Malware Analysis Report

2025-01-17 22:49

Sample ID 240603-qae4jagg44
Target 91e1cd10c39a49fca58780b6aca33ca2_JaffaCakes118
SHA256 d05d567d0293639ca38f29de3a3b821422a54ecc89b0d467e3417ea44329fb19
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

SHA256

d05d567d0293639ca38f29de3a3b821422a54ecc89b0d467e3417ea44329fb19

Threat Level: Shows suspicious behavior

The file 91e1cd10c39a49fca58780b6aca33ca2_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary


Program crash

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious use of SetWindowsHookEx

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 13:03

Signatures

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 13:03

Reported

2024-06-03 13:05

Platform

win10v2004-20240508-en

Max time kernel

150s

Max time network

150s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91e1cd10c39a49fca58780b6aca33ca2_JaffaCakes118.html

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2124 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 2352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2124 wrote to memory of 3860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91e1cd10c39a49fca58780b6aca33ca2_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd6b7d46f8,0x7ffd6b7d4708,0x7ffd6b7d4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,3056950978825959323,14308941192296295106,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,3056950978825959323,14308941192296295106,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,3056950978825959323,14308941192296295106,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2936 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3056950978825959323,14308941192296295106,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3056950978825959323,14308941192296295106,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,3056950978825959323,14308941192296295106,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6320 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 www.guidetocrypto.com udp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
GB 142.250.187.202:445 fonts.googleapis.com tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 92.194.67.172.in-addr.arpa udp
US 8.8.8.8:53 152.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 142.250.187.202:139 fonts.googleapis.com tcp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
N/A 224.0.0.251:5353 udp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
GB 216.58.213.2:445 pagead2.googlesyndication.com tcp
GB 216.58.204.66:139 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 192.0.76.3:443 stats.wp.com tcp
US 8.8.8.8:53 3.76.0.192.in-addr.arpa udp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
GB 142.250.187.202:445 fonts.googleapis.com tcp
GB 142.250.187.202:139 fonts.googleapis.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 203.107.17.2.in-addr.arpa udp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
GB 216.58.213.2:445 pagead2.googlesyndication.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
GB 216.58.204.66:139 pagead2.googlesyndication.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
GB 142.250.187.202:445 fonts.googleapis.com tcp
GB 142.250.187.202:139 fonts.googleapis.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
GB 216.58.213.2:445 pagead2.googlesyndication.com tcp
GB 216.58.204.66:139 pagead2.googlesyndication.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 612a6c4247ef652299b376221c984213
SHA1 d306f3b16bde39708aa862aee372345feb559750
SHA256 9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a
SHA512 34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 56641592f6e69f5f5fb06f2319384490
SHA1 6a86be42e2c6d26b7830ad9f4e2627995fd91069
SHA256 02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455
SHA512 c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

\??\pipe\LOCAL\crashpad_2124_MRWXLVNGDMOVPJIX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 44c92274744168d65c9ee8e349baaf83
SHA1 a4dcabad2c22ff137fb6d6f8113a09a19aad5f81
SHA256 03a6b98b0f01b5acf13ab81d3f1e53aa4e0d18e62dcbe8a6f2480cd9328f0f8b
SHA512 53805d5070f36eb2caa17db1b6e0d453bacc3cf48e821a69860eacca1e0122d9c8fb4cce978ef704527770c35f23c9a791dd4b2765de1e14553a08b90a621920

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

MD5 6b57837eeee73fcc5a6739492d20bd70
SHA1 54f696b0d6e6e92c5e588dae30d93886c040568e
SHA256 e247a964abd7d4e0b5b3d990ccccb483ba81b9b81529ccaefb7af30b8f192ac5
SHA512 ecffa90d9f7393f14b87c0064a3341da4ef49099f8a2d96a8c5ce4a93b855cfc2ae910ab75cddc8d7ebb67b818727b248eaf2acf45ed39ce8e5e0baeea33d9a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 5e76ca995645a2b531db6fc3f11c97f7
SHA1 775822d9aa57536ada71d3922cdc69789373b3d0
SHA256 f223165da6014b7c0edcf73c32d84932855a0b437abf0f7ccb92baf47c9c0583
SHA512 cbc2a52252735d097d007517ddc7182ab6a2b1d25ad3fae7c378753c431e33b341b503356b4d9313f88f0ad7939eb16c377b99bf6c8d7bb1022de91c41950938

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ac86a138f6d2a7894068b509f293129c
SHA1 a39139f93a5c5e043abf62fdf0539c1743554ca4
SHA256 091d25914f06dbd9f67a05a7cceef3dc982c67eedf18fa2d2b55c4c65934b050
SHA512 338dd4c71cf9975c018fbf370f54e4c460947bb340f9f1924cda9a6cefad9149622643f88a0472ee5c8200cf0204bbcdd01c241f438d137dfea1da14074ff3d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d575aee94ccedf8be20ac7ebed4000c1
SHA1 64e563a71f79f0aaaba79c7293673a5ae4875ff0
SHA256 690c12dc7012c8909cb1c8bd8f2040803c1b6c4ca450256023e51540f2588e81
SHA512 8e2768127325c506366796fcda0a08263609d3df11e206bb3fc6068ba6529edb5888fddb2663d882fbc785b60d3815614a1558e5325ff190044dc3929d71e470

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 17f0c85e960f3e70686ba8003d7df364
SHA1 91b968b8f1f0d8a0942eadf27815da0b0988ebc5
SHA256 d51980edca3637e86ac5d88e8ecf067d9190cf997d92e8b8aed40b27d1c65952
SHA512 236c8de1e6af14d47c7199a742d21084deadf93dd58f8cd0369b92acf022bc76a112f1490bb457a394c8e0afc7db0589843414a5bc9ba7c725dea2a6126791b9

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 13:03

Reported

2024-06-03 13:05

Platform

win7-20240221-en

Max time kernel

122s

Max time network

127s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e1cd10c39a49fca58780b6aca33ca2_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005797905aaca88c439f6f6b078f47e0f300000000020000000000106600000001000020000000b01945e5997a7db6c262f1c603ca4a631871cadd7c952ac9704e6a1cde9a70a5000000000e8000000002000020000000124c49a392a9b5881e4c9a17d63ccb447b9b2e1ff4159e139dfafaff95bfc22420000000161f8774f2c9c02c2765b8b2fe062f1eb7c28aa89d62da419ae5ec30182ed96c40000000fc7d23f28307afce0b7899693893fa6f3c1ebb67a04f6847a9d94ba349e5b3a4790bc598c270054efc7acc2db62f2452bc791a38baa9f056c252532e0f7a2dcd C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f017b5aeb6b5da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{A437F131-21A9-11EF-ACCC-D20227E6D795} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423581667" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005797905aaca88c439f6f6b078f47e0f30000000002000000000010660000000100002000000040fe0be712612a377a94f47619045e7a38de153a7394a547dc804b6344fb510d000000000e800000000200002000000012becda77a8af9ce659d766ecad25c2bbe719a1ca19378bfc0470772fd63431690000000370e46657f0fe9ebfbc33d0a0a3d61081f82845ad1a64d2c506911bfa9d049befd6acefa330ab5d4e0ac110fe083779f0730162fc2aa4d02e9e0df3c4ad3029acd54455c4c58fbb8f939c8b61d2e159dfc5bf6659915280e0c6114674f4a0beb5076dc35a9112c5303e9d7d96786c958677aa06c968a3107e29ad71e97223f80d41a608bb20785b920c41130ac92aa2740000000cc008595f30ea119bb0442897c8bd013ad6daaa3ff4deeac24d01206efe662cb83aae49c411f9f15178d6caaf6e637d92c627ae011865bd407f607240fd367e5 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1784 wrote to memory of 2056 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 2056 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 2056 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 2056 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2056 wrote to memory of 3896 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 2056 wrote to memory of 3896 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 2056 wrote to memory of 3896 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 2056 wrote to memory of 3896 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 1784 wrote to memory of 3920 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 3920 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 3920 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 3920 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3920 wrote to memory of 3252 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 3920 wrote to memory of 3252 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 3920 wrote to memory of 3252 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 3920 wrote to memory of 3252 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 1784 wrote to memory of 3820 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 3820 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 3820 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 3820 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3820 wrote to memory of 3808 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 3820 wrote to memory of 3808 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 3820 wrote to memory of 3808 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 3820 wrote to memory of 3808 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\SysWOW64\WerFault.exe
PID 1784 wrote to memory of 1916 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 1916 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 1916 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 1784 wrote to memory of 1916 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e1cd10c39a49fca58780b6aca33ca2_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1784 CREDAT:275457 /prefetch:2

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2056 -s 8308

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1784 CREDAT:340994 /prefetch:2

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 3920 -s 4716

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1784 CREDAT:209950 /prefetch:2

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 3820 -s 5332

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1784 CREDAT:1389596 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 www.guidetocrypto.com udp
US 8.8.8.8:53 authedmine.com udp
US 192.0.76.3:443 stats.wp.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp
US 172.67.194.92:443 www.guidetocrypto.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\Cab6BB0.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\Tar6BB3.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 25f117789cc91f5c6082e85e8d132925
SHA1 c3935f4542772114d8817f7489bf99d2c16efd61
SHA256 ca58bde5e1d15232b7ddcdc2e5d37714752444c8b08ac6b58ae8bce6423cfb16
SHA512 11655ab95271455c3456011f2307ffd89359a107d2eeddbf515802efb70fe806e24ce368365f259bcaa9e6d542a3e46d73fac6914271c3f4258293e6f0da9724

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 13ed5e0369cedc64c8437eb9a493a981
SHA1 880053c91809fef7b2a3d688143f554d5a05c0bd
SHA256 3560614f2f62c19498d2ad6c3b9fa8f232883167479de05e924a5a3ab19a8454
SHA512 18b3c940a3b722b58c476af4141ab987ed9f7557c1e52f3f20548b2c209abd67c943761d22e20ed59c36d69f8cd911285aff7efdf2d20f51c35cad62932aefa0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bb88f10e13216bc64b13daf5247ac26c
SHA1 589355d29ab577224294b6dea9e737b9ad855495
SHA256 74253faa73f1c7e41765fd2a8b9a08d5be52fcf20d94980665bc9029e671b618
SHA512 acf59b0a220eb89d23993e98d1890c2f45ea74b9df19d1322f6cbb950f5cea807af552313699597a9ec77b342344481a699b5d6b226f268d773afea9bc37a85e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar70DF.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

MD5 8202a1cd02e7d69597995cabbe881a12
SHA1 8858d9d934b7aa9330ee73de6c476acf19929ff6
SHA256 58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5
SHA512 97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

MD5 1627f228cd8cdd624387355a61815b97
SHA1 6dfcbe77373a86fc4f40ff3059ec88202d5051f9
SHA256 8ebb780b845e965c1c8eb6a55661ac03ad9b9a411c979a9b305f9c7765efaf88
SHA512 bac9a4aa0ab2a7b4381a78c10e66d22cebc10a18e0a8669e843e5bbfaeca0cdf0b45b9f3e497b111aca939ebcda5575e35d9cb604b110d0c5c4e49c15a6e333a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c9033bde29a36de27d610ff3e78b8bed
SHA1 9d4bcf16dc205de44d89674443fbce0e381dac21
SHA256 5952ce3487431be4a131289560966c99c60fcd6d661d17ea291cf340a64f78f4
SHA512 3f67098da95944a93ff288573f437891a1316caab87c179c201bab9d8be718dbedcf6abc41bb1594032025b4b8e7ad0f8e2b967cc6ba0eccdde0cdc2df34c795

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7d797064d94c9e548b1c9a10899e95a3
SHA1 a23acbf42ed00e31ec8e90d02c97b7fcfe448d17
SHA256 a3b5f74d7eaf9b9d3e2687851b59f785dca4e4259f694b45d71b3098d34c6c64
SHA512 00565b0dcf7493dbdceb26350afe47a5fffd42f89ff021c3ebe2c3b560446382d5a74083cd15e5545e8272dd8ecf3811ba320ee6b233d7522b61ffd7d26f6b3a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

MD5 76d4d147245ce8da3cf3a4aff0bc5611
SHA1 edf7b96b65cbe3e3ba82799502871c790d9ebb78
SHA256 46d3ed9486f6c000d1e52b27979054fdbd340efe906522441306ea0c189276b6
SHA512 631a6e44a0b135335bfd4cba07fdebd7bd688379f4012b0d3219f36680d1b735572e69601c631d9a1137aa615a4afd3bb91087d04bde887bd1a1130fe46c5dd2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

MD5 a5fd4fd06ee63ac5b075b857caced470
SHA1 f4e3cad80f1783bc37533ac98f1074b938bae68a
SHA256 9c26bee55d27d69eaaf85f0c4a225e8582cd5cd6eef7720b26d085b22af35d39
SHA512 91f8ad3bf29ba2366ed4a1026e99e3f6a6e03f89c40bfbbf383e738e1c0f15b21d682fab7b3dc1035f1027ec6a677b31a956c96513ab235cbfb3574723e7c6aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

MD5 61c060748daca8556274bfabc587f30e
SHA1 05b5c3bd691071c2071f7864a15ba98f60cfacfc
SHA256 d3a4273f83db93b4afe9c06918806d71e6268a4b8b41cee65e047cfaa1af548f
SHA512 5a8566c72fa10bf6380096f57f5b3c638e347d4b40adb8706a50f84095d0047c39e72f1fe413f05c819cee4f84b6208d9702e2cbdc2f52e22321bb204edfc4ec

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\s-202031[1].js

MD5 3d9b93cfc93d9ca7cc67a9b70ff4cded
SHA1 fb97ee69263ef5bfcce7a923f6b74888dd10932d
SHA256 d92c0cb8715f872b995e9166602b68fd389905b7942fe245ce0eaf9ae9743686
SHA512 7c931a653b861b6c52d36212220e430da9d4ebebde1aabf4e449d3992533f1d1cb8ee000f55f64b780c8c2bc4850c5157609432e1e36bd32550c48f896b02d57

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\e-202031[1].js

MD5 bd2d67186594b0e32223b293fdfcca55
SHA1 b797a9d012c850b53a7ccc12211adcfbcd9ae0be
SHA256 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
SHA512 c80a7cd15e27b24ae6a2b7e9e491bcb24efa034bf730862f07e5cd22a0c7961b451f78b3d80ad212cbbb75b176ddafdf84f9aabd027dbcebae3a8fbd48f6a8e0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

MD5 e9ac5da7662474ff0521c076a0f13c05
SHA1 c2ab1570e42b142cd67d1bdd487144133f4fa879
SHA256 301b4f62584aa9819f7165e56f272c83a8bd1bcec627a432195be051d96fbb9c
SHA512 2993c8a3118f5cc71a5457dd9494b357317832fda2a7be4e31d5ad9c89b8042b65eeeea3437e3a447066595b3dc9ac129f64be44abfbd3f0a7e0faa343f041dd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

MD5 b7d2b406612c2a4e2cb7e6f297b62c9b
SHA1 611c45a90731792e74bc0e3ef83f0f496c852c07
SHA256 48f8518fbfce04646552c7f182102af1f8ec9224bef596a7b8d5372fbea92cdf
SHA512 029c9b333efde5a610c0b6e4f615f1ea61a925fb20648e67cf93de1a99b9b89d48693c35933abbdafbaf0661a4b5042a3df6ff41cdb52d753434f3ab2a7fc396

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

MD5 6c3f8cc0db2586729c6181a2899bc227
SHA1 9119334f9838d88139654144d6b0c069f9becb2f
SHA256 97a1552a67af5875c1ce51a75b8b3a1e08f87d2a17ee51d58603579d0ecfb0ab
SHA512 901be6f101bb25a39b554ac29a135ed4106f7498260b21a84b836d68d64007d6b30c7067a43c578715c7a33f54a6c674f86a218e05fca43e48858998ec36a130

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b4ff0a20111c166381e635a63515dcf7
SHA1 bdf0960ca55a769ebbedf3121d3f690be6e94e81
SHA256 d1c0ef343b8e3e22bf6a0c79a77576c788504ece357bccc10d68a006eae50c44
SHA512 5c32f5e3042369d467f06a74de9eb6553c01a3234bbe11d7c51d23e4b3f835fa5ded982e94f08134e943f4caf41f3cf2b1b94f0fcd7064a31a1b1d86e2794f99

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 70abe2fd84fe616578de00bd83050824
SHA1 61ea6ae91fc9ee6cfb795d57ed29756af23714b5
SHA256 f8039e0bf6ee3b937f5a6d3e1c7580a4b448c4da3b8d01f7ac412aba92571c1c
SHA512 ffbeff826e713fc2897da15b4b105cd0023b9ba7541cc6bc3ad50a485ef24a3b1c35912b125895d54a9beca9d74ad4709f900fd10f65b182121eae2e3cc6eaa4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a780f10b8710f7b5959c15661660e830
SHA1 0286cc0d7bc84703f5cbf468c551fb14b87b0e28
SHA256 2ac3ee6e9867622b5898793ed2e5b78efdb54b8dbc93de4897cd270e4c44656f
SHA512 ffcd01db20172e2a5d1faf2a68da17a1e8e8c1f303c491b5b20fc00afd5d5bbd3151af74128752db294b53238338fb6bee2988d2a58c24ca02023205e387502a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e97a589723eb46c14b7b75a25caf6aa8
SHA1 04a654052e015397fc655d213cdb35793108f915
SHA256 f4f20bef588ce075672a56e4b460116d387209bb3e135eb74df72efc4eaffb4b
SHA512 6dd37c2e5aa927e89d4a64b6ea3f3416c69ca89e18c3be1e5ca02583ac7ed04bb424156ad7003afdcd1f25757cf8608f83d5984e5033162d8dc05e0f797c4c92

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 b605dc665029324f05b33b232af32d4e
SHA1 ff64dd91fd158dbaac390a88e3db829c0ef369dc
SHA256 09dc9868998529d7d8167175c17581e231be064c9ae4ddde0776a3b98d40487b
SHA512 6bdc36d8fb35118dc24ac5bbfe2e0090ff5240bca23379722281dcb7d872cf6bf26933b4de7b62c6c7e22e6abb83e233f484da9f0da944b01fd4409ef7e9e633

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e5d95c8a8850b867f4e8c5fad5d7eafa
SHA1 0fca298b81d60b79c9f13fbc9ddbe2a526968f8e
SHA256 7ba71e3a39155f1c95eccabc388996cc3aed88beb660769603f3611bf3e1d676
SHA512 685acf38e57bbca22433c1e8d333fc18f760b47b17afe3ef0e7e9e25b85a3a719220c8d820b55a18eefd0ab009b16d61552106597ac964d307d3f6f6a9d3a8cc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4c246949b8a68556899fda7577f785dd
SHA1 ea61343f900264d9881f12801a02a6ccac5ba7d7
SHA256 da4d6c2c3a5123b5eb5bc70a2ff72d774f9dc9ae8087172abdbc2b00135a0d4f
SHA512 07a887203342f41ad9c130bae395fdfe5c921f3fc001d3ca5251e17dd10ed56cb70e5a13afa1335f7a2bf53a500f33add96993c766f49cbe0a6a5a425f18e8ea

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f48005599479a1acfb0ec32272f2c714
SHA1 2920d7c380761e2a7f4170c2947d217e3138d042
SHA256 663d60d4dfc4bcc675df5fb008caee4bd0dc42f2626e024b6065a642c53cb1dd
SHA512 ad91d23ce6180fedef219cc213bf4d6eaef6afbf79e87771dc821b0ec55c52298c7a1ab20f64e3d9f81204e25c799550d767893d255d369de2f4605a8dbfda68

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1e12287e2cd93574869bb4d43f7853c3
SHA1 a1a8668bf918a7998dcf437305cbe34c84a2010a
SHA256 11d9b7a1f053f31311809fe3522f9cc08edeb2b724c462475de00b4827bb7a17
SHA512 9691754cf0c451299c1f314f986b2f39fd871dc7d2de776687f2630cbb5e7d4f370439e46bb9c336aa9e7866182a33461e9244ab2631441c73a643b3fedb7a58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cfd52c2a6084037809a860c25d1da3bd
SHA1 b9c81da0539694eacb38da422ca5925e2962b690
SHA256 c40bda78902b2fce48df880ca38d7d1d22e5f62bbc1f859b3b5fb8a14a3fffa8
SHA512 e4f735bef37a3f11474369ee01d7a21c63cb1267289b559a937c8a39409cdb89778ad7cd30732089445ac76d62faeda495e283975185a12284c201fac4c4d827

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 26b47f6e2cb37fa8d62d857555f33ba2
SHA1 ce959fa778e03b6bb5bcb5d8c108a9d94aef7d04
SHA256 7f44a5eea07f496eef69439f4ee63a1ecefb531a06721e7a56de0f29772f6269
SHA512 31d804caf3499f97f0f42efee89e27f8670a8aec553d8191a4322fa6a72fa038874c47c5e4eb1c0a9cf13252cf79d1363e8e2b983e89272b18382d0201acc935

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f47571d3a8312a69e815df7cc1daa391
SHA1 4804bb1aa81f1e18473ba1ea129b26fcd77770af
SHA256 5df0162259ee3ff0045c8cc815edf716509bbb5f5b527f2fa5654b2a5d4818c5
SHA512 fbb7d419f997ab9515707f94bf6d63b90907caa3b2c0d86420f6cb7c1947a0688bcd3b5030d9e46ab73aef2d96a2d32e26a42cc9fb2b8612bd0fdca9c92cadad

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2aa1fbd9be1a63a95eff51bc6b8dfe6b
SHA1 b245841debb3c086030b93f9520473922bc8c040
SHA256 5887ba58b6f32758642239ef70d8c31ff2db0d927f16da0081a43afec44c7195
SHA512 8b8d67521d87743bdcc7429ab482dc5092291cc49bce541515639b60ec65d9f76d7ee6b4b52e08d9e63fee6306cedaaff05d622dcb98bfd3b5c148ab7f2ce0be

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 956910179415eec419454bc3d9fe4530
SHA1 88fd767c6d3788ba114d8264093f6b3033ab0189
SHA256 39984b1bbf9a3689dd2499d24228d6659724a761ea21d305393c74ab7b76f139
SHA512 1424004e0188a11c84024c85d4fc5df6c4bcdf4ee5f5d00db5daafa6a3f18feebfdb3f2551669dcbad3c1a7f08d1bbce2b84532b328575e48777e3917c249c0c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cb3877e8af1c05d760e277cb0ba3eeb7
SHA1 180aa382ede6a55fc01cef607af395f1234c9c17
SHA256 be107314e1bb8971fe1fa320a1ab3b5fc84d602abeee0aff75f41ed299fdfebd
SHA512 3e1905a7fc5c28b652b33109086e576063d81df7b97cb049137d62ac4bdc1da78768d39723e387650725bfd71892f9e4a2a7cce572be192054a6d0eec6a4301f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 63778d76601c55610379a62a33e769c5
SHA1 3c23ae8957601e243d7b154a8ed1246fb509a768
SHA256 5f18edb74ce529b3e3a2484933ce8ea0820dde02cae0b5a6a23c6dc2857e30a7
SHA512 aad35b8e1b5d3da60ee013840eb3ac5a3765d58f381902eabd63fd1cb81025eeb6d6cc28f12f8a188a2cc3bdede826bcf17d76e36e1c143b9011a8dab3010f12

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 39565b8b0f84f7d4f2e663df59c13847
SHA1 fa13453273265c110295740253d67979f8a6fe96
SHA256 87d13267f7d5cf5394224c1be116801dd51f6273154656cbd643905d3e281281
SHA512 13ca4e650612304e53f6a7fc043b70003338313291305294d8b571094f85a43d712c77e1e450efe1ef760a6a55e682790f2ebc8596050426162fc689626380d4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9d06353c9e0a9278d281f76137d536f7
SHA1 70d7ee57ab8d03ee9fbdf9e477690b7f9c0848a7
SHA256 443bcefefa73c85f98d1842017f25ac299586d09978d9515a164445a224d2c38
SHA512 a9d777e2820ad3fb0466f42c1cc227ad822eff8ed5ce328018c98e02ab5b9e1e7ed748526b320de5e8655c847c3fee1cbf5cb3f1697ea89728990e4a535fa9e4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4f15916f8adcbe422991e2b9db23aa6e
SHA1 c1dc8dd101efa38e238c7c84f214abe890f53971
SHA256 bd893cdf69b3c36870bc1a49936f70afb9b56c1116aab452bbe8825ed9d3bec8
SHA512 dc92d63a162cbe2ba7ec0fa707f6885054d340091a1a0076464c663355ed466531149b12288f0ba0c5b79bc07cc19e4ca595f0f58faf04e988c3785dafcf0dfc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 80d49ac4f72ac3a6f655dcd95b6c05fa
SHA1 daa826c37455c07421c3746f1906ba9c32c09baa
SHA256 a150703531e06ef3027fbfc9e4683faa7c3942256ee8844d01352e16f643e44b
SHA512 2dfbf501846c41b1119f2d02a1681efc3b25c2402a6225fa65e695183684cf0cd04e8a0b1d915840a9c01e1b1a11b854a316954cb69400edeac3c280a0caf6f5