Analysis Overview
SHA256
b798138627595c5afa8cce796a6a58085b431371e65eaabc360dc320f2d16857
Threat Level: No (potentially) malicious behavior was detected
The file 91d3f039c50f7ebf2bd7577922e01867_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 12:44
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 12:44
Reported
2024-06-03 12:46
Platform
win7-20231129-en
Max time kernel
141s
Max time network
147s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{FA825561-21A6-11EF-910D-CE7E212FECBD} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423580520" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 40b502d1b3b5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000040ae844599547f41b24604585051770a0000000002000000000010660000000100002000000099454d44b0f0f0c0f360b100987882bab47a2e39a8243f5109db303c78b93b12000000000e80000000020000200000000716dbcdda6fba950dd6c42abe47213d71212ca863108a141da3b94e6e7349a520000000b4bd094b0d8e02666765c11fc3d1d4cae3f3c731e77a87a1f52eda30bb5119cc40000000e7c52d150d2a9bb35d6bb1b47349837b913893bded051ef2c6c9cfd71ed85b90ecf94aa9fcd4a10abb5d77da2fbbef56f556f6223a55a623dcde6096cd8f3d6b | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000040ae844599547f41b24604585051770a0000000002000000000010660000000100002000000018eb09fdea6a1f413e386dc326866f997bcdfe446607f0707b83f8bbcb6de2fb000000000e80000000020000200000009a890db081a6d372c8d3ead4f34286d9cd0dcbd7e7c01fd345e1167f893ae1b590000000632f2a8c1ff3354379d60a611feebcac19fca874835cafe2513de5fdf88fca513b3ea98c231c3dcb5f00ab7c9f372d787ef0dfc9bc4b8b9e1d52ab66f1ff409b5e7661806cc3879022ea5e465c70b04ac7788fe3e3c1b9f81a7c8eeeda98019887549ea678aa7f1790fab88a28f59764a3f5fc712384a5883a1b928ec0099d7588fd2d96d796fe91d4393f079caf0ee9400000001e122badab2509966e113d9552e3ea496f52261e0f35b32d94e51ea61ea10f58c8b7ded06389d4403958418c109c894d40ce0922e080f97055bd41de8e60cf8b | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2244 wrote to memory of 2388 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2244 wrote to memory of 2388 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2244 wrote to memory of 2388 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2244 wrote to memory of 2388 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91d3f039c50f7ebf2bd7577922e01867_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2244 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | cdn.rawgit.com | udp |
| US | 8.8.8.8:53 | pop.dojo.cc | udp |
| US | 8.8.8.8:53 | cdn.statically.io | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.180.1:443 | 3.bp.blogspot.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| US | 172.66.40.196:443 | pop.dojo.cc | tcp |
| GB | 142.250.180.1:443 | 3.bp.blogspot.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| US | 172.66.40.196:443 | pop.dojo.cc | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 151.101.1.91:443 | cdn.statically.io | tcp |
| GB | 142.250.178.10:443 | ajax.googleapis.com | tcp |
| US | 151.101.1.91:443 | cdn.statically.io | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 143.244.38.136:443 | cdn.rawgit.com | tcp |
| GB | 142.250.178.10:443 | ajax.googleapis.com | tcp |
| GB | 143.244.38.136:443 | cdn.rawgit.com | tcp |
| US | 151.101.1.91:443 | cdn.statically.io | tcp |
| US | 151.101.1.91:443 | cdn.statically.io | tcp |
| US | 151.101.1.91:443 | cdn.statically.io | tcp |
| US | 151.101.1.91:443 | cdn.statically.io | tcp |
| US | 151.101.1.91:443 | cdn.statically.io | tcp |
| US | 151.101.1.91:443 | cdn.statically.io | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | jqueryapi.info | udp |
| US | 8.8.8.8:53 | themes.googleusercontent.com | udp |
| US | 45.56.79.23:80 | jqueryapi.info | tcp |
| US | 45.56.79.23:80 | jqueryapi.info | tcp |
| US | 8.8.8.8:53 | newsunads.com | udp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| GB | 142.250.180.1:443 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:443 | 4.bp.blogspot.com | tcp |
| US | 192.243.61.225:80 | newsunads.com | tcp |
| US | 192.243.61.225:80 | newsunads.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| NL | 23.62.61.75:80 | www.bing.com | tcp |
| NL | 23.62.61.75:80 | www.bing.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 440f9274f4869840f08531a40cf7c3b6 |
| SHA1 | 3da963ac5b2f68ccb7c0f859bc268d75ead7ce34 |
| SHA256 | bd7d27a2e34055d9e6c4106840261e9af15a3bf6ff7cb987bccc416a5aa7b247 |
| SHA512 | df469a27e16a0fd4937315d1bee8e1251b3c4a80ac217ef495d32437b05a61f44b792ad024c8984b9c1a55a49bd9810560e66523c02074ebcac6d1d8198ea0af |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 3e455215095192e1b75d379fb187298a |
| SHA1 | b1bc968bd4f49d622aa89a81f2150152a41d829c |
| SHA256 | ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99 |
| SHA512 | 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | a7958095d230e6ceea1cd350e5009658 |
| SHA1 | 7aa274aea38f51e7953184adecf8deee57ac9016 |
| SHA256 | 37aff2cba7868d1fb0e00674c0ac346d1c7aeda4c09ecab2c6d86f993f60c067 |
| SHA512 | d17a1f7cf840dd2856ed7ec0c0a1b9bd68d019dd6dbd3e61ffa7a3f1ba6c9c7b3d19e731043362de97c8cc8fa5c25be2d18f14abaada44ccdc593b316e9d088c |
C:\Users\Admin\AppData\Local\Temp\Cab1140.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar1146.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 90ccb63f096cdcccd4fffb04569daa2a |
| SHA1 | 4f3d92de0cd4fb2a7efbe2492f9c42fecd3f8b36 |
| SHA256 | fc08964b133302350ed6045ed23d9e048d396752e04f816776333fdc02bb2418 |
| SHA512 | ae42fceb65bdf3acdbe483519ea797323d6c10bd99e72bd4b17a73e72790b262cbb0d16f94bc6f39cf9e2299694608cbe3074c4836c91db00188ac7d8f53a557 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cccc593df0e5299521e9d1663fdd8e9d |
| SHA1 | b910762011ce2e21f0c700e2511f1944343ded91 |
| SHA256 | 7354e07496b536523bd0bdbdd401012f17256c9e3d52657a9799e7d28a20ee84 |
| SHA512 | f78e701eb148121a8e52174dcec51dcb620188fa025ebbc43fd8ca85246cc1ba658755569e868189e34f28780e71f9a69d08b7115b6c91ce853491e1696dd1a4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3071705463147e8af45c1ab2f3425cc8 |
| SHA1 | fcb701f829faf9aecd1907e9d637eb91bb9fdbae |
| SHA256 | 15f1c9070cea1146fa71728a3d61be21dfed511a3b69109afb16c041eec52e2a |
| SHA512 | 1efc6c913c4358075ffe3d30026467ffd26a87384dd71b3e9562ecbe842da50c2a633b610240d78d939866280bf8c3e0d2aca0a3696f91f65a1355065cf11d3d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 69a4387aecc05eeb51f5e907d4883b2a |
| SHA1 | adc740cb6cbee3ae04e5a2748dfbf7d23bdfeee8 |
| SHA256 | 3853a8c647498d782b21ae4f2abf9716c563ff0e18cc885a496617d93d9f2134 |
| SHA512 | 210120d5dc73ac9f3713bab871e42126038d1595feef68441879717f326a1b5669b1cff4c10152553212197cc57831ded0f088e07731c2652897ec6218a7fab1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8a46216906428fce848cc3e0f7861c0b |
| SHA1 | e95e2c313d2a41af823f86e0af1329fa3bdb44ed |
| SHA256 | a43b306cf4bc28a41f562a8b2c065902c0c95202c64adee497f60c9ade7fa91f |
| SHA512 | 90238b923dec37ee6b5dc4ccae33604d31ddb9fbbe4692a652bacb0a157d1aa80581ec5df99d61e7aa6cb3958e136b6851941e7319f00b5ea0985f3085183d44 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 46503d7404049dadd036625ad1c809d5 |
| SHA1 | 40c476580450c821ac00090b490522b5fd06a8cd |
| SHA256 | 5132912fd3ed2187438ecba570cf3e10463786041dd0293b1999e0c4c5a901e7 |
| SHA512 | 05fe01e260c9b4ba58d23ee460287cdc5c6a8ffe17c6bd0242a7ac56b3cae5a2dfff88b649dfbe68015e28f423991ac747f64d8c8b8a056757d6f41c85619a96 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 13ed5e0369cedc64c8437eb9a493a981 |
| SHA1 | 880053c91809fef7b2a3d688143f554d5a05c0bd |
| SHA256 | 3560614f2f62c19498d2ad6c3b9fa8f232883167479de05e924a5a3ab19a8454 |
| SHA512 | 18b3c940a3b722b58c476af4141ab987ed9f7557c1e52f3f20548b2c209abd67c943761d22e20ed59c36d69f8cd911285aff7efdf2d20f51c35cad62932aefa0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 7cbb5b354798f045bd3c0f5f4fae297a |
| SHA1 | 18a802d78da976d9982ba71bbbf43780908ecb22 |
| SHA256 | de626270a0bced3c9f5e1f31c0259cd0e1a3699b60547333cae0143393b8cada |
| SHA512 | dc97ba0ba6be29a8ec670ab5e6a6209400b3f06bdfcb1fa78eb49e8c1d5552df2470616131e3138b2ba472343d30420429f5829a21ec362e9e4f362b082c87ff |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | caf21a4576a7ce3042fa5752ba023b39 |
| SHA1 | 28a19c176685bb5e6ce1a6f089b9e9187dd5de59 |
| SHA256 | 842cf1462c848c621d25ed9cfe234010258a8dd650876bf375d4b2f3b6bc0884 |
| SHA512 | 48d8eb22b76984b3416ad2ce7a66bc22d6c8f9695baab9867de3f74c4fc4064f64803ec861a92f1ae0e9c91f56a37e6b54bf67670a600dd53f6491a3483a711c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_827A2BD464611B5891D523F77B43FEB1
| MD5 | 3cbd995f8bc61a3669d6dccec2391d8a |
| SHA1 | 39e5903bb99f1d045f6b0c2429b43ea8e2d551da |
| SHA256 | d302d7266945490d5d06e91e1c2557830688004c572f39343357dfd57ada50e5 |
| SHA512 | 6335e0e9db04d46564a47818a02c3ed714ee705dbc70ecadf252f2813ef62ed14bf739ea545d69e3214d21600a2d9257013545ab3bd7eeba17fe1fb07b2a22ba |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8255daaff6114ec16d821aab768be461 |
| SHA1 | f00a180908c0229b5d91d8e726d60b1d089c0a91 |
| SHA256 | 7eb9866cd6dc07b47f99122034273ae3cd64fb00354fa3deadb599c8487313af |
| SHA512 | 19ffde111e154b0ab224f89c63a9dc047284640168f5d9e1168e504f2c6a71f2f6efc473132d965e38ffa7f29695130b693aa3075864c9113237373fc7192c22 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1af958775941ecdb788553587cb01db5 |
| SHA1 | 0eb9afd858c4e30b76c061799fb9bafc28b9a5d6 |
| SHA256 | 7e908be5723f74d6a6d5284ee8025a15ed52135e9460b150fb1d5581e68ccd7a |
| SHA512 | e33b239e712417a731d947191354bad9e68e370c34a39274c9f5a5af33657dbe7839d351c1d287b6eec46e280858db07fa4e59aac2e29b13fc6592bc7472bd36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 70770c9a0b4154fee504fd33133d5ddc |
| SHA1 | 84ff8532719b5a19ffebb59417db8f6ff859b194 |
| SHA256 | c93e3a36b4791c2e71a6aa1eaa396159062d0d5536e742bfca02a6839c1b45b4 |
| SHA512 | 3a6bc1a0413f83cb5503ccd2ba754dcd2476c463acb54186556da0ff0a837601ded3790302335eae288d798f3d991ecc4bf20d4cc45d4110b7d2509969c9212f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dcedf9f5125e07b2d028b095f491d997 |
| SHA1 | 85716374118ee84fb35989da5c893136ae34bb91 |
| SHA256 | 79bc84133132cc8a853900be0723ab8488b7339656f031a610f62b8e4f72d0e8 |
| SHA512 | de0cf3d10ec58d0f1803723f0ebea27f11c35c968a5c05b0c2450c894a27dcf00a1ce70a26c46316bdd899233a555a7dca85a79c76c3ec21bd979a26866a6cbd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9dfdb16351ed27d15b0c620baeda1aa8 |
| SHA1 | b483eb982bd91b2234fc5ab3c3059a710817f624 |
| SHA256 | 3ba3fee91c6e09420b148a3a7ebc0cc70eb2395b6885899f39417fdf454c65a2 |
| SHA512 | 745a6c3553947fbb13fdae14b18493d1e20c57f5d9b4d20054edca75747cec3cbb60a92cef8884819bda3651abb1508799055798f85ed4e12ae2cd6dfb9fd0e8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 46a600712fe45305601626f6af3f6e7f |
| SHA1 | 06277311ea05b207e61f8de9234f9d44e23e38a5 |
| SHA256 | 36926f30a092cb6ec95ace663120cd016b12963de7d24950a7b6bb7c26c1eea7 |
| SHA512 | 84625ff572dfed76cb3d44b7a9ceca1fe48542b31f925d10ccfd28fadadf5ebd013e5591925f0e810a29a8e3e7247f2e47fae68ca023f695f7a27b79c01c3673 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | 4751d06537b8d92b63bb65fa827593fb |
| SHA1 | 93761cb968a702848490f75a5fb93f80b9cb31d9 |
| SHA256 | 70d01cbaef787ebb045a014ccf52a12999f2effbca8272725bddbde6721c943d |
| SHA512 | dad48f9dad10c22e56172bb19ec3970a961e4aa5fd369e7e033a1952326ef8ca016c150d7cf572b1139ceec949a6cd68f11a9b441abbcb7dd9ef3b1fa4493c42 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | c5dfb849ca051355ee2dba1ac33eb028 |
| SHA1 | d69b561148f01c77c54578c10926df5b856976ad |
| SHA256 | cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b |
| SHA512 | 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1f0aa973db35de08b35ad15370f8c9c0 |
| SHA1 | 32eb0e863e2a01cdbcf54fbdc0cad5b164e14d06 |
| SHA256 | 9741defc6a1b6960b6b83e545592e7970c93aa395fcc63817db34b54b59d8bec |
| SHA512 | 1f506329464e404f0fe24eca61098b0486c35aa2936110973320fd1cccf625aa95b8f8bf121baa61f441003025f44d0e6d1f50babf239f715c349dc1cf13a6a5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_6B69C29B30EAF4FCF9E240B3D6A77FC9
| MD5 | 14bf3fbb7a9977b30bb24cd0f2fd80b2 |
| SHA1 | 95d6045e052c1fea026fe238242518dc0db64190 |
| SHA256 | c0b01f2c620bea1b8ec3a90edab40bba5e440b2bfd590b76937d7a3a9a9ca4c5 |
| SHA512 | f7e7ba8cd87d815a235dd595714c5e4ebc7e711d63a0ca27ff9ecff79b6efffada54d22c453f88c5495674b4c34760eeb0af948997f6e523029bcb0ec026b88d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_6B69C29B30EAF4FCF9E240B3D6A77FC9
| MD5 | d15af181df28a93d3dd0ec8748e1fd4a |
| SHA1 | a3f4ca80c6c94c21fba95801b8171186374fe808 |
| SHA256 | 897c589d175c21601455adee18069f1ff0b0701b57d11a3f3fc1b13c2f9bea6a |
| SHA512 | 5dd966491348ba2d0095e208233340e0638421f0314363534e8e97dc1688dfef943c6185b47e52133d83ef7f23a4a624c0cffb89d6ecee6d57fcd4400e708bb0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a13ed54420e304befe15006ab7f5e46c |
| SHA1 | 1e1778280f4c6554121dd45ed0355fe0bbc1d511 |
| SHA256 | fd53e8acf7dd3eb2abe4e4cb43226cbfdb28477e653f9be0e25f97c1aaa49332 |
| SHA512 | a8ff0ca8c677709828d1bd76017307cda055086ca6a804498c5f13a41ed92b838267bef58ad7593c6e2d325ad6c523ea2eb602a4d1f29a45befad10f77a40512 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4UVOHEA\platform_gapi.iframes.style.common[1].js
| MD5 | 682c26af19b240f98d2cb951721fa54d |
| SHA1 | 18e58b652c7f82a55ab4b1910693686049e25d62 |
| SHA256 | 96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980 |
| SHA512 | 078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GKL6KLY\cb=gapi[1].js
| MD5 | f9255a0dec7524a9a3e867a9f878a68b |
| SHA1 | 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b |
| SHA256 | d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d |
| SHA512 | d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S1MY27U9\TCK9A765.js
| MD5 | 67e216a27dda24bdcb086c2385b0cb99 |
| SHA1 | 17141c80f5d32bec3691c5ab24741d8b7dd5f0c6 |
| SHA256 | 9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7 |
| SHA512 | 802319543dc64cb011bc2684004e878a842b73aa55e4da1141ccb8650cbf42fabbf2b46c730760bbfcc7a140e11700244b9f5da78bafe9fca7ec7825c12b4255 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1f65199972739e2ada27e09695a36dca |
| SHA1 | eae992471e3f97905a086bde58e63790a53bd853 |
| SHA256 | e173ab8dbefe67384ce97f1027c0d3ffd1deb82493d3fe5624ed8212c93e555f |
| SHA512 | d14d1e4537bf010dbe7d5e9c52b7574ea3d79f47fc060aac1fe16839787010169968dada38b50808c4b8f5d6b66bb1077967a439b6d80cf4f677ac2526fd59c1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9cfa2a1813541cf99c0103329cf03e39 |
| SHA1 | 96dc1bb05481a48cfec506d4c9de3050789effbe |
| SHA256 | 7f9123e9c646f351d4964dc3898447193a4aa4c45408d226d57b9478367d8d1c |
| SHA512 | 8f4c3c18967047bf94d75cc95ff71ad3d57300fe2eb0208612703982ee3c79132bdce604319fb27ac505e357d95fc685b832325045f1254702fbf1910d951d75 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ea2dded78eb6cb4f9bf67c78c98d5322 |
| SHA1 | 83ef90755cf28f59b36083e4a9bd6b7d2dd16193 |
| SHA256 | 23575178d91272287f73358d0c59b6b39db2d9f07096b8497722bd3118b04557 |
| SHA512 | 3fd48f6c89988d83b43dd49eee0de8cfaf9c7a1c88f4922d44f894a2a47ab87be2a606393f8f3e15d7fdd12f8302f94d305fc7efab262ada1e9afd3a07e84b9d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 15a0d9e735baa2905e8541d2b10f6e8c |
| SHA1 | d7520bcb9a23d068797c123953356528e64dd727 |
| SHA256 | 2b263d40aec0b7583aca58302fb61058dfaa70fe6b05930ac316a2b873335151 |
| SHA512 | b806eb687ba6d314baf66de49fa698abeb4915bd4dd5353d69fab8becf64ecdae9184a45eebf662a57858bb1eaa266d7fbaeed5e5a9c2d5424c9049e769c9b11 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 686ad873af3d003032f2943adb4811ac |
| SHA1 | 600a1eb378121135d57f1e1d32f09f756fa06a64 |
| SHA256 | feac70ad8c96552978f35332f77ed5eb54e9c21c4cecbd8054baddf61a352819 |
| SHA512 | af0491b7de2d3e6bae5bd0a37a962b9c7619296969952a27bd93356549f9aed86958fd00f56cd2904c45719d9b99c255c917dbb6324f1a7ac145a72dd42c6f14 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f3787aff6bc45afc97d5f3200237859e |
| SHA1 | 42b3a863bcc6a029f039ce4bdb6ffddfe94e64b9 |
| SHA256 | 8f8d628d6fc8e1df0c1797371f53cb292b441a45bd1a9a9294932f8998481bf4 |
| SHA512 | ce3f8e661c01b3929e5e784c7227432b5092231a9542010f48bf95d491db8a78e5671d51f11bd62601f35439b890a9bd23421360e5ee7a47355e3a5465a50280 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7868ccd0b4af1f3474677668682371a3 |
| SHA1 | 5ce95724a37a5bc77c02cdb233b07d0edc56855d |
| SHA256 | 4cfafbadeafad90eeca982ce0a8471c1e62b4840a10fc367f91810fbbd66a182 |
| SHA512 | 34b2acca57ca8e8a6bf34f68a6511c37b55f73da4c374c348029ad96d5fb7a0861197e536bc39972061fc57e80ab2a328f8f8f8106b5c3ccc2ba23a5c64be9a0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 05b8e64284e1a988b8c93f6012ecbb81 |
| SHA1 | b1335cc3c055f5a1850d0388e44af85c92971489 |
| SHA256 | cae6b24c9433f09641b360d9594c35d631880ba991d7764ad28c0e436118d7c4 |
| SHA512 | 45dda873ecc41db3ebdb570217d88e8d064b77391e69bc0595c420f96b228be7a841284e381c33e9d3c9226ee36210cecd04446d154229abf495eaf37d442521 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | df23f78b6c7d0330991de52b5ce0faaf |
| SHA1 | 17d5d6a5df015050cfd38b4d0b765d7bb3226e68 |
| SHA256 | 5c25e21746ba176a4268eb097f7f414ca4a228f77256c9f92b4a030e5647d76a |
| SHA512 | 8f926ada2bc88f455886bbe44f7441122ee6e112438f0d4c753fe29a96b77ad617d29a48510c92bffb6a44fa4a7c74249d1407ab6c5fda81b0ded280c3a6f73f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 818da0c21e57fa49485fb58d22948cca |
| SHA1 | 918cfbd982c0b55e6cac7110a70ea3151eea520e |
| SHA256 | 090d3e67caa72e8532cd98b6563e74de93d53b5216d584586a61fbf7d288cc66 |
| SHA512 | 7416d5f45a3fc7c1adf4de23cb3c55d9715e1cec3c493834e612517fe8a6431572a8ead64160abf1524eac5f5709e12f6480ae35f4e7cba260b8a09b724b5139 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 80b5253102f5fee7fb50366b9023a3b3 |
| SHA1 | 22b1873f651e56aa7e36c6d1a0880213fc61499e |
| SHA256 | c8407dcdb73be2fe497f534c20890149393333d209a8251e5f39b35efc5b6748 |
| SHA512 | bceb208228c6f8fbc013c094f930a1c0a6f19233d181f4c92095e8b3e2a4195ca4ef03f91931fa0e1c85e7f8118c124fe9078bb1ec3d687b94b8532a6347c756 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c7a31aa55f9b60d0eaaab7c7abe16d84 |
| SHA1 | 26711d912863c0cf5763bf90d90d360af3257f2a |
| SHA256 | 64531ff7799cb4fb8990de19e1d775a03d674d15d6aae9c7fa754d570a1e5538 |
| SHA512 | 9e022500303b6a9ccb2942dd945b0ebf7cee3843a758a4a6f7e0e314ef271eaa87e114258e156f82f8ce7c4386d420a0a88375f37e9ae31714f2e2c546361aa7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0563a0d488079cab3993ac8cb554a485 |
| SHA1 | e1dd0d88f9a9fbbd0974cd5675ff1a4665360328 |
| SHA256 | 15f0946aecf12b0ae055ce2ad7cf88152aba39874281b2fdbcc3430f28a36ec6 |
| SHA512 | 9aedc742c46c173dfe8fc19a71e5a600f92ca0bae56c2c0d1895f29aed31c9607403f49f9e6a3bcb0bfc228d3bb811257723e497af0f5dd35a9084e771ed2f77 |
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 60e0e45514fa581cf25fbd785cac4ca5 |
| SHA1 | b2424cf3ce307de89bbb9b3eb2c455f8ced1b5b9 |
| SHA256 | 2668bf1405b381b65a1ecd534b0bd8c777ad0cca0c446d185a9742c3217bd88e |
| SHA512 | 244609ef64ebb0fe707e5957aa7e607d84e60819f412ded9565cb098e2e1853575c3ddf3beaeeb7ae544cdfbd7d5257e611519acaeb7d71491d981fe914b5ef4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d1e457ca0e30a38e9a1b522f23412801 |
| SHA1 | 61935e50b98e4dacbae371f95dd230b6eac7893e |
| SHA256 | 0d9e9ac425c18761a65aa0dcbce82875bcfac6771629ad1b55bf1fcbb86179d8 |
| SHA512 | a0b52aea7ba35dd24e2b65def3cf5e8a43e284d81c5490b568e31cfc22c1212b1b939b0fa4240d325d27f71c8a37f60cc05e4b5ba50700954267710b316fbd70 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e6842adb0e5fd22dc54409098bcc0108 |
| SHA1 | 0147693da0d59311294f1bf31e73bb0320156c64 |
| SHA256 | 4edb8619d8d32ddf40b754e93468bb3f84f4907604f9d2a510562063b11d3fbc |
| SHA512 | 0ac00edd521083abca5d05ebb152426e7a7d3e1967fdfdcee877e7cc61c8819694b8b01c51257c86073810d5f56b1dca5f1ef88f59f875b139d809d271616c26 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9670b652f1177264dd6b96995b47b8c9 |
| SHA1 | 922e28650d1d4662ca4ae6c0a0f2baac210bb481 |
| SHA256 | 0d025925abe90c0f8bf58a5f5290a44ef416d14833e4946f3a3df2bb41cdcb69 |
| SHA512 | 663fcc089fb22abc246a879bc680d4d32881d2e59c0d2c7fb5cea7beda7226e59ebdbd8ae3414f24fa03a244b4f7e013322a91ba89b4fb7a436d73a727ba7fa0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 71cdaef9186a3d1551cf1565a2c9a206 |
| SHA1 | dd5f92e3137ed77bd084343b4b02bdbe8f72eec3 |
| SHA256 | 7ee0d8b8da75716cb084f4da534628efb6e2d0c335e7f8665fd26a34ad9a4066 |
| SHA512 | e436c9ac11a02f8aadba29cf226c251053365d8ef766d6b9127f10cc3f0fe0790fdf6a6992527fe6d4dafbdd4224a93fa8d0cbc74e5eab32c50b24b92d8608dd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8335d96de913b17334569583c03f3ba1 |
| SHA1 | 4471fbff03317e7cd12ed1de9e14a2bb7d98d8c9 |
| SHA256 | 17aecf97b44e9f4439ed4766ba760848e3c02f41fa295b015c7dc74f9c8d1802 |
| SHA512 | 1ae91ab26f057f53855c2a872ef9d65c1cee8672a45b7caf8579d96bbe95a0dfbf4f6d4bfd6040bf973ba9343f0f4d998c32cccde199de56bea27afaa5041de4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2541655f203f5fe2292a50c3b24c1db2 |
| SHA1 | 0e89330e4ff910b6be1695c30ad35356f59fc103 |
| SHA256 | 695ea861d11cf81ca2b2a0b5d52cc15725becba04ee594d74839dd1a40d7b2ad |
| SHA512 | b98437b560b95c33f583f381b14638f7e92cb67897468acdc02612f52e3b7f36aa7ab47a2cdd9ae3be28b73c55775424aecdc932a08bb92283287debe5448f0a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 700c729cacaa15c81929b730db8c0e49 |
| SHA1 | aedd9e2be9f99e9d6136a1d05dd30ea4d9dd06f2 |
| SHA256 | 10ca733695e6bc460a45d89b1ae5ecc61ca8cb8d5672c9204dcfb4dcc424145f |
| SHA512 | c9b8d984b102821aca976fc3ba75487e8d3d57deff985833afa146a355d18c52d0b0b99cf012e0b6993665cbdfd76c955e8f5ac04d6acf072ef8abd67ff23cc1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 84dc1544f843a04d897293c965ff378d |
| SHA1 | aa6f09334ae4053815d83f562d06b246fad08f85 |
| SHA256 | 4692af9b51d2d11161cd7788c750012fe07f97c5910846259433f40ab6c4a162 |
| SHA512 | c836c12c54b534edb76e692bcf87018bb3ffbb75b3b84ac8269b9c88698f2ab1c075850ecc6f55164d9949c547f30990369866cfdfbc868bdd6829e2d10bd657 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 56d028436a1a572df2457d05aa77acb4 |
| SHA1 | e938181928919f35b8fae58d926ec499b246588b |
| SHA256 | 23142871ffae78b4ce985562f14b9febe1088764b684ccb33e15ca0ae4ddb94f |
| SHA512 | 9f854af8f0f505e9cb1eb8a833c492a8b29345df07be2e1e24e2331aea2b0064a510d56643536f4226e586c67e776d610f299c1c24f05db7825ad83d64d8bf0d |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 12:44
Reported
2024-06-03 12:46
Platform
win10v2004-20240508-en
Max time kernel
136s
Max time network
138s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91d3f039c50f7ebf2bd7577922e01867_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3800,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=4552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4124,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=3708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=3832,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5452,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5440 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5468,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5536 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5476,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=5860,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=6160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=6532,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=6520 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=1036,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=6700 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | cdn.rawgit.com | udp |
| US | 8.8.8.8:53 | cdn.rawgit.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| GB | 143.244.38.136:443 | cdn.rawgit.com | tcp |
| GB | 216.58.201.106:443 | ajax.googleapis.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.180.1:443 | 3.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| GB | 104.91.71.139:443 | bzib.nelreports.net | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | pop.dojo.cc | udp |
| US | 8.8.8.8:53 | pop.dojo.cc | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 172.66.40.196:443 | pop.dojo.cc | udp |
| US | 8.8.8.8:53 | cdn.statically.io | udp |
| US | 8.8.8.8:53 | cdn.statically.io | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | jqueryapi.info | udp |
| US | 8.8.8.8:53 | jqueryapi.info | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | newsunads.com | udp |
| US | 8.8.8.8:53 | newsunads.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | themes.googleusercontent.com | udp |
| US | 8.8.8.8:53 | themes.googleusercontent.com | udp |
| GB | 142.250.187.194:445 | pagead2.googlesyndication.com | tcp |
| US | 151.101.1.91:443 | cdn.statically.io | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| BE | 2.21.17.194:443 | www.microsoft.com | tcp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | tcp |
| US | 45.56.79.23:80 | jqueryapi.info | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 172.240.108.68:80 | newsunads.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 142.250.180.1:443 | 4.bp.blogspot.com | udp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | udp |
| US | 45.56.79.23:80 | jqueryapi.info | tcp |
| US | 8.8.8.8:53 | 215.169.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.6.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.177.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.40.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.17.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.108.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.79.56.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| GB | 172.217.169.66:139 | pagead2.googlesyndication.com | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| NL | 23.62.61.171:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 171.61.62.23.in-addr.arpa | udp |
| NL | 23.62.61.75:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 75.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| GB | 142.250.178.9:445 | www.blogger.com | tcp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.151.21:445 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.151.21:139 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | whitehat-android.blogspot.com | udp |
| US | 8.8.8.8:53 | whitehat-android.blogspot.com | udp |
| GB | 142.250.200.1:443 | whitehat-android.blogspot.com | tcp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.173.189.20.in-addr.arpa | udp |