Malware Analysis Report

2025-01-17 23:29

Sample ID 240603-qj52bahb38
Target 91ecbaca7904162dc6dcea8829df168c_JaffaCakes118
SHA256 62b8843ca2fc1621e982507cfaa281a2c91fbf02f9cbdc9c30ede9115ba05112
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

62b8843ca2fc1621e982507cfaa281a2c91fbf02f9cbdc9c30ede9115ba05112

Threat Level: No (potentially) malicious behavior was detected

The file 91ecbaca7904162dc6dcea8829df168c_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 13:18

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 13:18

Reported

2024-06-03 13:21

Platform

win7-20240221-en

Max time kernel

134s

Max time network

150s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ecbaca7904162dc6dcea8829df168c_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423582581" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{C69F0FE1-21AB-11EF-A6D5-5A791E92BC44} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ecbaca7904162dc6dcea8829df168c_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 cdd.net.ua udp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp

Files

C:\Users\Admin\AppData\Local\Temp\CabB0AA.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\TarB1FA.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6181ac6307e3f13bd952f241abfb8d03
SHA1 d510db8584dec098075e75abe54eaa5939fb6cb4
SHA256 d44573b4aebbb2c38918f6e3ec22d12b34323a7f47581d83b2414427581f382b
SHA512 55e08b866b044ff8a546fe1713ccb21d120d6628dd69d81721c73c7772cb309a71658e9cab492f52c488c19825fe21e4fb30d3a728e225761225d169e86f6990

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3c9e3a23fc72df97170018d31f53283e
SHA1 95a7b1f342b5439903c24b28e55dbc51c4867cc5
SHA256 3161b8732e46e7583c21a854f372fadd0b855ce5f718cc4c686544896e1789bd
SHA512 514da9567f24cadf984a851e917e4a44e6852c13f3c87cf301e471f5ae6791edc7951461160034b9737569420b28b1e3eacd89a1d7df945d9ca77bc294d62f05

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 640dbe850de4fc26814eda0d804ffff9
SHA1 6cd221dbde547ff0e22048a007f012fde26961b4
SHA256 0f0b92876989351553c4bd77f77e468c9f9602fc0558c831d65eadeaf99498b1
SHA512 46e5cd2dd97fbe622fa7d934c952b2a6a4ee8bfa8f131d751a7bc005940a3418919b11803871097d510f55c4437863e26fcd70f026025d09c6e7b76cb9034023

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 545c2829541f306695f5733e28373761
SHA1 45b7d133bfd2f77adc5b9a4b85081175efb167b6
SHA256 d69406ccd4246bbd69889561c01eb7f355060f5888dbd8932e813f53d2d460db
SHA512 89e8ce297da7174e3378abff026ec24b44d9915fa4035765c93235b36840b4acbc013e814298bb2a9b7b26088628a32f02fa03bd78f56e1b074c8eb7c40bf21a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 90261927cfc9ab5ae15e1abd67c285f2
SHA1 e33228ae9d74a5dd427526112e504b271bcb6857
SHA256 58511f1e67898147be429d7440b782d3f2c951b80ea53a673dd838fec60178eb
SHA512 5257a7109b59d7d21ae39c9f8544dd5ee69937a92d48df21f8f9b19e722ac2e78eb1aba2359975c3d24b61b6878e8bc9be8d7db52463d4a47e4a930f90eb337d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b61578a866c63a1e4ec845e750a5e2aa
SHA1 0841bec89486ee93c3bb087d275c667aa2baab74
SHA256 16aff5b1e70d86ab7dce605d563235d4d87d2ed15b6c2b5ec2b3c5e9c8f0b37c
SHA512 4e3c0fe03c29787351a64840fb219424dcc79a2d7c63c53ca31825d037c262de3aba43ca1706a4330b005943a1278b37db6a39cdc6d2e5d0d2ec360a4df1a0e7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 539e878414a75569ff0f2168f0fe817f
SHA1 bb88ea3af63538416191e61eafbf496dd30f19fc
SHA256 0fc5d080f080d9eb2114bcc899a48608d2ba67a0ecdbc8a4739362bb865b5827
SHA512 fff097cdd677768aaa16d037b55c790da0fdecb4adad5de09105738dbaca9646735b33042801a31e1f2aff377e98bfd3906de5e2110fbc56354c12f8ce31839f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c5f76dba6504f7fc28d116b9959c656f
SHA1 b2578fbb5a4fc441f26aa10bda8346b7799ed3f0
SHA256 4954f72637ee62f14a36398f6e47dcaf2016cae3db894a15aae0c6f69743ffdc
SHA512 3803469d3ccae7edb3810fb3dda2ed4b6dfb099cb367ac617f54a0e6973e2237267f44c15b0034afa6af72b37133581fc42744b88fd3743f74d369b6efeb5946

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d73fde96dd3d7c4cb95ece28218f6bf4
SHA1 659a324c160861eea3628aaed94d30e4534a0d32
SHA256 f416792966c8deb480c5b342186159a304092484e857c281023e6abcc39b973b
SHA512 55bd72ace4df51ea2354d11dbd98d5598eae40d188fc3386ef318885c80cd9b05e8c4fc8cb0f27f4b88fe962999240308da287b9f46e30a94dc15e422d1d3ec8

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 13:18

Reported

2024-06-03 13:21

Platform

win10v2004-20240226-en

Max time kernel

141s

Max time network

150s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91ecbaca7904162dc6dcea8829df168c_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91ecbaca7904162dc6dcea8829df168c_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3692 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4948 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5388 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5376 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5540 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
GB 51.11.108.188:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 cdd.net.ua udp
US 8.8.8.8:53 cdd.net.ua udp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 2.17.251.4:443 bzib.nelreports.net tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
BE 2.21.17.194:443 www.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 188.108.11.51.in-addr.arpa udp
US 8.8.8.8:53 4.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 194.17.21.2.in-addr.arpa udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
GB 23.44.234.16:80 tcp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.42.73.29:443 nw-umwatson.events.data.microsoft.com tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
US 8.8.8.8:53 29.73.42.20.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
NL 23.62.61.129:443 www.bing.com tcp
US 8.8.8.8:53 129.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 152.107.17.2.in-addr.arpa udp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
NL 52.142.223.178:80 tcp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
NL 23.62.61.129:443 www.bing.com tcp
US 8.8.8.8:53 27.178.89.13.in-addr.arpa udp

Files

N/A