c8dd820f82c5bcb7a52c4d01fe20f |
| SHA256 | a28a5a48a5df450c40ff7e8eaeb9cf66c7f8e06de4b6a267859c5d13b8aa74b8 |
| SHA512 | 924efa0835b6c93aef8967c1712cc603a9801b2230e6c94906cd6f18778f5e78c4e449a90c82e68b7f27e32201f96895f3f0a576c4249b264a0a117a89f5fd1b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f219d7a18338da83d8a87d7bb783c200 |
| SHA1 | 9df5f8341876f507863d0b9253925672f0a22595 |
| SHA256 | a4b8db69cdc7abf78763da836250f25cb425db9753c8963d091ae64e9d1dfc02 |
| SHA512 | 2bc84f8c73f8d72b5390401773d08008242b4365ddcd72b3432881d8fd82d812f0bbf53115fe200e351965143f10b6f823c0fa9a76496530d3f5c5ccdca26833 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5de88cc50793e025515b6542aa0d77dc |
| SHA1 | 7325239f65f937016795c2ca585ffe3833e048fe |
| SHA256 | 44bc0972b1fdd4cd0285ff6b9e5fed1bd63bd15b106b3cb581cff831329f4536 |
| SHA512 | c64481bc60b031312750102513f318e9c01dac86ef2510956b775ed9d8ceee8b04b8188c27ab9c3a983f4fe45c040254ef0b503e5d6911526979d89a7f80e763 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 03fdc59b1584876a3aebe4ccb906da1a |
| SHA1 | d01193e0688b446617ac48ec4a33bd90e77228f7 |
| SHA256 | 0b3e12ccc6cf6f32ccf852cd3bba658ba54d1b357ea9250a4814a062a9b426d7 |
| SHA512 | 3e4b86dc0b466c4c291176af77e920d7afe5afac4933563d493a187eceab54e35c397ef935011f45fadb37d55a5f961e506c571c3bb43e0ce1aa690b7091f0a2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 40f6a0b20938a70c3015b3df0933acd8 |
| SHA1 | 0d7d1a520d70056f11f4120fc3eaf8c48eac2537 |
| SHA256 | 189e92fc2578f65ed9c5ccbcf26fb67074b442102e9143516b966ae4ef4bdc5e |
| SHA512 | ee79d969b95bdf97dd16b57a0995265da87c620486b47a7c2f4f9b5e0555b40c946dc0736c43cbfb3acd87bab2001ee89884e5d507f9c9e516ccbb6a870cfd8a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 46c875320044fb8e25745c17a6d00d27 |
| SHA1 | eb559ecb84a4fb1ccfcbac0212af383faf9c679c |
| SHA256 | ae550c64933cc1d434ee94819d7850c6b701519f5387804ef3976d661d7ac346 |
| SHA512 | c74d48845937837c600acdf2439bc8505436ef4ced59fb024d2db6fe9b5713a9b76096b77701d1bc61edbe059083074556369a6e87ec94ce61da127fbf6bc6e8 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 10:37
Reported
2024-06-03 10:39
Platform
win10v2004-20240426-en
Max time kernel
150s
Max time network
152s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91786440413c414f08b83e5f8fe467dc_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd521f46f8,0x7ffd521f4708,0x7ffd521f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5896 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5896 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,5712562589766538741,9620830457236759941,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=180 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 172.217.169.14:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 172.217.169.14:80 | www.youtube.com | tcp |
| GB | 172.217.169.14:80 | www.youtube.com | tcp |
| GB | 172.217.169.14:80 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ecdc2754d7d2ae862272153aa9b9ca6e |
| SHA1 | c19bed1c6e1c998b9fa93298639ad7961339147d |
| SHA256 | a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7 |
| SHA512 | cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2 |
\??\pipe\LOCAL\crashpad_4556_XKNGIVLMESKKQDSC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2daa93382bba07cbc40af372d30ec576 |
| SHA1 | c5e709dc3e2e4df2ff841fbde3e30170e7428a94 |
| SHA256 | 1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30 |
| SHA512 | 65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c0862094dbfd95e30b24047c455164a8 |
| SHA1 | abf518ce8b0a1eff347900909fcfcef800f0ae07 |
| SHA256 | a69441f2914120d9fb9bb6eeb1fd6d7016f7a5890c799c924508171fad5c665e |
| SHA512 | 2def2f2e09f56842142e6330e3efc361b476616f7ee6ffdc1308f3f8284b0035bd58ac404cfee76f89c813da3c8b5a4fa0b1edd4aa3064ab5ff48d9241de005b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1833eed4bad69dd2779da6fcf8c61074 |
| SHA1 | da0047aa3a4ffb9d5c650b4d1626bdf573c50417 |
| SHA256 | ea1bb7da1e5486507d31cc7a4ec3af577388c288a9bc57ba9203d65bc277dd87 |
| SHA512 | dc81f3340d78129310f46bddc3cb4b8e9086a790e31d79ea746605b0f7ad63750011caeb38227de64a0cf52157fdc7bbae385a077e5cc109b3272023c3bca15b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 28059602446b921d17e78d3f7c456fde |
| SHA1 | d502595b477c59785292668152bf23b583600c1e |
| SHA256 | 08a00675b112af741a06565332c3e3e936731a3bca6c97c26d3d29bedf6867e3 |
| SHA512 | 3402d49724fed8945e7b6d942475200a43812bf2242ea3906352037f5b35366a6fa055cd9a6e7e2d7a7eb4dae3ed4ea8a12c7e832dbb4a557f0dd7337a2b4b79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7ede2be8d6a7a2dbe7029292db66fd10 |
| SHA1 | 925019ffbeb0de649bd3ca42ce9edc0607babea7 |
| SHA256 | 4391b3adedc5e2875c8c8e37f3f441ecbacd024569013dc6ef7227e87d76bf81 |
| SHA512 | 917a5798ecf6d23c8bc6f93e50bccb4f6f12232ec12687202714d8004f6dc5062d191ca022d0b0a0e7389e35aae3dffaea23a063d686de561eeb8d7d62f4af6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 507257fe3f94406305a91c52880c41a4 |
| SHA1 | f98a06b1a37be8408cc65ffea614a6dcce4b8086 |
| SHA256 | f3fa347610309b549e915a39b5393afcb8c96c4229326b6309e66c5168d127b3 |
| SHA512 | 36a446779bd8ebd953b8a7da7bc73c1b21a285c8f14d622b61d03931c86b8e4d90880ffd1c63ea46d8fa63bf88a58a1304ee4838d66cfa73b1695b22a7f90d41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4cf7292838252c36a9c4354ec80e2588 |
| SHA1 | 60f9d236b66d11ac453d931ad401de3818dc8283 |
| SHA256 | 51b53aab057470139e50483e6e7622d805d92680c2f761cbcb59c90019ec2a22 |
| SHA512 | 1ec200986c5838dc0af967cacaf440ecb61ce79a1634b18728e6c5999c844e48db773260db56db91403710e273386c8c6100303a3f5b1719b7d99965ae9514f8 |