Analysis Overview
SHA256
9e4e53943af71c7842415686e064fcfb0a9efc1f033b9aaaefc1eae9aed5e92d
Threat Level: No (potentially) malicious behavior was detected
The file 91b780ae88cac81a2e2e4f06fff62210_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 12:03
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 12:03
Reported
2024-06-03 12:06
Platform
win10v2004-20240508-en
Max time kernel
149s
Max time network
150s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91b780ae88cac81a2e2e4f06fff62210_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xe0,0x108,0x7ff86ae746f8,0x7ff86ae74708,0x7ff86ae74718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2424 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5884 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5884 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,13997041563371942631,12467100722853726619,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3264 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 216.58.212.206:80 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| GB | 216.58.212.206:80 | www.youtube.com | tcp |
| GB | 216.58.212.206:80 | www.youtube.com | tcp |
| GB | 216.58.212.206:80 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.143.182.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4158365912175436289496136e7912c2 |
| SHA1 | 813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59 |
| SHA256 | 354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1 |
| SHA512 | 74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b |
\??\pipe\LOCAL\crashpad_3076_AAPMYZVZHPUZJUDM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ce4c898f8fc7601e2fbc252fdadb5115 |
| SHA1 | 01bf06badc5da353e539c7c07527d30dccc55a91 |
| SHA256 | bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa |
| SHA512 | 80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4328f238efe0d168385202cc47696519 |
| SHA1 | cc7be842a60d25951fcad99448e2495cb0754fcb |
| SHA256 | 7248674933033cd015120058bc49ff30a9be06731c504e2434efc4886919a7d3 |
| SHA512 | 72955f5565a52435101bfb631abe9a1b6eb208ea9ceab78c6dbf9fb7e7c39be0735b3f35ef1efaad7ca5379d06a8b5bd189f9ef97567cef9eb94b56e48d56308 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | f871dd44ae8c9e11c5c85c961f8b2ab1 |
| SHA1 | 7618910822a0f2639b405e3c0b13faff0431140a |
| SHA256 | 2ae2564f74716a4e44850d845f0cca255c6c0c3a7dc0c8ee6bfca0212cc394ec |
| SHA512 | 3b9638f705f83e37c3e0c9db1205b2ac76b96ba72ac56013a6aca6f34a7a9ff3548e8fc67d2b85c9f23f8337f696baa8fab01523fb04b5fd618b130501eed47c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ad65176fd025b063bddd500e986adb63 |
| SHA1 | 61a99a43cdeef645e8efe367754939d6e189b16d |
| SHA256 | 1281d829019be3264e2d461e3c7cc5382c8d2d78a128132c61eb3df9b634c79a |
| SHA512 | 9ddeb1fafc7bd556e7aa7bc9ca6b0b55f56c6f75e5ff5e6f98f33e7fc8f2646d1e59e09a3e1361db27f817d48ea06dab956bd062075fa518d26621881bba868c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d1a6262839941fda9499d99246616a16 |
| SHA1 | bc07fdc6de58ae4f149895de6f9a5c21980a6fd8 |
| SHA256 | 6b257d6b1d8af28d63e280e077c39a57e13ce41e2456b9f9c308a1133737cacc |
| SHA512 | 37b44e03f1d3280608a669f3c5582e301f7812ab648ec8bbfa80bfc15a2d5a33defcfcfacc21ec042147294472167a6954b2736bf158d3078363deaf4f135e2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c5a772317e99df1220c81b3c515a9633 |
| SHA1 | b8ab821db6f4f80da59381c0c25cb0b2ffafcbdd |
| SHA256 | e395a7f189944fcb31a2db256d29dc81a665f7cd02d2e2d77a07a70670d56f76 |
| SHA512 | 6fc4f768e664105f9e08708946299c43638e5df8b9a96ff8e886add3c434aaa16e84f4b9bfcaed50e8370bf16fcc2205f5c821cae7b41a7ef28e44f00442d368 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | dc52879e2ee6fcab61b624184c5a9b27 |
| SHA1 | f7ca2d8616cd04fe0d804781d8710fc6526a59c6 |
| SHA256 | b5969de508f4f13874deef0c204e92cf907c97da85b131e8427aa454ebc156ce |
| SHA512 | c4f7a355060f43e469439a385b7cd11d7308b5dca46920d81409a6de474e9efa8f1283c447167c12fd06622f563ebbc5f6b750a45ca1ee6ae571de479dad2af0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 27fe66a1e6e6184af1c11340d5958471 |
| SHA1 | c4b2e0f45dc6f934d593f7c43699ffa6823fa318 |
| SHA256 | 91a1dbf1a5322d2bdf822554757da2c742b30b8204c6d55480370212bc5f8cce |
| SHA512 | c05f0dbf365bcf02e62a77a03b54c29ee9fe6163d9ea139a69b4f74bd09d26ca65929994c00f9ff12f4aed0f4541f66b9d4b965918b204ec8961f13d797dbc0d |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 12:03
Reported
2024-06-03 12:06
Platform
win7-20240221-en
Max time kernel
120s
Max time network
142s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10909" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "3116" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a04a164baeb5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10788" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10903" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10788" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "11021" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423578087" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10909" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "11113" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "11021" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10909" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{4DF0D9C1-21A1-11EF-B2DC-EA263619F6CB} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "11174" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "11174" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "11174" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "11113" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "3887" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "3887" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000034f5abd78bfa4e4c83c949835afadb2200000000020000000000106600000001000020000000663a178cc6e312c9be497dfa022ce5b47ecd05599cbcda2a33c8a6e2a9a397ea000000000e8000000002000020000000a9b8654401fb41260a18f4a00033a71e3bf5bc3fddc995947625eeeba31231022000000063523da25303cb0ab75907eb8395de58680dd2c4f834a6bc59c92cd89dd21466400000004b516cae73ac9dfa6ebfe00309d70dc420529e33b6c683e7ad72afcefff5433c70c6744c061eb7e149d65e69e18234ce1e83da55374b3a139b4b76ce96c8b7d8 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2904 wrote to memory of 2944 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2904 wrote to memory of 2944 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2904 wrote to memory of 2944 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2904 wrote to memory of 2944 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91b780ae88cac81a2e2e4f06fff62210_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2904 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar5114.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | ea0ec865bdff222478e8785655729dd9 |
| SHA1 | 0388b57deadb340461a7cd127fbe09cd42bbf785 |
| SHA256 | c6dee10d6b30290adc2bc50635e7bc67c88b0fc4109d6fb0ebf637d16f28b1b0 |
| SHA512 | f2947a9276282958131affe7a9bc6252bc1e6c5e93d3ced6be0b7dc36049d59bea279c6439c7371227f93d7c6bf5bf4675b2d3a532f999a1872d3728d759346c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M0HR0P6\www-player[1].css
| MD5 | 6e076abc1095221e4e3e21dbd9d1db4f |
| SHA1 | e908cc0f7829aea16b42d8fec6aad567c41f587d |
| SHA256 | c7e69ec7e436426c5edb45bb5fdd943623f987ecfdb86413528b596e5b0888e9 |
| SHA512 | 3ceb46ea8e5d5abca4a1a053f20b38ac6d6c9ee60594da54122f4ff09422495261dc9356d0ed0c240ba44324c37bde120a90655b2ea40556280df674ab44fe2a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M0HR0P6\www-embed-player[1].js
| MD5 | d2056f8d081fbfffcab81d61ea45b151 |
| SHA1 | 710243082f40626f64943ad3b656400f444d7130 |
| SHA256 | 49fa9b168cc8bbc037cf4498e31c355509e9b438b0d19fcf750b1c5fbd1efcaa |
| SHA512 | 530ca2c291c44d3d2b5869b0ae661ac047748a5cab50de280a2c8dbd26b52cdd71a906b3730e8a849debece542eb919462a8407ef2410acf28c57d2b6068cc14 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M0HR0P6\base[1].js
| MD5 | 9178a954abcce420219864651c7787b2 |
| SHA1 | f874d3e998441ba6439cfd7e89514facde08cff4 |
| SHA256 | 40cc1692dd4d8e1c8ed29593ee222240494b872b734c0e31da4628014da7346d |
| SHA512 | 927bf88499cdd64ce32f3780a0cfa88b14fdfbeac6a237454dcc43ee5d56b04754a40dbcba402519637ba1a3b0f948a597260a74ddb0b316698a41559d8e1cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | 9379c7ab2e76e497b70dc7441c3aadf2 |
| SHA1 | a93dcf56167152e9e4b105c5c29494b1d2b79e72 |
| SHA256 | 64388214d1116926e071032a25a13399ece87d32202b2a46e20ee55df5478cd0 |
| SHA512 | 3c65593394d987c3d93695db9a1ee0b768c7e9c06d01830f5853dbae3b6a32fe237ae3c8cb9b633b11f83b4ed3fb745325755a66668fcb56d91a77b34369938a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | 34c39f358eb841348780ff0794ec8e7d |
| SHA1 | d5fc375faeeb95e91cc15fd948a7d480548172b5 |
| SHA256 | f8d6283edc1283c1bfcf1e026b0538f39447d0412f74062767f3847f38fcb9d8 |
| SHA512 | 83bb71ea0bf8468d8299143fac58cebf61ee1bb6c0beb0ed8b4276abb8c8ed3e91e58e7648de91f2951f8440d685e65ecfcc7d5d7b304d04d62d30bf7c9cffdb |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\embed[1].js
| MD5 | 322e970509e24ab233b6c326a9339623 |
| SHA1 | 10e2ea809ae638d5f32385d05c569922ab19bc17 |
| SHA256 | 99cbd012a57f19a3fc1b412866ba13d6b9de2a5bb22449dcbf14ec0a88937000 |
| SHA512 | 8f8bdc9418feed04e6fc7415e9e57f0934a6b136b1a763e0e39f67efa47e004a8c3385105a1c1dd9fa48ada83ac5a2a93940f20a99d6d16722ae903c93d9817c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2ae6c662aa6f9a39a8f036ff784378b9 |
| SHA1 | 3ae41578b8dcecf6087ceeb625cb18cd1bcae62d |
| SHA256 | bd266c8a548fa187dd6b1a4e2460772595f34fa2456dea658cca991d03db838c |
| SHA512 | f2c62a61bdc8fc324f05bca6865efb43d6cfea1a2cf86d1a352dee39b2a87198a811b7586c14cb5baaf767ff85abdddaa63bc9ec22b4017b9e251164df61628f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0beefa45ee2ac43a01e89a9eb0645aa0 |
| SHA1 | 80bcd7524bee51f33b593be7fec103dcb04c549b |
| SHA256 | 22bd70949f74cb9eaf4804a59eb602ae49ddee8e9daee5bbc3e048ce00b7ce73 |
| SHA512 | be0b2128e1f12b0bb49d893ad36dfda5e9b801b23696d0f46d6ef644d615638f3e36053b954503472cb045a6737d92c9ae53861922e392b4efcd16ee9e61bf98 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | 7b6fa736e757fdccf706344a9032469d |
| SHA1 | 3630e305d7528dbc08b72befa4da1a8df9296f84 |
| SHA256 | c222aee73945cc5305228470f45b2fd1229a530716028a66d8bf927d433aba66 |
| SHA512 | 412866d104bf9790d191a6bc2a7365ad160a74b960839ee7ce3b099029f434524ff6f72634c5b13384f04691f8ae76651eb39e17ca94ba702864dd86b28fa259 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | b776eacd590925fd087f177327c5d112 |
| SHA1 | da7217b9d8852fcebf6ec0bd096dd00cdc985887 |
| SHA256 | c993d4aa00efbb7cf26bdd758b027dc3edca37cdb721e1a2c085baa2d67caa2b |
| SHA512 | a67df592aae1ca466f10ee7c6ca1da5ea85afd7c9662bbf73cb656b8acc154034e994d10f5d6e64187fcc151d1317989f92d4410c4d0e2eaa0f2f2885ef7b2ac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dec869b4d453336a3fb3fcdc4fb396ec |
| SHA1 | 9c73b8971f799bd5260959f36e80c790308d462f |
| SHA256 | a2e850c4892e097ef3e2d063a7d73e3c336272c35c94c7cafc1549a442a58a61 |
| SHA512 | b2f9a0fe00984abe1fe5f9d4501306e32d90695645e2a6cfa4f649888c6141087cba40f7032f059fecc0ab51a24f64d641f11665e1dd17d63158e2649efa4d9e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d78664c73324e48441b53c326c2795ce |
| SHA1 | e9595b5ed82362d4a3652e5ced446a9aa72f028f |
| SHA256 | 62b2d5c4f23df6c8772a1bb89d2f4599a2069fc93156b9b913e7604fae416c87 |
| SHA512 | 5e6c34f6acfc6601c1c2e783d9f971432c5f35d32c2c575ced252d4bc1c1fd667b456b35d3d254ea2eb353b75ec05095307c85564033ef1064bd98cca1944524 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 939d8011753fc59c1b3639353bde9426 |
| SHA1 | 48c699b8ee3722ca2da6a196c3aaa55fc3fde0ae |
| SHA256 | 24bb0fa5433a785ed7851df2c94dbb5b34af6a9ed75fafc0ffcb88e436883569 |
| SHA512 | 41269fbc9cd1c74bac2e6daad8370ce8fc87fe9471bd8a2f5eef8c586a7f57efae4b76e37f0b10a88ade6d631ce27b37fe807c6d93ce425e4970751b8a165f01 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 30f07f5a636399b86c44fea5673470e4 |
| SHA1 | fb50dac97a90cca168ead506e69dc2da9dfddbc6 |
| SHA256 | 9bfb4647a9e597290523c0d19c6bad84b0e01498f6106b56564c07268b5b8024 |
| SHA512 | 11fd7f1b2263c3031d0b1f990f128c4ba62969c3edc732ee6e06032014d81409955ab210728c5f2ea6a209a47103891376b172d14012f90b942709c8a8030188 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | e5dc31adc7faab331d081dcbbdc063ab |
| SHA1 | c1ad76987ffb7505977d7d7567967012f67e1a49 |
| SHA256 | c3beb3d50577b3d9a8e05a7fb5610cbae5f5fc361dea75fe6d3507192c8927de |
| SHA512 | e4a89f1ebaf53efd8067f16e0dcc4806dc4ee8b407c82f67c7ad9c8232838805f21f0302b68121fa645514271b2ac23296c7a1a7bc4efaa6dc6cb46aa02328bc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e33b4da84aca1fb5d28bbd4a20fa64cf |
| SHA1 | a7dd689d405cc19eabccd39471857b3a2ad6f709 |
| SHA256 | 452f9ca3e15a6089f3d629ff3fc8fb3f62d6bc163b0ed15faddaf866a16d0a60 |
| SHA512 | 3b14b22af079d5c4c6df000c3f8c12fb4668965ef1f78ccb8b185904287dfae2713e70655cd68dc3c67c27cb20d35612fb7e66d834e2536f2b99dda638f9bd5a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cba37c43af22b280422661ab925403a4 |
| SHA1 | a29b46c0e65f05c32ef12d31615b4676321f5805 |
| SHA256 | 9d6720ea084cced5366121281203e80c17766769d6bcb966574bb87ea3f55fdb |
| SHA512 | adca99b43a4571821c270521783bd676c0746aa335e041461b07716a4b4a41e908aed7140457bcfb9c67deffbf8d64c346b91161abbf3eacc398ca5ff1aa48aa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1de0040d49098415e9194d3f58c71b90 |
| SHA1 | 7b07307f28cef67e984ba05cec1b1afddc690c02 |
| SHA256 | aafded706c450be42fe4fb9cc2f93557497b2edd64a1b834a4ab1550b094d7b4 |
| SHA512 | b0a3e234965f0731821ec221ee2a3a48d71d06a0230e71172ef9b34bd5adb86de44e29671fc7cf68002aef05a9f6d818c3b33bd44c7afcc8781ef099c73eb041 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0a47a86f72de4c20e1d971d8d49114f0 |
| SHA1 | ddc8a18c36015f24c61f550f4c3fac2e019dd26d |
| SHA256 | 360a7b11e91ee4d83c139758e63eddf1790a880fc957a742e4be12d243bb7f24 |
| SHA512 | 345836223bcf69ab3301f5feb1a0652e7f0b55160f584f6fab9bc452395a517aa315113a0f41c07169d6756b797708e43c0e8c740d555ea7755848faa6d34f1d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | 7a5b5923437105525e30bd2e0d27b681 |
| SHA1 | 1782ed20adcbcdb9f82befe1a45c343d1d96db3d |
| SHA256 | ba05b19980072b8d0936a77207b22a51d032c4b26c5f50362a92ed4340599af9 |
| SHA512 | f5865b71977edfe71c6b27769c155cb6372474cde45c1278f3523ef0d4861ecd6d22d986d854271c23d54e5731f5ba267c180f2db7df619263826b581decd054 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | ba38206293c8dca3c05646aedc3c4799 |
| SHA1 | f2092e5b2412b38eb1032a83c3e91c18e35e01ff |
| SHA256 | 73f6171b98a0bd4d70d4fcd94d59cc247e6074ac558925ce8d1ff83468574f26 |
| SHA512 | 1e50d486110b3f6725ffffb5d1dd16ebcaa499c2cb1dc3de9d71b96b036accd5dcbb508b8e5017e7b62f06bab10ae22f39f10cfe4d7cdca0762d2f323aef02dc |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | f26eef353fc0431a8f16d8b5246cba52 |
| SHA1 | b1bfe648bed3e87ec5ee23dca903e79684514b63 |
| SHA256 | 00da6c40dab45b1cab23f8f2233c2e8dd5a84476a85cc33769b0ecc1f5890792 |
| SHA512 | df4f8871740e697f0b208639fb914b1cccd25f13cf86f3fddf34af7243bb6cf3a3446a73bc55c73c6a738f4459b1bf186541ce1a19d34fb341252cee816b1d96 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | 02b4c1ea5f1cacfb73f0a8d56b27e2d4 |
| SHA1 | 7a059a470004fe0e59425db46ff1395a4d24c303 |
| SHA256 | 8acbe118d8eacb569cf3024baeab472ee45587888922defd02fcf24c8449a073 |
| SHA512 | a9abf3ae39b7ef9cff60406a3b67f560daeae74bca0a5a6841c394b93d2335e560c91055f2a6a1463686607fd5ecf4662a3b57d575108e82a07f6060e7d79da5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | a5898bba0ed0a97337bb64bc8137d406 |
| SHA1 | 8c70ace63f4db9c3192ed94fef47e218a986a27f |
| SHA256 | 73977edb62a4d6189c21111ed6b725cd8f47e7aca07a555007c90c66f9f18d75 |
| SHA512 | 892b0fa47cdb0e2414b257ca4db9508ec3036b48b41411f6df9fbb39f757bf54247ce7aa4129b4fa5332686fe6ca537027a5261a4bf2eccc99b7fcc0ea5a0726 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | a45aae838663752b1fcdc0ad0430e210 |
| SHA1 | bc7a7f2e596125c7b50527ab01bcbc7c468a3e39 |
| SHA256 | bf5cd5f03d0e5a66e6ecdcbc90a36be469fee2279912f55953f607d7ea40410d |
| SHA512 | 2ed79cafd89fe62fa7d94e87d66a9acd31f87425c98b851ae990e39d60febc685dec12d093c78f8d4a69e155df292b620f8ff5269ef9da76e07264af42ee9058 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | f1ac03f6bf742f8e63fcf1d9ffa73a5d |
| SHA1 | 6b652bbb56f2abddfe3be23a2437addcc78977aa |
| SHA256 | fe6c65482c526a123c806411932d4b9b06b59bd4e59016f61d7a66952f0da42f |
| SHA512 | beaa73fa7687168e39c3903a877f1f9ce85e3aa890638da09aa8083eff767fd77a59e749fa92a5e7e2c2fe410c2522333c95ec32d38d3ddcfe6ac25f61a1034d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | afc9f0a19ddf06812b0bbee12c0bcf56 |
| SHA1 | b99457b5aeec4d6a93872f4415ae3df0afe5640e |
| SHA256 | b5e248fb6b6b8886016255149eeec9e41d7eb1b0844239a5a571e4f4f3077b30 |
| SHA512 | 2b1d6feaea8e9b52035bd7c67b43d8b16e6f452a69e08a6bc923210358c9d4f0f719c04d9b2c71d661ccc2431bcc5a6c2df9acea545d5f6709674f27b22ef650 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2f63a57d20dd2fa898a280866caa6355 |
| SHA1 | b76f7c49dbb08619d60b6b3578ed97f48c2d3a1c |
| SHA256 | 31b620e594063a236b09cc9ee6e8c6bde32e86a74ec105da2f8046c5849d7f9b |
| SHA512 | a8fa12c5ce32e90ee5c14473382a2ea66ed085934cb2496e446e3693e96ea573ab70d4aa2e475ba01b7d0509479a24b432fbaad30efe573f042e8e531e2b1947 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 32019f564f1c74654d60b32919ba72b0 |
| SHA1 | 356e485c336f1f76e687ccf518107bb49225b7ba |
| SHA256 | 781e1d24157973913979497d71e4c741513d9e6aaa94923f850fc7de0889cc86 |
| SHA512 | 4d54bdd23a8c818f144966616f2fa912965f550165362d403fdd86ad936d0ae766e99e32d9f6e9414ed2e10a9f1b57dad3da338c1c43a95b6e0734119141ff2c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | de553ffdb43153ca25dc41db7e92b104 |
| SHA1 | 0487c5814530f2448c194e2f336cbc5380b709ad |
| SHA256 | 39491de91e51c25b7f7def7b391dccc658803877234ea51fe6c900bc82232661 |
| SHA512 | 26bebddc89964179747652122fdb5166d87dd14d51ef0f0eb5cc98168a9485976431b175a4fb8006b6248e3b5c62145e6db966306af66b07462b75d625eb4118 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1d98d1de206e5b1be52e86ad6082b23f |
| SHA1 | 07718fc52b066d873407a6c14dcbd687958dfeb4 |
| SHA256 | 69dc34301f4e545979f9d8231e50395f6f0a99f339fc111aa8f0e7e83ae0362b |
| SHA512 | ba908fb24f6d86bb02bd8d8a0e088a77f02cd089bdaa13f930e5765e1afcde1642131d90cdce380bcf349c89c02b0663c642e2ae1995b0cd374dfb18e30cd517 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | db4dc67a99e88e8e68464e00f806a77c |
| SHA1 | a7f2d71c9b9b820886b479b62042b30b50b35cb8 |
| SHA256 | 16c38f2002dd28b6992c14efb202742bad0aaa1b1826b93e7c82343cc14dcf8b |
| SHA512 | da8dce53fdc4529fb51200ec0b14e2dcdd532373894cb5acf64501572ad5866f5c16be2105f3d8509222d9c7635a82aed5535cb1942da9985477e650e618be28 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b731496c554897e3b6f48d42cfb029e6 |
| SHA1 | c11b42277c153d14f201e1046ac543e6e7f7b384 |
| SHA256 | 65e2000efe68d03f000b80c4d66a3140f0ee818f7665b21664ca0b76de650a7f |
| SHA512 | 41304f0631d9c24932b0f09601447492e2fc2ca29bf35cc21f7b9fe2001fcd69250f8193a3c349863225efaf46f7ea4ea5f79b275979a26ecd179ec71048fdac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 41d6c77ec564e1f981a8986e8754e380 |
| SHA1 | f07637619824e9548939dc8955b6e7694fd018d2 |
| SHA256 | 8fcefbbda79bb6aa0b013c8b6efb6be688680bacfd3e15d591e6eb666104d21a |
| SHA512 | fefdb1da68a2bc2e33c278efbb612f69065330b8784c4b79b6684414538a3b61ff662bb86f34c89047bb574c2bfa6faf8f4828eb81ae2ecccf15599afeb9a09d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c0022dd1c50a3ecffd9d32ba43a80f38 |
| SHA1 | 4406f172b2d2df8dbd00b175de9309ffd47307a7 |
| SHA256 | 2fd58632d74913556bf6291a169efdd85a6b00e329c933899e2fabdf487f9133 |
| SHA512 | 00f92461be97bd4e7aa7d4709293351590e8d311cb4ac51c548557d704fa924c1dd4f6c7ae9399dcfacc539eda972751d68745e20a606bd54af8a8b8ed7dd4fd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fd4859fb12f5cf8befaf0b9e2771033a |
| SHA1 | 022dd3a7d7f0a24b47310e76a416e5fe9b201a9c |
| SHA256 | d662fce68baeef6ebaa6d21b58f4efbc5d3fbe83d509d139ed20b381c0d68da8 |
| SHA512 | 058904d24769d8e5c3f47e82f48b70de20a2fc8170bd5b9856e0aac412b5532ed8630c9d539c6c7ea4444b605f0726a9c00fb97168b34a4f7a02cd5c49846d7b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A0S83SGM\www.youtube[1].xml
| MD5 | 00d78027a44273cb085617e69484ac83 |
| SHA1 | 95b9cf38c559def4a54a857464dd643111108a44 |
| SHA256 | f07830565257788d134905fe75494c073c155fabaf7efea6cbab33b92a33e927 |
| SHA512 | fc381c2248633b5cea57106bad866dcafec7e59fd47ca95ed7c19563222ae690032897335be1cf0710a1562341ca0953a9ecbc0bad250b04315e9ef489d88a73 |