Analysis Overview
SHA256
4884b0a38b9cdb44f4ea4a371b0d826c61582a021e3b4a2913aae3ffdbf8e626
Threat Level: No (potentially) malicious behavior was detected
The file 91e3ad55db8f7ac8dccc0039b8bc5283_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 13:06
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 13:06
Reported
2024-06-03 13:08
Platform
win10v2004-20240508-en
Max time kernel
145s
Max time network
140s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91e3ad55db8f7ac8dccc0039b8bc5283_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd711f46f8,0x7ffd711f4708,0x7ffd711f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2224 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2212,8673810175032829099,9265573251514776862,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2672 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.143.123.92.in-addr.arpa | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 612a6c4247ef652299b376221c984213 |
| SHA1 | d306f3b16bde39708aa862aee372345feb559750 |
| SHA256 | 9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a |
| SHA512 | 34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973 |
\??\pipe\LOCAL\crashpad_4876_BELNRBCZBDNAHZEI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56641592f6e69f5f5fb06f2319384490 |
| SHA1 | 6a86be42e2c6d26b7830ad9f4e2627995fd91069 |
| SHA256 | 02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455 |
| SHA512 | c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 24f32eddacbf24fe58c1670d879819bf |
| SHA1 | ea7bb6c3181806f7f0a830e5518f1ba9fd38bf74 |
| SHA256 | 090caaeed69ce983b3d45264e045e601f22bf2ae2cda1f6aaa16caaf2d24cd14 |
| SHA512 | ba0e85f2ea7ea9b1c38061f7afe92e23e2c7f366e122d99fe41d3ad2d8a29db98a0bb2c94cf3a049f8b1fb3b9be45e0757e74418be486612c3701a588517417e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 0f0c9989cbb18447d2f5d954c20ed99f |
| SHA1 | 9ad0fd560c0c478c67cc8f118e363b3a1d1cdb5a |
| SHA256 | a43a9e5bbd2d8a8aed070df3b2c799afe064312d6f248c4a498a67c0f9a02720 |
| SHA512 | ad6a2c60d3e5aab48497169e380d0fa50d7a0fd2bfa0a07313d880afaafd2ff2be7521864ab7ec661866b1ee4309467ef2733a24dba7e0facde8d190739d9fa3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 318d6b9c8ec8e8110f973989d4d01521 |
| SHA1 | 0f985eebc9ce5dde10e36307eb0ac52e5ac71596 |
| SHA256 | e430c83555fea2c82c458c0095070c4e9992c407fcdf2171201d4e003e775d3f |
| SHA512 | efa17d497a8d2a1bac788b0ab79bea172bd2d10803fca5d5339955181504094574c3e7a0e760196d9b52f9257754963056fbd8065fcd6e2b6e94d7533c0b6c5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7377b1230c6b687dbddcd8e99bf95d60 |
| SHA1 | 0c8f410035fb30ce053aef389fc38fbbc1c6ffa5 |
| SHA256 | ac373c050a7f398aa212df58322475209f0f083e8b4e009f192ada09b99e4e4e |
| SHA512 | 44d79770497e754beb55444b831ef75ffd6f01fa2f4555a53e2e46fd1d39fb3e5e5966d7bbeb855f678de24ecc4fa97dd341e6ae5f4f60fd0d9298cc7aa981b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d933f15109b855d3035bab9e47b186f0 |
| SHA1 | a1e98d410cded859f9a3086f4f43195748f63c37 |
| SHA256 | e6f17e7391227a4e7132516b260150d8b03bcd06e10de8bf454230146b19b593 |
| SHA512 | e0d3fa8464d4462bae4e703e6f21ffb4409d2dd508f2c26afbdcc1ceb51747050132e855cd9b7eb277b66e2451da35701068f168df3d16d843e1922bb1585e73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 73b1c7be8d5a961733f88d9d27ca9334 |
| SHA1 | 95ce092ae242e3e077ca35dcc377d0e0415e6362 |
| SHA256 | 7c566635de950a17561829f0e67b983d0f462086700e07d6c7e9c42429ff617c |
| SHA512 | 79a328294893f065f110d4c8e5aede547b20576c100a9bd78fdc071c742b87b09b71e8a23ef9b06612c9b8df03d81611d9410fcc8769b08c43a991301c5f915e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b9253f1f6f307cd4052b297980e8e71d |
| SHA1 | 1b1f6defcd8d341e3fdc75eeb2a0ea1708762919 |
| SHA256 | e1216a31256ec0e0d36490b4e47f6dd900ce9cd92fb1fcd0567ab77cf16a3cad |
| SHA512 | c277201fcc43de2a7a3fe443a154b43e78302efd6174067ac10a6b9ea80fa693e92c46d5a8c2de95bf59b7eb0d4f4432fa518400da53adb6666c3cb6a59a0cdb |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 13:06
Reported
2024-06-03 13:08
Platform
win7-20240508-en
Max time kernel
136s
Max time network
134s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "3872" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "16412" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "3872" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10281" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "7406" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "7406" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10199" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "16412" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9497" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "7324" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 208f3f0eb7b5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "3954" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "3872" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9497" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000bb2cb2cf90ef2f0cd790b5185d45a217ce0ae90c4c1e6cb151f96c3648400ab2000000000e8000000002000020000000f338dcbf7fe3ace82fed24073d0cecddaf2f7b866bb61b312c1252b2f1790c3e90000000e02b00f440379426aee797ce9193668ebc236059d0d6ada5bcec3429bf57b0af1148637621ed090505144a0bacbc6874e3e7150ea22b0c538f1d1a8592002521cf836427ad6382f85376cf66e512a3aa5c5d6ba7af6eb708fa160a0653352911b62a8f2c12ec3469779d23f12ccc28868a38c1e6db7e3c79f44a40b64a78a8f78878b4b4d1f82256abced8b7f55edca1400000008cff0e21556eef9de5cb510d08ae4f29ff5183b802f7b0f73826007e6223d007b785dcbb1fa6a95e7b49e6c3f29b45746befc0a7463470b2437e5df330b2f287 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "12960" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423581852" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10281" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19783" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "12960" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10199" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "7324" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "12960" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "7324" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1760 wrote to memory of 808 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1760 wrote to memory of 808 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1760 wrote to memory of 808 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1760 wrote to memory of 808 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e3ad55db8f7ac8dccc0039b8bc5283_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1760 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | fd364fe4bb8ba0130e0768b60b49fafb |
| SHA1 | 4cd1d0be5c2a8b9f0017a623503d69a912730f9f |
| SHA256 | 5348c9ca54603ec2f55e4fb30eba1f13ebd9420d038f543138da52134578e9e1 |
| SHA512 | 73d11631fc9016b24e4408478fb34fa0bab3ba7b7eec0b9c4379296e5c8068d1d84cc8d2063fdc2e656762230ae1b0e32078c70c03bddc9ffe44159a164b6ae2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 13ed5e0369cedc64c8437eb9a493a981 |
| SHA1 | 880053c91809fef7b2a3d688143f554d5a05c0bd |
| SHA256 | 3560614f2f62c19498d2ad6c3b9fa8f232883167479de05e924a5a3ab19a8454 |
| SHA512 | 18b3c940a3b722b58c476af4141ab987ed9f7557c1e52f3f20548b2c209abd67c943761d22e20ed59c36d69f8cd911285aff7efdf2d20f51c35cad62932aefa0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 7fd81eb19a233f7a18791efbdbfb44b4 |
| SHA1 | 9cc39acae103daf08a00a89cb5ffea07f01e0e4a |
| SHA256 | 9382b304f45a2aad0de96781c4ff9916b4eb61cc43d234c5c776cae9c4446430 |
| SHA512 | 7155222c5c0b0c7b2158ad492d43c0aa41c8a137f22e6234679dbe3e938ca7ab2ee7808160cfe0afb43bf8c35658928559d888d7c1d3bf1266aa97256f134445 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_DBD1FAADD656881B5EBDBC1DB3D60301
| MD5 | 10297340a6fdf3b94c75a0a3c999ea38 |
| SHA1 | bdb2a4cfbf72fb5c4226384f7607a3c915622e8d |
| SHA256 | a05a5be2a343ea192b29857d8280590df0f85c2c6e880564b95d228178fa15e2 |
| SHA512 | c0605edebb6dc58f49fd85ce5ba67b41a31c61ec1bf7e8fbe7ba85ba2424eb4ae461318e1b34f61d03375d2b06e10a703d1515d9f47bd7a779ff3acaeb30d279 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_DBD1FAADD656881B5EBDBC1DB3D60301
| MD5 | d56e8a9958811e5d78e98e6667fe9d95 |
| SHA1 | 8029dfc8298249261fafc49d0849e17030d4e4a0 |
| SHA256 | 530de98cd37b6d5c78973086e0ebea5519fe8426659cc8a0a09022cd47ece718 |
| SHA512 | c5ce434c7ec865ac73079565eab541e58842b0671c86dd4cbaa1fb223884ee7557f808baf984706bbd0d75cf3dc41f97dc5aec32a45091a2f172657d2ebfa24c |
C:\Users\Admin\AppData\Local\Temp\Tar19D.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\www-embed-player[1].js
| MD5 | d2056f8d081fbfffcab81d61ea45b151 |
| SHA1 | 710243082f40626f64943ad3b656400f444d7130 |
| SHA256 | 49fa9b168cc8bbc037cf4498e31c355509e9b438b0d19fcf750b1c5fbd1efcaa |
| SHA512 | 530ca2c291c44d3d2b5869b0ae661ac047748a5cab50de280a2c8dbd26b52cdd71a906b3730e8a849debece542eb919462a8407ef2410acf28c57d2b6068cc14 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\base[1].js
| MD5 | 9178a954abcce420219864651c7787b2 |
| SHA1 | f874d3e998441ba6439cfd7e89514facde08cff4 |
| SHA256 | 40cc1692dd4d8e1c8ed29593ee222240494b872b734c0e31da4628014da7346d |
| SHA512 | 927bf88499cdd64ce32f3780a0cfa88b14fdfbeac6a237454dcc43ee5d56b04754a40dbcba402519637ba1a3b0f948a597260a74ddb0b316698a41559d8e1cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_434205A76CE72E9356C6165EEA1227C2
| MD5 | 9f2818b6934693c6f8b336938c1b83f7 |
| SHA1 | 83aba9f7c80313992553f1c40188e09a404ae943 |
| SHA256 | 1bd3a70b593d33b1bdc4af80560509778580aed3c3a6a81c0085a7e6c41bc37c |
| SHA512 | 75651c264caf478f23f6a3abf8989e38de20ed2469cdf03cba38ac92d7e4b4c45e5fe24db57245a7fdfc2f9f61320ee72fdcab498ec614338728c51847516366 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | d87a0e76f4e052a290e4485d5488706a |
| SHA1 | 9c4db683b6af6de794d3ccea1251483584529672 |
| SHA256 | 67b73f1104f30a68ebefb9d06f48e4dca84ce75da234d2ae7576cf9a93cf80e6 |
| SHA512 | 4af6126ba9570e5e6af4b0e3e77c8c52f2d00eb8089d768a965469f5a7e2aad6715d40d6bce66fb8ff2fc182c632357e2a1fc3d3284ddee01690ed74fa5bcbdb |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 788c33fcabd021575d1d29be493dbada |
| SHA1 | c6e9c11dd212367c709ee0a2d44fdb9276863ede |
| SHA256 | 74b7470147248876a411ede9d9c8d290771624479fb3b33cf04702cdeda09ac1 |
| SHA512 | f2eed1c56cdf8d3e5e2a1f6109d83e593d8887fb6ed4cdab7a3ecd91aefbefdedfaf20c2c5666c72ebf18055c6808e02bb0755e4c7a4002e471bc79116c186cd |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 4a2ac94133297f2ba36161c50e435c82 |
| SHA1 | 4c2bf22622bb4e798384ac5acee5bef8832cb610 |
| SHA256 | 84bbd746339512ba8a67941707f01e4bc52dc3537a3268cff789fa4cfa49d3f5 |
| SHA512 | 03cdef6d5e3b9892618d7031731c83734b2c67ced5456d5c4cccdb90777dff8a965209ed4cac1d009703541842463ddf281a246483f2712b9ea8a71d341117ff |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | eb15c3893f68fa6061b844a184842b7c |
| SHA1 | 03b5fcf9b09353fe8faeb8ece87dda58cf2e493c |
| SHA256 | c3f56da8f58dcb5030bb6fa739c331522679355f647147f3cc3c487c658248b9 |
| SHA512 | 07bdc5e872431187aec65296bd3a6239dbd4f00d4f2c0bcf74feffdccbf26fea4565a4a77864672ae46576f4953926b8d819225efbbad52c50b51adb9bd8a656 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2XHJXO3H\embed[1].js
| MD5 | 322e970509e24ab233b6c326a9339623 |
| SHA1 | 10e2ea809ae638d5f32385d05c569922ab19bc17 |
| SHA256 | 99cbd012a57f19a3fc1b412866ba13d6b9de2a5bb22449dcbf14ec0a88937000 |
| SHA512 | 8f8bdc9418feed04e6fc7415e9e57f0934a6b136b1a763e0e39f67efa47e004a8c3385105a1c1dd9fa48ada83ac5a2a93940f20a99d6d16722ae903c93d9817c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IW68H88T\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | e841ebba2c071ce142661766a0a6a6b9 |
| SHA1 | b22c08fe0c0cf3f4755ada6c768916d1c72b3d84 |
| SHA256 | c3fdce7702f2aba5923e0791cda6b7c895338838ccd53051e4d03a0e8fa0247f |
| SHA512 | e7f526400b2b8939a990ade74fd997fc0eb1c3b99fd7a5eefb85bf6608a4b96a84edbd83652e1babcf35c0f9539038266ba4e2980c557aeb90899d7b0bf4fffb |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | a28f2ae89696170ca7d71bb9cfb5f1eb |
| SHA1 | 2f87a381e4519bcdc7edf0936a4f3086216ba54f |
| SHA256 | 8ef04fff29899e2ec00bf8a15e2cb3dcac657223e33309adbc7f7292efa5dbb2 |
| SHA512 | 0f34cf1fc1e61c6df3d6bc2a3f6aef0e4939b880c2115ebad3fb7f54c2f2b5c551cb688b5486134087d6eaa349ec5668fef2b6dba7dacd621c8253d93185787b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | d480c6cef68926b7339577ccd0f57531 |
| SHA1 | de4e97f160356a5155728e59c344ae5db46bbe12 |
| SHA256 | b45dd0b6b46428f9e63460183012374bab945e64dabdff6c7353d095528158c4 |
| SHA512 | b8848cc2b4fb277ee3dc68d44646357475800f159e0ad0426c8afe873bf636da9a7e25b81d2e095bdafb3aaf2632c86490de6bc751aca7a248cef4ddb630cb23 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 6d83f55d3de5fe7f2a784b54739c1b46 |
| SHA1 | 2302a6e0545494e12a18a3f09cba3085d533def9 |
| SHA256 | b8b26bb65215955e4a42788351a1b2f5e2228ed69470862d86ac963bea20217c |
| SHA512 | 77cde20f33db515fdcb25ce7fca93017fa27b0bd32d9441762aa330559a632230848f97467c596b9adb1932055c0ed7ec34142d0af3a8db894d60e97ac7a8517 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 08eb86dff3b9f953c790472a5a0b78a2 |
| SHA1 | f4bb833c6e251c9019a19cae48bfe48b478750ee |
| SHA256 | 07491fb3617f7c888ed2ff7fe29235d6c561116213af783c3c5d7c79e03e7b8c |
| SHA512 | 59dda14ded872b52d1f1f032179c9cbabecd38662d00fdfd088ddc4300378f05a062715a324786e883784a9361a42106d8899ded353486be31852a8f36dc8387 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 8665fa1f7fde42264d6b4ead9044ec13 |
| SHA1 | 1ec5c2f4a586b36c99b301e74513dd5677f40e9f |
| SHA256 | cad0bda16e2a5cff29a0310d8bbab2ec2063164e3340a98fcbdae81861c3ae43 |
| SHA512 | 9b1f9fdf62ac0046080061d30e66da2fd9f122cf605ee4cf1a40ea4632eb30ecaaaab51b0b7864b32e860adc6024d9d91c95d6476079dc315c7e5b69940e4c37 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 3c72fb259cc1ae719f309989e74f9103 |
| SHA1 | a3c3c174bfbb57baf4c44d8fc117a621498e72ba |
| SHA256 | 1f47b63ccea3518e3dcba78fd94cb7202e027980796c6c8d94e0955e8f0a6911 |
| SHA512 | 8d39a45efba9cb92c9da1a98fe00fd8b6a309a5cae7a34f2c8f7d65d3920034f72a0c65638147ec82e1f0f530439f49300f99570433abd9e5b56cf68be0b75e9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | de4a08b5845845366cd3496aa6a912d0 |
| SHA1 | 652b1d9f8820f9c2e5c9d2fcb601b0437c8dcd70 |
| SHA256 | cb01222ecd240037339af3f1b1df5d83f6f62a0298e2881e605ce691dd464023 |
| SHA512 | 353fbb934348678b8d15d22c0f4e662e209f49316215a5efb9c31eba8a105cff5255363ff01cdaab09198fc5b473bb95ac334895edfa5317fa4c31e62b071a17 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 70df655feea04365f342019a12aad878 |
| SHA1 | f1a3aa723ae3a979f8344a37735861a327f2fce4 |
| SHA256 | 3bad86a8214d053d4ac30228f7c26d55196b88ac4a810380f5a9efeed50cf63c |
| SHA512 | 5fa1ba21294a3febe05e066b00b0f8ba5a6a1d02088c6580b6959d58fc5bd5d1295bf9939774cf92c45d250c29546265d78ed560934867890298ae86e5d35d02 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 8fdf63266d26d14e96b4004d7da2a80e |
| SHA1 | 0e6e3d8bde62d894cf9a319b51ae5f308cb79061 |
| SHA256 | c34073d6a7811d2bfe98a562b9733d4d6beda9ab76e6ac28ae921939f6c38068 |
| SHA512 | d0c98ebec075d8e41fb6de90f356052697eacdf3ed655262d844b8f3d45e550646249ea1c62e292f4d371e43ee104e7e09fb0609e8b569779e2e362b694b78f2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 8f08396917f9bbb9070900e01468176a |
| SHA1 | fb0a47966bcf5551cc8c3b48eb6c262b70b95d98 |
| SHA256 | 9667cd8cea5d85c349061352a03fae5ae093663e6b7575fbdf553b0726d949af |
| SHA512 | 6f3bf25ba6c51d585bc12ba86bb26a92eec012603c1f0840ff598e3e09614bc05761dfcb92c4c484d1c01f90f654b1ba09362297ac3aca9cf3cc278134cab0fc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6c04293e15250225e14bf644dfb2935c |
| SHA1 | 4b3b7eb5a27892d9c81f82ad97481c780c3c10fe |
| SHA256 | 75caa8d4e415c11f8133b9713fa24a815d798c051fdc6ee5b42a9d7af7d75366 |
| SHA512 | 540f7e7fe43e71d9c6872effd423b72f4daf35925f293b44d2d07356032b3120c9b8267c5d0f93abb7317d86037ca4ac7770e8536a2804cec47a22a0c43a7fe4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e886b676746084a29cd3e77612d1233b |
| SHA1 | 48fce8b485549f87e85dce952083666d790f8a5c |
| SHA256 | 123930ca08a11030ffccc4da721bcd60865edfd08a6cf9e52c3e4a8cea3a628e |
| SHA512 | e481bd825188f2884f4b19882b96fedccf5929ae92a4009ea0e1663cdcd5f5360bb40ee89406affe45944d1080507ba9e077ad193dd5353f6e7ed76cbe1cc336 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 2b003eb382003b9a65bff98c10d28a29 |
| SHA1 | ed0a361356c31924916aae43c83fac4d3f6a79f8 |
| SHA256 | 781cc7a332b24062905a1ba8a1e2e661ee242e7857d58f84d1892769d14514de |
| SHA512 | bd59ad9ed3f0ef25e5cc5a6eeb59c3c29764a5e5245df3739316e4f723cba3f6fb59666a3772160d10c15ae8e90a2bbd704b8800fbe92fce61f19620aca5a8c8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e0767ee1e371f59771cb0d07626d3023 |
| SHA1 | 876fa47f2f29257bd9f6469eb02be3880306e269 |
| SHA256 | 3dce4c54805ca4b8a37931da732051511c8db19e1062e67d32297a910fad8bec |
| SHA512 | 3e53d537a97b0ded876a3f452680037911eec06ad017ae76777140375df0a9517058c21104b05c898d4ce991bac716cee5f402713f9a264925244e0748691766 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 312f7d0fe53723a2b4b938a0230a5428 |
| SHA1 | 91fce1c5b58ff605d22ba4ecfc102888d314c39f |
| SHA256 | b832b044ad55033e13cd8027f740fba2b38e7edb4465c18a81959035de436f32 |
| SHA512 | 35fcd441ec40c5af74e3a42064f74a19a64b06dda70c363c54a384b780e317c521ff7a9638b0c48579116e40d4de7b260f2268a5357b06ba903628e973abbab8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 674608c658702cbfe7bd006d741f8c28 |
| SHA1 | 3e8ef3615218bae4d6ede9bbaa71addc63046241 |
| SHA256 | 6ddcb7ef39e31e39fd55187657fad8ce559ef09b3f8eaa9bdace192d953d1d77 |
| SHA512 | f20da1f39a1eb0a921673c4988c95551a40e4d7991802bedaf12aa099ca6bf2333e040d616887f04801d5e939cc2ba95d139c803b9bc3f69c63dfc25dab6a10c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 96888bf947fb7ee91d66ae9a3dcde041 |
| SHA1 | 6bfb6e2539c94154deb32dafd8652a8664d76c2a |
| SHA256 | bbd03b2303829821304532fac8c84211c9250d95a120ff7ba8b8d2a4fa890f12 |
| SHA512 | 1ab1121ed03822a5e315b15a555a87d141c9eb2d419ff7b1b041f1c53100813e19f484e8196a52d01f2f12fff54146a086323f22e56e11fcc0aa305dc362b520 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e24d7705ffa7d09c9c54da4b836445b4 |
| SHA1 | f181c3dbb5411fb455f177af68351f31370fd798 |
| SHA256 | c0dda6e7b1233ddd76b26a6fa66fdee8368842df75c6646ab65a88fa3e2fd1e3 |
| SHA512 | 3272972b6af6ea467ea114740b313ac06edf4a301ec85c4d2be4f2f7fa39d0aa47d7e6d67d245298ecd7f029efd1ed720fdbe87138424759ef650802c166363c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | beb7dcc7af71cb52cbd880bbccc54b96 |
| SHA1 | 1caeb3eac5360d5007c5602548a32ea37c7deeca |
| SHA256 | 2defe2fb44838ec9e50ec61e2fe4e17561cab925b96c7f65f65cf3a7ce30a015 |
| SHA512 | be3486b242cea2b5a00bbe49436b254b8563a5b568c30b079ae70bb6ecab3a9f4925f7688ca445f5c7e2a554d747792002495736e9d57d4f7779ef032f9786f0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b29518f348140c29f42473c1cd56adeb |
| SHA1 | f8926810a764594959f3891c1019506b6423c5a5 |
| SHA256 | 8906a57fe9d5f94c338107f38448565b9690603cefeedcbf566a9d546d141b42 |
| SHA512 | 2d71477d5d133e4049c5b12f9c359b6e46931b932fc323fb8ecb858ebb6b8f6a1f59d07d748cbd183157e2715c0c4f53882dc00fb627bf64817cfa042ef5b968 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 947b4b7fb286bf501e2d4035dad44f0b |
| SHA1 | 52acc1a3e3e2415dc56322a8bbd4df83b9c1457c |
| SHA256 | 26d34c4399e54c187c72e87e267bf0959eae9fb63521370cbc1d422d7fb5acf4 |
| SHA512 | a901501ee87ecce2341c1baccc194394fee34e854c828982ee64f3f04982081294f58a51ecdd9b00b8f87debe96064e6d61e177aae570efc31686efaed79e7c9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 4276ab8b6368dd596ce92e9064bb7433 |
| SHA1 | 0ffd61f1f88158a1d1bb8c77da6286e5711959a0 |
| SHA256 | c33ad6e139feca15fdc483a36be0b0211681efd2e1323bcab46895a4b53a3c2d |
| SHA512 | 3f97256bb3aeb33f260dde63a8f7ac3986f3856dce0e68638c5b99b1c543e4a90d55dbd9799b2d860d147426d5a23d2dbe30fa07dcf088eb703de7a8f73744d3 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 94272a984b1aee915d2c3f993d22ce35 |
| SHA1 | c4288569c2dc7cae868dff5e65235d165e893a09 |
| SHA256 | 6e063b314500353eeca42a1013efb9d5aa6e88793bd4a4c0edd8d01452300329 |
| SHA512 | c995da1730d945a095e8519e8e96dccb40701efa21e29de30b3379097e1cbe920d47fd7ef85e8020228a79099db5ee4f609bf8254701f211ba2ad7a820687687 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | b6fdacfbf257ce9578ccccac24d4d377 |
| SHA1 | c2696579fa56588a5070a9fd7c53426ba12a76b3 |
| SHA256 | ff9068c982099b2105067f9464b673984c756c05690cdee03889c24cb5e5cae0 |
| SHA512 | 81ad4e92bdbf53d2a91bb7a18c21b9f1d8d6c034f605a7ae64eeaaeeaf2d108e585673c160d2708ae313c67bdb1b82dd5edcf07c1a3faa3261d1a0af009c1fcf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a3992d97e8049546f5851a704236299d |
| SHA1 | 94ba635ae0e59ed5c3bdd00ebd579d128ed450aa |
| SHA256 | 11a87ec212265c9af7623971166c09449133660453ec3724e5eb41217d9006e5 |
| SHA512 | 3b5cf6c9bea5896bb5ef8ce35bbe73d3e2d909e720d6edc51a44c37135631da56fa3d8a41999046e6c6b8bc3e77496a1db6d5ba378416767480c6520e7671bf6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 98f91d93527571aa4c1abf54193ec2d7 |
| SHA1 | c85fb48e8fb807a4c7c6474727b9da73ff75f611 |
| SHA256 | 85c8666e4edf36d11658e856c6d166f1c386fa3f545f8bed558bb6d55d92f260 |
| SHA512 | 36e0886f6ec5c1f4bb3e8cfeeae0dd89711e19d96db27e1d73960f8e6c286ba09fe9628a5dbe8fb4ffc013da806a5469eca5fb355a2c9def9a7fcb9fdd830136 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6890da57f3abbc3d86055b7651176bc5 |
| SHA1 | 6e915612e13d1e3c702a6fbdc3f9a4c263df40e2 |
| SHA256 | ca54a649e8daca77147810f73a1b67b0202f358bf6095e02d10520ae89b90cd8 |
| SHA512 | 92b0798df928345834f44330784714456d6684a40f8f9cdc8d9d299faff2332850b236bb40b600891adacd96cf1daf615f6e92c0ea72c639cfddd99a1850e94e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 99d39a3ff5975308ba8eae9399b83a21 |
| SHA1 | 5d1602782bf9e8b54e45d89dff3df4387acc2b24 |
| SHA256 | cf0f841e54adef39685a1b8efe6c8c547babf3c55d75e204215b668bcb2b018b |
| SHA512 | 12c1ce31d6d58512f721ce0854551d06ab2bb0c64599de235be8c8b8fb81d8145e45c4a4208f87e9ef69299eada227b5e99e526a3d5025e73b6d71c414010bcb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5fed32a47c9737772bfdba366f2f82c4 |
| SHA1 | 7e2c1a970d3a2cd24a8a96f13613ac101651657b |
| SHA256 | 87c851670fb18f0bd4e893f1a4b38ae0b4e9ae70809c59dd15e96813af2fc439 |
| SHA512 | c3365612fdd734ce5188b6c993c0f9a29e87b2f1c5cbffc5f070870906b830929a315e9fe2b5c49665c1b367b059d5f1f8e1534abc75041674afacae6e0e7ff8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f223c62369d16388aac46396d1ee2940 |
| SHA1 | 2d4665a2089cfbe4ddddc2255305222c14d0124f |
| SHA256 | a93022d3e47c7b529cc2883e782e6c5b46c1202844427ecbf39b662df1049ee4 |
| SHA512 | 55ec2f083da9bcc8ab7984721c033e697ff8b458729181cb5922aa3afcb666c64afc2579ceb8919560c852bf623450aff211ffc490db13a86ec001da2b58807b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e7e88df2ab402dc868ef07f5735d446e |
| SHA1 | fc1bd1b6bd441e6480fa07395867c72d3855f121 |
| SHA256 | f304399f2c8d9c79a13f2bda7aba1535345b324e8f3de042c1c62b2feae11ab1 |
| SHA512 | bced6cb2d5fc49e6f4187317856958a52b565465aa66cce5f66eb491c54d66d18afc006afeb15f1ee811f6f26ee4d3a18726a9eec6d18be161c74888d23c31f5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bbb7d43b507ff473c801622e493f7296 |
| SHA1 | f49692e9eeb425e62dd14ba9f4ba8f9c88a30791 |
| SHA256 | f166023b21673d1a8c17777d937339c9581cf06e280fffd9720ed2a049502c4f |
| SHA512 | e8315ac920cb127a45da21e5fde92738f778c2caab9281be04a03572f1dc10c8abba73b547b69331b828926c43ad87d0a71c0f8e0bcae683121e80219988acee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fd4b677c59fcfe6e94bc29b1d7d6bb52 |
| SHA1 | 09378cf4667df85434e16f179a9575123a826121 |
| SHA256 | 2d1d514428ad5fbbafeeddf80c0a94a7dfdcb51182d1bc74ad637e517101c107 |
| SHA512 | b36b349132e9dcf7476dab8b32a2a5f5b9c90b7724c3228c18469998560e5e945fd6c0f79c6065600a8acccd0656497f8461f00425e049e768e4d377bb829455 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 23ac3f6b37f7916cb9c2397b0513ea50 |
| SHA1 | 9c64609ae9ca40c367038480a014e1f6be80c2a0 |
| SHA256 | e64ddaf525337aa4d6b584791f6ed94bd98717a38f1c14aa3b0af6ae68cddefc |
| SHA512 | 99ef5a4d1cf4547ba1d75c57eded90864a5ac7f3f2143cee00df9139b4f4c918903080077d336708ef5a655bfa31333c7728bc3ed682bcff01f29f7ad284110f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | cc2b46d77f5104ff1ceb0876612263d9 |
| SHA1 | 221814aa942058ee97d5af374ba8ff5f940548cd |
| SHA256 | 3ee7e128892191602d04e25399507bda9a34f378767259c3e24c4a532e81ecdb |
| SHA512 | c6ad596f98bd1486e8483eff4b6f611985fd6653c7af5ea0523c83a16832d829c4c5a5c1a5ce6c24d6b596ed8bde821229a43c2ba21eea24f005a9f7880cfd3d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | ea7dafd5679d490879b999e8c8dd6594 |
| SHA1 | 09bbeada1f4ed5afdd703d3d07c72523b09e887a |
| SHA256 | c1a3a50f9f724b4186b5dcd88320e92ab74f763968d2c265ceb87dcb5716a2fd |
| SHA512 | a61e83f1a2273351a96de65a6607ef86007dddc31ab1dfc8fa86f6089c4000dc5705af53664745c94010d1afa85404e69d7c35da37549b1c6c9d4ec4e1c9e734 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ZYW2OM7K\www.youtube[1].xml
| MD5 | 109c06580a620421e88d11bd47b23903 |
| SHA1 | bef2d6cf07ca4b78085cc00e316e7bd7ec4d64f8 |
| SHA256 | 7ac6f72e3e80d5e3ac9681f478c9aa25dd78ed27e184b6cf89e01a358c9c6d2a |
| SHA512 | 96ad38d59681773515296c8061016cc1bc37349df8d13f2d385931fe1226a1cf6d6c7999a77c6fafc5971334342b1bc0a0927c90815923a1ee8eea0fa885dfd9 |