Analysis Overview
SHA256
62b8843ca2fc1621e982507cfaa281a2c91fbf02f9cbdc9c30ede9115ba05112
Threat Level: No (potentially) malicious behavior was detected
The file 91ecbaca7904162dc6dcea8829df168c_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 13:18
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 13:18
Reported
2024-06-03 13:21
Platform
win7-20240221-en
Max time kernel
134s
Max time network
150s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423582581" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{C69F0FE1-21AB-11EF-A6D5-5A791E92BC44} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2236 wrote to memory of 2240 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2236 wrote to memory of 2240 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2236 wrote to memory of 2240 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2236 wrote to memory of 2240 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ecbaca7904162dc6dcea8829df168c_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | cdd.net.ua | udp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\CabB0AA.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\TarB1FA.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6181ac6307e3f13bd952f241abfb8d03 |
| SHA1 | d510db8584dec098075e75abe54eaa5939fb6cb4 |
| SHA256 | d44573b4aebbb2c38918f6e3ec22d12b34323a7f47581d83b2414427581f382b |
| SHA512 | 55e08b866b044ff8a546fe1713ccb21d120d6628dd69d81721c73c7772cb309a71658e9cab492f52c488c19825fe21e4fb30d3a728e225761225d169e86f6990 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3c9e3a23fc72df97170018d31f53283e |
| SHA1 | 95a7b1f342b5439903c24b28e55dbc51c4867cc5 |
| SHA256 | 3161b8732e46e7583c21a854f372fadd0b855ce5f718cc4c686544896e1789bd |
| SHA512 | 514da9567f24cadf984a851e917e4a44e6852c13f3c87cf301e471f5ae6791edc7951461160034b9737569420b28b1e3eacd89a1d7df945d9ca77bc294d62f05 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 640dbe850de4fc26814eda0d804ffff9 |
| SHA1 | 6cd221dbde547ff0e22048a007f012fde26961b4 |
| SHA256 | 0f0b92876989351553c4bd77f77e468c9f9602fc0558c831d65eadeaf99498b1 |
| SHA512 | 46e5cd2dd97fbe622fa7d934c952b2a6a4ee8bfa8f131d751a7bc005940a3418919b11803871097d510f55c4437863e26fcd70f026025d09c6e7b76cb9034023 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 545c2829541f306695f5733e28373761 |
| SHA1 | 45b7d133bfd2f77adc5b9a4b85081175efb167b6 |
| SHA256 | d69406ccd4246bbd69889561c01eb7f355060f5888dbd8932e813f53d2d460db |
| SHA512 | 89e8ce297da7174e3378abff026ec24b44d9915fa4035765c93235b36840b4acbc013e814298bb2a9b7b26088628a32f02fa03bd78f56e1b074c8eb7c40bf21a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 90261927cfc9ab5ae15e1abd67c285f2 |
| SHA1 | e33228ae9d74a5dd427526112e504b271bcb6857 |
| SHA256 | 58511f1e67898147be429d7440b782d3f2c951b80ea53a673dd838fec60178eb |
| SHA512 | 5257a7109b59d7d21ae39c9f8544dd5ee69937a92d48df21f8f9b19e722ac2e78eb1aba2359975c3d24b61b6878e8bc9be8d7db52463d4a47e4a930f90eb337d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b61578a866c63a1e4ec845e750a5e2aa |
| SHA1 | 0841bec89486ee93c3bb087d275c667aa2baab74 |
| SHA256 | 16aff5b1e70d86ab7dce605d563235d4d87d2ed15b6c2b5ec2b3c5e9c8f0b37c |
| SHA512 | 4e3c0fe03c29787351a64840fb219424dcc79a2d7c63c53ca31825d037c262de3aba43ca1706a4330b005943a1278b37db6a39cdc6d2e5d0d2ec360a4df1a0e7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 539e878414a75569ff0f2168f0fe817f |
| SHA1 | bb88ea3af63538416191e61eafbf496dd30f19fc |
| SHA256 | 0fc5d080f080d9eb2114bcc899a48608d2ba67a0ecdbc8a4739362bb865b5827 |
| SHA512 | fff097cdd677768aaa16d037b55c790da0fdecb4adad5de09105738dbaca9646735b33042801a31e1f2aff377e98bfd3906de5e2110fbc56354c12f8ce31839f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c5f76dba6504f7fc28d116b9959c656f |
| SHA1 | b2578fbb5a4fc441f26aa10bda8346b7799ed3f0 |
| SHA256 | 4954f72637ee62f14a36398f6e47dcaf2016cae3db894a15aae0c6f69743ffdc |
| SHA512 | 3803469d3ccae7edb3810fb3dda2ed4b6dfb099cb367ac617f54a0e6973e2237267f44c15b0034afa6af72b37133581fc42744b88fd3743f74d369b6efeb5946 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d73fde96dd3d7c4cb95ece28218f6bf4 |
| SHA1 | 659a324c160861eea3628aaed94d30e4534a0d32 |
| SHA256 | f416792966c8deb480c5b342186159a304092484e857c281023e6abcc39b973b |
| SHA512 | 55bd72ace4df51ea2354d11dbd98d5598eae40d188fc3386ef318885c80cd9b05e8c4fc8cb0f27f4b88fe962999240308da287b9f46e30a94dc15e422d1d3ec8 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 13:18
Reported
2024-06-03 13:21
Platform
win10v2004-20240226-en
Max time kernel
141s
Max time network
150s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91ecbaca7904162dc6dcea8829df168c_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3692 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4948 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5388 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5376 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5540 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| GB | 51.11.108.188:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | cdd.net.ua | udp |
| US | 8.8.8.8:53 | cdd.net.ua | udp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 2.17.251.4:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 2.21.17.194:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.17.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.253.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| GB | 23.44.234.16:80 | tcp | |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.42.73.29:443 | nw-umwatson.events.data.microsoft.com | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| US | 8.8.8.8:53 | 29.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 13.107.253.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 152.107.17.2.in-addr.arpa | udp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| PL | 89.184.88.6:80 | cdd.net.ua | tcp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 27.178.89.13.in-addr.arpa | udp |