Malware Analysis Report

2025-01-17 21:12

Sample ID 240603-n9ekyafa94
Target 91b8ca89b24fb9cf6024b83032c21265_JaffaCakes118
SHA256 06eb0c3fcd30951b1e1991ecb0a7175425aa51a02e82b6e94d660949ded97bf3
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

06eb0c3fcd30951b1e1991ecb0a7175425aa51a02e82b6e94d660949ded97bf3

Threat Level: No (potentially) malicious behavior was detected

The file 91b8ca89b24fb9cf6024b83032c21265_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 12:05

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 12:05

Reported

2024-06-03 12:08

Platform

win7-20240220-en

Max time kernel

146s

Max time network

147s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91b8ca89b24fb9cf6024b83032c21265_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "233" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "12316" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "325" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "325" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "12316" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e9fb15801812ab4da7368d984d666c6900000000020000000000106600000001000020000000749de7c6ead265aead31a2b9262c7f365ea6ad42d2239f20e92d91edde4fa9b1000000000e80000000020000200000008b1b15583f82566de6b8dfcef47093f1fac89c2201fb87ca43c8d5bc09f5b6e690000000bf4ab58092a48671497dc2800a5755d2818c3911ed2ea40c3eabe87eaaecd55ecc10779af3e4f520771caa197a30be2c35b4dd5059bae3750d7fd7f14e78f8bcbf5dc9fadb79055b56babb5c3f10738479b945fb2047225e3617750d4eb9ca8500da6a45b2cf756075674b10220d7af35cf4a93f395ec4d269a84987fe5235bc436d4b88029958251ad6e8b88c568e5940000000d4f2bb1a6369105d716324370331f8cc397fbdf7cdebadba265a60c5b87a225efd01544ca9fc658782b56dc01bca9f51d50e5b434b3263a06a4416447e703549 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "233" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "12316" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "233" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "325" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 0040646baeb5da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e9fb15801812ab4da7368d984d666c6900000000020000000000106600000001000020000000fa5d9daae81ad76d9db40814e604bf938880137d4b7d476194be9dc3f09b00bf000000000e80000000020000200000009122148bcd9c1fd377f12a7d27ab8aa0155117bb810087d7852da121280065d9200000008f4da66c5831422180827a7407fbefb31f5efe1e48a2d8dc47852ad5c54ea4d44000000027c8eac4f95914aa6ead070c706e38d964d45ad5902c8c2326feef90e69ae403ffe1473138e15413707912c1b4fd184abe36a50c0015b0b49314044333c446e9 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423578200" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "331" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "331" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{93C96F71-21A1-11EF-8554-DE288D05BF47} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91b8ca89b24fb9cf6024b83032c21265_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2364 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 w.sharethis.com udp
US 8.8.8.8:53 blogergadgets.googlecode.com udp
US 8.8.8.8:53 cdn.adf.ly udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 lh4.ggpht.com udp
US 8.8.8.8:53 lh5.ggpht.com udp
US 8.8.8.8:53 img2.blogblog.com udp
US 8.8.8.8:53 lh3.ggpht.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
US 8.8.8.8:53 lh6.googleusercontent.com udp
US 8.8.8.8:53 googledrive.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
GB 142.250.178.9:443 img2.blogblog.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
NL 142.250.102.82:80 blogergadgets.googlecode.com tcp
GB 142.250.180.10:443 ajax.googleapis.com tcp
GB 142.250.180.10:443 ajax.googleapis.com tcp
NL 142.250.102.82:80 blogergadgets.googlecode.com tcp
GB 142.250.178.9:443 img2.blogblog.com tcp
GB 142.250.178.9:443 img2.blogblog.com tcp
US 172.66.43.117:80 cdn.adf.ly tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
US 172.66.43.117:80 cdn.adf.ly tcp
GB 142.250.178.9:443 img2.blogblog.com tcp
GB 142.250.178.9:443 img2.blogblog.com tcp
GB 142.250.178.9:443 img2.blogblog.com tcp
GB 142.250.178.9:80 img2.blogblog.com tcp
GB 142.250.178.9:80 img2.blogblog.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.187.202:80 fonts.googleapis.com tcp
GB 142.250.187.202:80 fonts.googleapis.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.169.65:443 googledrive.com tcp
GB 172.217.169.65:443 googledrive.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 18.172.89.4:80 w.sharethis.com tcp
GB 18.172.89.4:80 w.sharethis.com tcp
GB 18.172.89.4:443 w.sharethis.com tcp
US 172.66.43.117:443 cdn.adf.ly tcp
GB 18.172.89.4:443 w.sharethis.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 18.172.89.4:443 w.sharethis.com tcp
NL 23.63.101.152:80 apps.identrust.com tcp
GB 18.172.89.4:443 w.sharethis.com tcp
US 8.8.8.8:53 x2.c.lencr.org udp
BE 23.55.97.11:80 x2.c.lencr.org tcp
US 8.8.8.8:53 adf.ly udp
US 172.66.40.139:443 adf.ly tcp
US 172.66.40.139:443 adf.ly tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.180.14:80 www.youtube.com tcp
GB 142.250.180.14:80 www.youtube.com tcp
GB 163.70.151.35:80 www.facebook.com tcp
GB 163.70.151.35:80 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
US 8.8.8.8:53 widgets.amung.us udp
US 8.8.8.8:53 publisher.linkvertise.com udp
US 8.8.8.8:53 s10.histats.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 104.22.74.171:80 widgets.amung.us tcp
US 104.22.74.171:80 widgets.amung.us tcp
US 104.20.18.71:80 s10.histats.com tcp
US 104.20.18.71:80 s10.histats.com tcp
US 172.67.69.167:443 publisher.linkvertise.com tcp
US 172.67.69.167:443 publisher.linkvertise.com tcp
US 8.8.8.8:53 s4.histats.com udp
US 8.8.8.8:53 accounts.google.com udp
CA 54.39.156.32:443 s4.histats.com tcp
CA 54.39.156.32:443 s4.histats.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 linkvertise.com udp
GB 216.58.201.99:80 fonts.gstatic.com tcp
GB 216.58.201.99:80 fonts.gstatic.com tcp
US 172.67.69.167:443 linkvertise.com tcp
US 172.67.69.167:443 linkvertise.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
US 8.8.8.8:53 3.bp.blogspot.com udp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
US 104.20.18.71:443 s10.histats.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 142.250.180.22:443 i.ytimg.com tcp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 fe0.google.com udp
CA 54.39.156.32:443 s4.histats.com tcp
CA 54.39.156.32:443 s4.histats.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 13ed5e0369cedc64c8437eb9a493a981
SHA1 880053c91809fef7b2a3d688143f554d5a05c0bd
SHA256 3560614f2f62c19498d2ad6c3b9fa8f232883167479de05e924a5a3ab19a8454
SHA512 18b3c940a3b722b58c476af4141ab987ed9f7557c1e52f3f20548b2c209abd67c943761d22e20ed59c36d69f8cd911285aff7efdf2d20f51c35cad62932aefa0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 81d9f767a725eb43633bc36ada52b2d3
SHA1 eefc887484e1a0247d66cac1c25d357b5e581e1f
SHA256 482cb1fd376a4197481637a9eb874c7665d0ef47df286f3cf8135300a7534b0b
SHA512 0ea33abe43bfcb010d0dfb9bfcb0bfe8dd4cd3967c2d62a1a1532bc36f6a6314b8664841b986e952cf403a93e0311f204880ec126db2faf9fd6afe37f4218967

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 b052a63b646c102364abdeda8b46f040
SHA1 b1684061e6195c3eabf6009cfd8a65e7be99e550
SHA256 88c17da2b9826e741d2b074f47869f038f5d1371d4ecb5c3388ddd89eafa51bc
SHA512 b5bb850b03ec166febcc3d0c733acfb0e13781604469140579e07b89d759235e5d88e291f0b28336839a51e479b475a903fe90204fbaea16d6e81d76d55173d1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 3dd277f680de4599cb89f3df24a22602
SHA1 16ccf78afa04d7381dcd7b67f1b5f976f35e21a4
SHA256 060673d4ec59fb156ec2e1af01c42b2483cc7235e6e995da0064a3777e851c5a
SHA512 285e9494cd0a573ebf888124cb0f19c350c7496269c3dde56a0e2204dd4686527d65cc9291a11c9f101257fb1ea5058b90460b3f65bb574c0b01688ff1730c6a

C:\Users\Admin\AppData\Local\Temp\CabE74.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 35de852ee6a3c71bb07f472be0c9f4a2
SHA1 f9ab823033ef13dfaa207694ef57928bdf5a2699
SHA256 68977f6b3eed5bf3656cfda4c76a750cec640eb245d9a22002b456482ba21b42
SHA512 a5e6a94577f1f346cfb9970ce21645c3e6fbc30cdc0601fc57e27e2b2ba5f1c396f73de4a5d252dc2c696cc4e003270a5cd79d0918421c5248b3351d7760a785

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 7951a3449f14807b40cb1552289e7601
SHA1 f4dd8464bb1abcf1ccd4b04e5fe3def9be1c7753
SHA256 ba82fa65002a8c4f5c61a3134721dc238abc2459a8b860a9bce20a2699101366
SHA512 f7ad1d4404350019b277b2a1ec9ff976f61954c1d73d7013faa8d7ed0a1032d9c5a17bbe1a36172b4111baffde454f82e4670df6701cf37d6347c303b9103ffa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 1dd18353dc0b219023d0f9e74a9956f8
SHA1 1971e9d49f119f7b4092827aabc74d64cebeaf6a
SHA256 74a4e105750b5cde85a9b1f05d53daac346922551c844a79420efc1e61ec972b
SHA512 676579cc6d01bdac22b22259907abaf08fe0f1f265414eef5a43e7eebc23a3f4af80227bac2ff4052a50dce09ecb55384ba3a1876c5f298b9af99b63a06a51a8

C:\Users\Admin\AppData\Local\Temp\TarED7.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f7355d440e9cb47b144922d047e8276c
SHA1 5dd7a4be87207ede36028133d6e37d595550f8a1
SHA256 9627ed8e838c8ff292725fceaee981a6b3cd106277fe7c83796f0d2ea6dbcacd
SHA512 7b2c51874be38dd1f7868f8c1c0b837d296e3e5b01bf366950c9ea22715225e7bd4dee47fb017ff41e82ff3ef47e272e59bffae19bb3f5d241e376ad7941a972

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_6B69C29B30EAF4FCF9E240B3D6A77FC9

MD5 80d86cb39f1f3a8840181629a4f3dd75
SHA1 2552df08e8adde0e511cb1851fdf7ed8fdb85516
SHA256 9c5eaaea05a73d7bdd160fcd360765b553727394dbf4867c36f6a746e548da32
SHA512 1be75be28b19a72b9ce87f2e340a54d12c09c263ce9794c6441cd91df8890f0c0892f8a031fccb5f29df05b9a3c0e3878934327cf411cc49d0b949033546f926

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_6B69C29B30EAF4FCF9E240B3D6A77FC9

MD5 d15af181df28a93d3dd0ec8748e1fd4a
SHA1 a3f4ca80c6c94c21fba95801b8171186374fe808
SHA256 897c589d175c21601455adee18069f1ff0b0701b57d11a3f3fc1b13c2f9bea6a
SHA512 5dd966491348ba2d0095e208233340e0638421f0314363534e8e97dc1688dfef943c6185b47e52133d83ef7f23a4a624c0cffb89d6ecee6d57fcd4400e708bb0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_827A2BD464611B5891D523F77B43FEB1

MD5 3cbd995f8bc61a3669d6dccec2391d8a
SHA1 39e5903bb99f1d045f6b0c2429b43ea8e2d551da
SHA256 d302d7266945490d5d06e91e1c2557830688004c572f39343357dfd57ada50e5
SHA512 6335e0e9db04d46564a47818a02c3ed714ee705dbc70ecadf252f2813ef62ed14bf739ea545d69e3214d21600a2d9257013545ab3bd7eeba17fe1fb07b2a22ba

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\TarFC9.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 afa2b71c1ce36194404a2b72cb732bd0
SHA1 811094e57b9c181c8dffe49c3e54cf8b997af1c1
SHA256 26b4cec8a465ae24a30e35b9c1d89d0a60bcec14857b73c9bf36e7b82e796f4d
SHA512 5126d3963277272c50e2d35ea1b83cf2bb2ecf79a65e95c82d2b11c8cf996b464de61c19d40573c9f50d0cce1f2d69284f0b791b4c0e503948312d5ce2b1212e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAB58HZ\js15[1].js

MD5 4beb0b1c8bbca69316e6eadcd83b1bf0
SHA1 602491c5f60960bf4ba7c3d2e600681a06ffcaa1
SHA256 429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec
SHA512 3bc8560d56f39ba09da8a3582587b9ca727dd9fa60582892a2a8a2d7de42fa0fa057b28986a0975b84589d8e9ef320f976b3731a19ea17c83388c1309041b8f9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1642534918be7c8195362d9d61a37d05
SHA1 640f2c871b1ea15236f69c1ffc7930d28d3481d9
SHA256 2cea61437dc650606556e284fae18945cc3d811850972e80342a5efac725d0d2
SHA512 3504ca43aa2d61e7ee890f90f42011d1c5db5b0029b41c9e743e6cb626a519be2793c4eb0dfa46c39fa00cf0ce6014815c218c1f48762734e73da6bb9964c153

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAB58HZ\platform_gapi.iframes.style.common[1].js

MD5 682c26af19b240f98d2cb951721fa54d
SHA1 18e58b652c7f82a55ab4b1910693686049e25d62
SHA256 96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980
SHA512 078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CY2G78MW\cb=gapi[1].js

MD5 f9255a0dec7524a9a3e867a9f878a68b
SHA1 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b
SHA256 d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d
SHA512 d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7c8f287878dbc8d8a25c67598c447d60
SHA1 7b6e2f8071c04b46eaa794b49b9e20f738df9025
SHA256 0947124ad39a76255ce202f75bfdf853aff68b3347c78ce49a76c33009141841
SHA512 a8233f1169b304954d418ee4c0a4afb94c53f0a3c499526479c99e9f65781e7a48dbda6c4e8276a77496bc1e110da2c904a82b53a9368e033708f0b6b602977b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\2912244[1].htm

MD5 c59333e5e45095a26f6a18eac0c55d5f
SHA1 ca5996f1b55542283f76331eaff509fa7ab5de5d
SHA256 2e7cd17084d8210ddd7cbb80a6a43b5dce92ce36f259dd8345205a821b828ec7
SHA512 85110fb175d2a1c345a18bcce6f3db82f4fc342c336fe37632fc86b0b32a14ec523a8710e0989959033c96baad7764174125211818a1f6868cc1366a3756c64f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c48f2b96959acaa4294c5ec3bfcf3054
SHA1 20b3d11cc30b397a7f8202969bb43a054e47f691
SHA256 241d8a5204a274f4cb7c513e00e82736929888a4619a4a5c446c82341fb1f333
SHA512 4a66acfc530a826e9c74a38de511341905d904d5f3f4d936254e7020180a5dd664688b582a4d3f6fcd9315d1a7e5bac7d5c371f7774f11fda4a21e3ee6ec4455

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\2535QF4B\www.youtube[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\2535QF4B\www.youtube[1].xml

MD5 32be8613288774ff3e1d48bb25447dc5
SHA1 e01228c2d74cd37fe6bc8e4fc572de4118f6b383
SHA256 356310825c0356fa02b179d22de8898c3d1ca4691eea249d4d32f6388f8900d5
SHA512 b23f9426543492baeb06492b35b1a25983499877a8822331fe74dedc17490b47bd5e5ae5819ea90ca4df986dce1532d111d237ebb88d0a9bc562590ed58f3c3d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\2535QF4B\www.youtube[1].xml

MD5 e2dcc6b1db790803f7aaf2572a4bd51b
SHA1 78a809d2b54b6d313082e0fa0aa461411ecd1dac
SHA256 c12baa12e35ab0a9d6e4a000c815cf4e388fd3fa49c0ab1f08bfef345e593761
SHA512 0a302dcdde70c06d7cd506f6aedd634dd81cb39bcde91dac506d9e04769fa5eb1d33459b0136216cc2a4363dc203629f33dda5cbcbb116c9b4c3944af63f7915

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\2535QF4B\www.youtube[1].xml

MD5 7e9175e7adc70607a38cf968cf2a4f18
SHA1 1bc12a5fffb071498d6b4bfc60eb82c08f50569a
SHA256 5b0eb6114c8e80e64be48fa09e959b9fc26d57e22ea032e4e1dbad2a36819297
SHA512 47bfb3db0802f95d459f5185db5cacbb9a06ad14789f810f34716332525f9ca52737123b64a18125a68ca4c1713d2ab8346ed536d151b524f869bf1b9f29ca0b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\2535QF4B\www.youtube[1].xml

MD5 635f916bfc30fe31f8fd26d2d1b1f4d7
SHA1 6889ed4ff62c0ad8cc26c45b4ae5b3f85bf82140
SHA256 86537eb4091ee0fa5bf86ca9111e3891dd141efe331ab4ffb0968bf00839695b
SHA512 047ff91705b6e876f5b22e62c191415227669ced031d0158fca1e680e556a1091d0a6a4d79ed97d3c04390b70841a4c37fea1c123cb69e21877ece49618df65d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\2535QF4B\www.youtube[1].xml

MD5 456689422a104e49aa23c634e5894af3
SHA1 1062999b0d2120049e09573142e6a31fb8afde0c
SHA256 d02889f0ab341b7719a660bc85ef40018d022fa93228c210f179689db1e513a5
SHA512 2b6220d777f2179e7c0b3dd5e4b07bf1746f5c125fcb2ba799fddaf386a5c07a7d537b98cb06972eaeb83086188f984ff6d253cc95d46db2b33373332b682d08

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\2535QF4B\www.youtube[1].xml

MD5 033fed4a4f1f27468da2933f43e880d4
SHA1 175e1ffa6cad526d838aff176f56362c01f1c9c0
SHA256 bf89299c4c0c3106fd04a3121b9c720dc33b2521dd7e7803630d8291b9d59792
SHA512 d54c45bbddd4d6f31c435d505b9b551082550407566fbc5d8521bc48bed25898802f6ad21dc7216eab8c7cc4bf098198e6371eb62a8448176e902e6009507e20

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3a4b4aba60e34aa209325b8b01af4f5a
SHA1 6c54c8ecda10df64da7dd6f609d721a4e3755a3a
SHA256 d63d9fc677429431637a6143389322bc2235de47afbc97d8832787f05315d8f4
SHA512 9fdeefabcf1825934f5a5dda8cb3d735ba5d8db13fe3e65087acb72d165cdde5eca252790cf05474e967fdfb5b74597c6e4956029c047ea0972967d777c78024

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\2535QF4B\www.youtube[1].xml

MD5 74bf9a371456b983bbe1a0fdf2cd8584
SHA1 4b7617b6cbe712c400442b7a69e8970d21d41885
SHA256 42d74ed2ed4098b3d1ff63a912def90c675771f4bf65ab66e3d25673d39cc32a
SHA512 37d5e5c98c4d5745122a31fdc929acfabba7621a9c39124d5ea6c0ade133567cbf602dc969f2d0168f43c62f95889fc41955abb68ff000bb173e77f31a1779c5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 56e84e644e2a9ab4c82cb4cfaf212cf6
SHA1 c9376493b0ec26d78ccb2b22c49c1e015efec088
SHA256 1f7bab7c07baf01d397603bd946e400c680eefa515caa9794d73c0ff05726949
SHA512 3049074a6833827fb4c411eade65e4498972f65b4a3f632f2569035252e03dcf7bc699d4afe52785b228e9aa4c38af118618fab202e778b66066028da738a3f0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e19ae4e699ee059ccb7ae3629e0816cb
SHA1 600ccdac4f0d80e756ee5e5339468c4c39ef4713
SHA256 7aa16989f052fc48d17afcd6c52a64dda784f1de48b12c7c5fa1720f45dbf2ef
SHA512 2048b3c652ed8cb8f97759c6a463006382a7284a117c7686c94e12512c5c48e468f5c0d13b34efd0dc7748d279ba026a120e09f07465c7063ec5a48f4bbbc5da

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f8b78d9209440758cf902e782a0dcaca
SHA1 aebfa35982f23c3950ee2a3c590c7ae81e7e5e18
SHA256 a989e7617ef4c63d0f0cd2bc7b469baa53ae1fcfad8b3180c9dee4b98e279d1c
SHA512 94c61b2414e5f34b2bf35072c6b635a6556a7c20efa0a0df0991019ffd7784e0b4e764341fc33c4e488a230c6dde652b41b61a3f61396a0941bf98c39bfc162b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 168f28f9303b14954107ae1cf65df40f
SHA1 ee2d580c312ec98410a5a5823ac6b2ab1579fb88
SHA256 4f2a8b939cb9552d6457cc0fd2d46f317d6713b91f402c9fdfad106b550df8b4
SHA512 f5fe75bce254810144d60fa1632f9d2f723b58084ea1ded53fb2a02f3183a306792f81a628b414e8609461a5859e5283576906403ffb2f244035e16c41d953ed

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 37b14c84ba6aa5ebc8814a8896598fd3
SHA1 c4a2504f4fb2f598ade6bcc3137f3def91c9247a
SHA256 22e3629fc5cbc39f1168f36ce5243e701891cd1c1c6ffca16fede40509ddcf8a
SHA512 343aedcc3e687aa578058d30c01990ebd2886f9a6485b24f31daab6b9fa9985717ceecf672b393a45dd043efc454f245004060aa51a0196d7373ad338e8ad5a9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9081e3092e90779dfb1cb37adc73c33b
SHA1 fb76773c4be070a0ad231fffb790e3c6e4714b8e
SHA256 4d41802feda298674b89af3da1e53bb2649773bb59e0a695c3e0821a58708b8d
SHA512 63abdf0d65be141329f30a8bcc6c451a85fc5d593b721cf7b0a197c2c85db9cc5ab171d408f1cced406e6ed5e8774aedcebd07d3743ef29561ede9e1a99177ef

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 189cf9851d91dc57cb2f8dfaf526bae8
SHA1 4044977e1fb92e481406546cddedbd25b966d1ec
SHA256 a641f7c1df69846fe27bf7c742b81ea37ffb47b4cc1776eb7a3687626ae98dd2
SHA512 d6f9ee6eb42521dff14e41f27b818011adc3e5e73ca3fd79737bbc1fab0ddbe70c52a634e1b5abe9bee034b8ac9ea353fe37c6740644073c86d5dd2ecf178121

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 673d74e0f7666c7f9b4c5477f9b84b0a
SHA1 70779b3b41c7d806cedaf1a8f798f020d246ddb8
SHA256 6eea0067ce07eed59010e9432b113cb697cfc450e331491c4be6f13f17d7d41f
SHA512 7d9ff42fdd7b9e3a7d24bc1564d056ef8c1e51c51213bf143d1549f7bc50a44216d61adb7b960120da2321345656c861880526e3d40ab4c2b8661a5d7471544d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e9a487d223909f9d33c903f78b8fdf74
SHA1 6d0126ea7533d9a85bae78063c33c33506a8b31d
SHA256 32863e4e8b3d67c9aaa0a1e4ebe02c43f32b95b127f494cf751117e420ad867d
SHA512 375ff8f64a9aae2738b9c0c59fbe72549341953ef74cd5e63ee59c13eb30aa13a443457d9668966a610571dbe3669afe1461ba3b4f204e72f2ce84002cd3a49d

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\2535QF4B\www.youtube[1].xml

MD5 ccda3aed807dba1f321b456a6b5e8ee4
SHA1 b19ee3a006c0551bee21792240505d589302b372
SHA256 e81ee29baa1973af709fd552455e52bc903163204c72c2aa2b79704f4db1fcb9
SHA512 f1ec73da6913b52c4c8d03d2828ace84daad05bea15f902bd4d924b4b3c816dca5667dc89a4ca2feb9ebfa99c8a057c92ab8e50a7a4debe3d230c3fd420ba600

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a82e57c46f6e0bc92d02f0140ea5d65b
SHA1 6f97fb4c88e28b895fcad0f2a5436dda01ead1bd
SHA256 267988d287f2e7d4e9f81d8cc9920856687a3b9fd91bd573b22f058bf122981a
SHA512 b76c910a59ec67a07697157169d9f5ae19eae60fb28d256fc4810e09e562f487e89f9994f03abcdfc474f84d092c639a978ecfbc82ae6154dc4370ce43753880

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f14ba6bcfbab0aeadca08fe55b6fb289
SHA1 e77999c13a57b20c8ef3f7aa38692abae861b6b0
SHA256 82fc745464279cd2d2fe495c35a01e6c74858fb4b351b8147e8a6fa61f0de296
SHA512 a6c195f5aa39649cecf8ba7b69e28db7bcef4d7418de8ffe73c300974e68c64e3b04dacb308fc25b4e3f666c71f3b2275176fc6da5adf14dfa39bcdc4ce61cc0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 82a3f7b0d7c2b85a8530392764c5a86d
SHA1 aa9bde878a415d3299061c0b238177af55b9c4ea
SHA256 27d03d2474dfb446f57e4c4b7a907ec7c49050d2fb48dff27492229125739742
SHA512 b68f9d95a8341fe415ca73e1a978b69f1f10ccd77f45485acad1cfc31f15df25b25cf2a1eb9ab7cdb273981d374dd384dda60b3c0b1fb962e1678311f2c61402

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9fb7de5023d97daacb32ae09feca5eb3
SHA1 021208918ea1430f1c0d600f1e9d6a36048cd039
SHA256 0708e247aa8723e69dba110c49765b3aee1db5fd765679ebd481035fd2f36442
SHA512 8e27db7029c2ab85f13147c3195d4d6bb5227e84b46c32ecc48111435e077423785cf00be6cd95d552263b844c30325b25fc83145677719a906812811a76d4c0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 34d2755be313dacf641dc78a06f5329d
SHA1 95582683080435c0ad3cf1f879e4250761f2a9e5
SHA256 4ccfec16c93204d83d5f2e5088242c56d0f8d1ff192a8c591c51a3efd5d08cac
SHA512 0f24d42e6eef941013b149808bff5a3dec9c084b162d6a2d301c62256aad1062fea32a1861ac4bc7b771fa54a55f4fb9d08fac2ee74560e891f7a73d4be8cc01

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 aaf3ff5708c6e34c1bc2f6ddcca35301
SHA1 c5eecf5f03fe83a9408e9fb01d78fa86fa354562
SHA256 b133033b7989b1455b6ed1a4841889655306a8b6aad2f8f1ed935a7a5d59e7be
SHA512 ffcdb68ffeb1f245520729762211fad01129a1ac3f03a8281a0c087b410be779d896068955017bd1bcf8e5b2f37e806f4cd53ed804df2a0e91808c4b51019824

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 365c10d751de8e90eb691dc429213217
SHA1 e1caa3db9e86b17388d9dd12cc74bc5a074a292f
SHA256 16fd38a3a5262d70b955119e606d74ae72c041c9d5ef717b25e169d32416da71
SHA512 4e1236d8a9c7e0f6f35ceb59bd8ff2424dd906b16f08d916db3de4217e4bf400bdbdc8e5c44b60713707e5d9c595466c1277974604f335790109c6d6b0e1f4ab

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9121b158d5a25ca8a7c9d2fe6fb5ff4e
SHA1 847b6d6f8a05235c84f96d3071dbe173f88615c8
SHA256 5e7d21fa31974356abad50f5eef995d1e34f33933ee35e87c0ee8ee6bcdcf947
SHA512 fcc313cc4608e8ef985e52c87e5d434cb8b7c1baf87acbda0315cd59ccb1b850922406eabc63cbe59c2efb1c93dca757724aa95c05eadce192fc49e6377fa4d5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 953ec6aa95210ff15a0db9fcd2e5bc51
SHA1 9a123f45636d3b6f01a8730e0e88beb3c9b70fe9
SHA256 345ed8a76c1ff6678ffeff594e2543f8a855a4605e1b8f8804d6ac072fe96f38
SHA512 d130ff6475edb684f1cfdf71ab6a0aedd1d279c03730bb9bd58dc5fa2c7dfd77174ccf31ce6be725e7e2717e13bb6ac55e0ab28b015e7b9a3d1fd224bbff8d06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d19f0bf7e60171a54c3c6d91df1361ec
SHA1 b49aec2e3e4e2c48387905409553ad9d8de0c0fd
SHA256 4991df8382e41e4bb29b4d401b2a4cbd321725c0492a3c839c36a48b988bbf29
SHA512 d0e49347abf1b54e43556cbaa07c854a165bce06489ddd2e79a960a807866a187b8dc2c587de81c314815f0d0aeced1acb7784da27b362934c0d4fd6caf82235

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f3971aa20505149b2ab08a71e3ab6fa2
SHA1 7ba613a02c44ec82d5dcb251760f61ad7aafa231
SHA256 576d941b8101194bb01b1565d8209a735b97e7b87f04252bb187402aea3e6fa6
SHA512 339808906d1a38ed870f96d8de033753b25f1baa0dfec4013135f38e3b81145d63bdac2306bf1f8567de41a0252c52510ed035698d2b5ee350c5dd49b517c41e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c20fbde230ade0d5ee5bc1942dea232c
SHA1 0c6eeb6ab50fff518c6c7748dc563b38cd1a8761
SHA256 50f84e262383ccba2ba3392f78960221df684efa150cbac1103bdbf92b3af533
SHA512 5ccb8962e79ef2fcc43c34be7c885ead04d5059c930fa2b3e0b96bfb96f0a1eb9134bbc79b10d191a2c65f26c7131d91bee0d9a7416a3b48ff9fda2f41be382c

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 12:05

Reported

2024-06-03 12:08

Platform

win10v2004-20240508-en

Max time kernel

135s

Max time network

142s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91b8ca89b24fb9cf6024b83032c21265_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91b8ca89b24fb9cf6024b83032c21265_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --field-trial-handle=3784,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=4108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --field-trial-handle=1280,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=4660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --field-trial-handle=5192,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=5216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5224,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=5364 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5356,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=5468 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=5856,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=5828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=5848,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=5988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=6108,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=6140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --field-trial-handle=6292,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=6312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --field-trial-handle=6460,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=6476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5780,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=5976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5624,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=5612 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=4684,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=5648 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
IE 94.245.104.56:443 api.edgeoffer.microsoft.com tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 cdn.adf.ly udp
US 8.8.8.8:53 cdn.adf.ly udp
US 8.8.8.8:53 blogergadgets.googlecode.com udp
US 8.8.8.8:53 blogergadgets.googlecode.com udp
US 8.8.8.8:53 w.sharethis.com udp
US 8.8.8.8:53 w.sharethis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 lh5.ggpht.com udp
US 8.8.8.8:53 lh5.ggpht.com udp
GB 104.91.71.139:443 bzib.nelreports.net tcp
NL 142.250.102.82:80 blogergadgets.googlecode.com tcp
US 8.8.8.8:53 cdn.adf.ly udp
US 8.8.8.8:53 cdn.adf.ly udp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.187.202:443 ajax.googleapis.com tcp
GB 18.172.89.30:80 w.sharethis.com tcp
GB 142.250.180.1:80 lh5.ggpht.com tcp
US 172.66.40.139:443 cdn.adf.ly udp
US 172.66.40.139:443 cdn.adf.ly tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 w.sharethis.com udp
US 8.8.8.8:53 w.sharethis.com udp
US 8.8.8.8:53 googledrive.com udp
US 8.8.8.8:53 googledrive.com udp
BE 23.55.97.181:443 www.microsoft.com tcp
GB 18.172.89.30:443 w.sharethis.com tcp
GB 172.217.169.65:443 googledrive.com tcp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.178.9:443 www.blogger.com udp
GB 142.250.180.1:80 lh5.ggpht.com tcp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 img2.blogblog.com udp
US 8.8.8.8:53 img2.blogblog.com udp
US 8.8.8.8:53 lh4.ggpht.com udp
US 8.8.8.8:53 lh4.ggpht.com udp
US 8.8.8.8:53 lh3.ggpht.com udp
US 8.8.8.8:53 lh3.ggpht.com udp
GB 142.250.187.202:80 fonts.googleapis.com tcp
GB 142.250.178.9:443 img2.blogblog.com tcp
US 8.8.8.8:53 l.sharethis.com udp
US 8.8.8.8:53 l.sharethis.com udp
GB 142.250.178.9:80 img2.blogblog.com tcp
GB 216.58.213.14:445 www.google-analytics.com tcp
GB 142.250.180.1:80 lh3.ggpht.com tcp
GB 142.250.180.1:80 lh3.ggpht.com tcp
GB 142.250.180.1:80 lh3.ggpht.com tcp
GB 142.250.180.1:80 lh3.ggpht.com tcp
GB 142.250.180.1:80 lh3.ggpht.com tcp
GB 142.250.180.1:80 lh3.ggpht.com tcp
IE 34.242.6.0:443 l.sharethis.com tcp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
US 8.8.8.8:53 lh6.googleusercontent.com udp
US 8.8.8.8:53 lh6.googleusercontent.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 216.58.201.99:80 fonts.gstatic.com tcp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 ws.sharethis.com udp
US 8.8.8.8:53 ws.sharethis.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.180.14:443 www.youtube.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:445 www.facebook.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 142.250.180.14:443 www.youtube.com udp
US 8.8.8.8:53 56.104.245.94.in-addr.arpa udp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 82.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 30.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 139.40.66.172.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 139.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 181.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 65.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 0.6.242.34.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 203.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.213.14:139 www.google-analytics.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 172.217.169.10:443 jnn-pa.googleapis.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 22.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 104.242.140.51.in-addr.arpa udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
GB 172.217.169.10:443 jnn-pa.googleapis.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 www.facebook.com udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
NL 23.62.61.113:443 www.bing.com tcp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 113.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 widgets.amung.us udp
US 8.8.8.8:53 widgets.amung.us udp
GB 142.250.200.14:443 www.youtube.com udp
US 8.8.8.8:53 widgets.amung.us udp
US 8.8.8.8:53 widgets.amung.us udp
GB 216.58.201.98:445 pagead2.googlesyndication.com tcp
US 172.67.8.141:443 widgets.amung.us udp
GB 142.250.178.9:443 resources.blogblog.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 t.dtscout.com udp
US 8.8.8.8:53 t.dtscout.com udp
DE 141.101.120.10:443 t.dtscout.com tcp
US 8.8.8.8:53 141.8.67.172.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 10.120.101.141.in-addr.arpa udp
GB 142.250.178.2:139 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 s10.histats.com udp
US 8.8.8.8:53 s10.histats.com udp
US 104.20.18.71:80 s10.histats.com tcp
US 8.8.8.8:53 s4.histats.com udp
US 8.8.8.8:53 s4.histats.com udp
CA 54.39.128.162:443 s4.histats.com tcp
CA 54.39.128.162:443 s4.histats.com tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 whos.amung.us udp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
US 104.22.74.171:445 whos.amung.us tcp
US 8.8.8.8:53 s10.histats.com udp
US 8.8.8.8:53 s10.histats.com udp
US 104.20.19.71:443 s10.histats.com tcp
US 8.8.8.8:53 71.18.20.104.in-addr.arpa udp
US 8.8.8.8:53 162.128.39.54.in-addr.arpa udp
US 8.8.8.8:53 ws.sharethis.com udp
US 8.8.8.8:53 ws.sharethis.com udp
US 8.8.8.8:53 ws.sharethis.com udp
GB 18.172.89.54:443 ws.sharethis.com tcp
US 104.22.75.171:445 whos.amung.us tcp
US 172.67.8.141:445 whos.amung.us tcp
US 8.8.8.8:53 54.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 71.19.20.104.in-addr.arpa udp
US 8.8.8.8:53 whos.amung.us udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 98.58.20.217.in-addr.arpa udp
US 8.8.8.8:53 e.dtscout.com udp
DE 141.101.120.11:445 e.dtscout.com tcp
DE 141.101.120.10:445 e.dtscout.com tcp
NL 23.62.61.75:443 www.bing.com tcp
US 8.8.8.8:53 e.dtscout.com udp
US 8.8.8.8:53 75.61.62.23.in-addr.arpa udp
GB 172.217.16.225:443 lh4.googleusercontent.com udp
US 8.8.8.8:53 ws.sharethis.com udp
US 8.8.8.8:53 ws.sharethis.com udp
GB 216.58.201.99:80 fonts.gstatic.com tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
NL 23.62.61.185:443 www.bing.com tcp
US 8.8.8.8:53 185.61.62.23.in-addr.arpa udp

Files

N/A