Malware Analysis Report

2025-01-17 23:21

Sample ID 240603-qlqz6sfg5z
Target 91ef226593db80ca43e18938f8e8e771_JaffaCakes118
SHA256 5baa0d27895587e5120210ec57e9b3c908981fb6627db311942075aec9ebeb4f
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

5baa0d27895587e5120210ec57e9b3c908981fb6627db311942075aec9ebeb4f

Threat Level: No (potentially) malicious behavior was detected

The file 91ef226593db80ca43e18938f8e8e771_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 13:21

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 13:21

Reported

2024-06-03 13:23

Platform

win7-20240221-en

Max time kernel

134s

Max time network

128s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ef226593db80ca43e18938f8e8e771_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "12631" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "3640" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000066c608d32d3f8744bb6c71baa3bb7b7200000000020000000000106600000001000020000000beab78d99e03521bfa3f15dfa1ccda9a020b1d49340cf88ebbb6fb926a1484de000000000e800000000200002000000009214fa3d560c4d516c2225ac215ec85e4b1e4486dd2b057b8f2475e7c9e172d9000000083fbfed67ddf60464a18c87b638ad009481604f1dceac77940fde29055b7f56884303b728d2e507e147cda209c924319c85907fdf425f3e85e77c1d3899f0d05d5ed77221d269492e46bd642fa73c79f1fee640a3a66b14be46b62656391f3ae77d4c0a22431fa3cba1e820801c5e830880f2efd5a720915689ed0fa7ce9cb51f7037a9808ae5ecee20666563f0dd83a40000000dd1927438d5126b1840a83d77b1ffe3d54b63869b3fe8f295f3265b9c2bb0e31d96e7d51f1b4f9929760ff10e1b57235950265886f588bd081523d3056dffcc7 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000066c608d32d3f8744bb6c71baa3bb7b72000000000200000000001066000000010000200000003e75f309cf8a14639212d1a7ee41ef2eef9f6ffa9a55f971b9c5d12141372d72000000000e800000000200002000000093930b108f02d2da6f341c8ad28c4fceb5c5e469ad1af3a7e6c0d0d56f871d1320000000678d89ce98d18818bf6694cdd5a9484f0cf4b373c266cf61f572b605f7b7b280400000004983f8e41249ce0ade1440f321ad822c911e5bf97cefcd0a1efafba4932234b5330f6a6e4074f9c57cc85a857d2761ace5483d2b5f6931fdc167c3229ca35470 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "282" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "400" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "288" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9977" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9981" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "3634" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "3640" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "3552" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "167" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "3634" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "12631" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "12631" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9981" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "197" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "410" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9977" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9488" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423582742" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "3552" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9488" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "282" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9981" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "410" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "498" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10851" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ef226593db80ca43e18938f8e8e771_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 konthaiusa.com udp
US 8.8.8.8:53 www.konthaiusa.com udp
GB 142.250.187.202:80 fonts.googleapis.com tcp
GB 142.250.187.202:80 fonts.googleapis.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 142.250.179.238:80 www.youtube.com tcp
GB 142.250.179.238:80 www.youtube.com tcp
GB 163.70.151.35:80 www.facebook.com tcp
GB 163.70.151.35:80 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
GB 142.250.179.238:80 www.youtube.com tcp
GB 142.250.179.238:80 www.youtube.com tcp
GB 216.58.213.14:80 www.google-analytics.com tcp
GB 216.58.213.14:80 www.google-analytics.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.200.22:443 i.ytimg.com tcp
GB 142.250.200.22:443 i.ytimg.com tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 fe0.google.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\TarE19F.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 08764113a0090df4fb10d6d1fa6ead96
SHA1 0db51365917c1a721c3d2ecbb8572789b67901be
SHA256 057cee29566685e4c839a7f6710cdda9d6f3de5d11384c5e044730ed82f57426
SHA512 dbba9e674389dc4e83e66dc31697b389f685afeec5e65cbc0ec1d118e636bc5e7b1815e5960032cae3b7bcc5460b26ed1ef616a8ede94fabaa3a5ee6bcbf53e7

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 217419cf1824dc23694c1ca8d21c9c7a
SHA1 11256e69e123fd25027ce531e78aca1fde5303ec
SHA256 79206c4c8c26e47965f19e1cd67d5a9309fae38029c3870a89cc37fd49073f59
SHA512 1673257771c321b21fbf008a4f07e4b91165e6b1c52a03db3113d03fe6bf3f09f7b20f8827efa1cf675a96bc2497475f4cb8c4cd14628bcf10af4585d300db56

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\KFOmCnqEu92Fr1Mu4mxM[1].woff

MD5 bafb105baeb22d965c70fe52ba6b49d9
SHA1 934014cc9bbe5883542be756b3146c05844b254f
SHA256 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
SHA512 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\www-player[1].css

MD5 6e076abc1095221e4e3e21dbd9d1db4f
SHA1 e908cc0f7829aea16b42d8fec6aad567c41f587d
SHA256 c7e69ec7e436426c5edb45bb5fdd943623f987ecfdb86413528b596e5b0888e9
SHA512 3ceb46ea8e5d5abca4a1a053f20b38ac6d6c9ee60594da54122f4ff09422495261dc9356d0ed0c240ba44324c37bde120a90655b2ea40556280df674ab44fe2a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff

MD5 de8b7431b74642e830af4d4f4b513ec9
SHA1 f549f1fe8a0b86ef3fbdcb8d508440aff84c385c
SHA256 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a
SHA512 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\www-embed-player[1].js

MD5 d2056f8d081fbfffcab81d61ea45b151
SHA1 710243082f40626f64943ad3b656400f444d7130
SHA256 49fa9b168cc8bbc037cf4498e31c355509e9b438b0d19fcf750b1c5fbd1efcaa
SHA512 530ca2c291c44d3d2b5869b0ae661ac047748a5cab50de280a2c8dbd26b52cdd71a906b3730e8a849debece542eb919462a8407ef2410acf28c57d2b6068cc14

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\base[1].js

MD5 9178a954abcce420219864651c7787b2
SHA1 f874d3e998441ba6439cfd7e89514facde08cff4
SHA256 40cc1692dd4d8e1c8ed29593ee222240494b872b734c0e31da4628014da7346d
SHA512 927bf88499cdd64ce32f3780a0cfa88b14fdfbeac6a237454dcc43ee5d56b04754a40dbcba402519637ba1a3b0f948a597260a74ddb0b316698a41559d8e1cd3

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\ad_status[1].js

MD5 1fa71744db23d0f8df9cce6719defcb7
SHA1 e4be9b7136697942a036f97cf26ebaf703ad2067
SHA256 eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
SHA512 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 f692f02b8f9dedc33a973f93223ed4b7
SHA1 74ff47253f5b8325821651089f9d4f04a78c505e
SHA256 eb6a7f088e7c59ffad69001f47f97233c7e971672640600032283ebb172aec97
SHA512 060feb49e557ae3a4be69c954525b685b549c98a56167f596a80b7fb3db21b7f1b8923aa29b07cbd036974b1cbe94e97e6527a6dcfbd8d390078be2df144c7cf

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 ba905f867616837fa814695a3cd7817b
SHA1 3955b3c541850145a3a447663a1a37f265122f68
SHA256 2beeb07213d6b8e4c4e2a2ca296b649be3d1234ce0ca56a896e8b311de281019
SHA512 44a5290c82bfd1bf2b4e469007c7fa9ad59a545cc6b89511a55e045a5ecfd3ead75f789108e9f65374bd77cc0fcc24261d552e6b80c4eed5ef1b34053ba99935

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\embed[1].js

MD5 322e970509e24ab233b6c326a9339623
SHA1 10e2ea809ae638d5f32385d05c569922ab19bc17
SHA256 99cbd012a57f19a3fc1b412866ba13d6b9de2a5bb22449dcbf14ec0a88937000
SHA512 8f8bdc9418feed04e6fc7415e9e57f0934a6b136b1a763e0e39f67efa47e004a8c3385105a1c1dd9fa48ada83ac5a2a93940f20a99d6d16722ae903c93d9817c

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 df483b69ac9ce9c8cd6d287516e5d24a
SHA1 bf618c1734d0ef7136f81c4d78c299ab8052311a
SHA256 2ae9592cf3785e8d8f1a3370f07ae331f37a648aed240dfb69a25a78ce83e2b6
SHA512 74b5f4ba20aa5671063116d86fe3729ca4dcdf1e78df37e9293d3204475110541fb894cfdb6990b48525b46e1932a16194831b00e983becb88c35e5d971234e7

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 47d6d73a3482b4dca0f5420c5f149c3f
SHA1 c6aa46531037061bad5bea7165cb1c5b3b1c2362
SHA256 4389981589c9e45fea3f21ad06e423e3fc91b120e12aa6b1814ef893a071f6ea
SHA512 4f6c56296467d9fabc48a0b94ae66db5f57d4bf0bb31b2f4abc65dc80ad339584d5b6c3da8695cf6c31ff4de9998636574bebdaf51c8eb85f92c72dc7056369a

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 b084d01f7fb8ec968e680921e180cf1b
SHA1 ffff46d1bec4e4e759e8eb48466d28adf63e3aa8
SHA256 c7ab36047f8c136688da0dd58c09ccb45179b5c7d075653eb316fcc3551e3105
SHA512 020ea141a31959a427f70df83faece99b5e34a80a7e2362cf2b8cfde1482947bfa745e82776167ddb11e8e8d9e3d4b06d45b91b37e7392aea3ae8f4c9efed331

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 815c75afea4af2e0ca1f123bce193832
SHA1 00bdaefe993c7b1e9e78e3386f8912a062a30065
SHA256 329842a2effeb1a6f836f9cd5fae5f048bd0deabf738ddf53f19d0dc0bb7345b
SHA512 6344194ea93d392006862c4485860c26f2bad0b7234c2466fb5c540d3360e4c642107701f9ff702de4cf79e28fbfaf80f59e73cf065ab7507f058dc6b16c0308

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 9ac7802737616f5acdf88f4778834a34
SHA1 c5438f1f928b235f14bc25ff0e3a3a979c9ce6f6
SHA256 1ad840e5ac221c4a20dc768b5c26f3d3eea577d7b7849497ddfc1476c81c4420
SHA512 c4a591c166be70a5b7bf70bddfd9f6a1a4f7717aac2aef94e35995a3b9024e2b553b77734559be977702032b5e099257725b435e7abc4b0c067fce9d1ddb9d84

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 f0ad2ffe9db0581a91ab68271211d358
SHA1 b0272789e439989ee4c045ee148842d1fbc2fb6d
SHA256 4944a1fcff5d857f48616febb477d0cc4247ec964aaa028c96d637c987c18185
SHA512 1c521d40e20d5705ae0ea3f5538691a6f4c5bb3987db71547002ff86e2bdc6c22829db6a98d444150832d7cecebc08a687d3235f7fbc9dced7605538e248ba10

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 6fb9b4161dbfb89d8c9aba32b7664173
SHA1 a0a45d6c189968e24f1e03e33c8fc9f4a0252903
SHA256 d30b534bd55783b27147a8dc74a8b27555be2e917f3e806ba33b5e1ea88325f4
SHA512 18841166f70b5a4ee065c9e7ba13838b5086c5afebb1c4a00e0eef84ae4d9c02356842f47c19d2b880ec8bc3325a1e766c84d50cc7f9a4324bdaf52c1c404d1b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 2099f1c976652fe6a098876ca7a89331
SHA1 9bd948beba7aefd9e9633715e65fa279876aea1f
SHA256 b6b277f44558a6393337b9104e39cf6add61a2af1febc105ad6e009757771598
SHA512 b415ec6b3bb9abd51ba91158f5205555ffd38f763d3c1f22eb0d7a2f1bd0760cc4aeb7a18e3ff2917881f6b54b9caf5e4cad20a71be6bcaa7bb55c950586b3e6

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 c948e5e6b01374e2993c9f3a897923b8
SHA1 46028b225238d89cbfe6062a03558c3eb841dc44
SHA256 905b702b042643741634e278c59da3b14e897a4d59c05a5a119a073e2d8baa11
SHA512 8afc415df51ecc199d1dc50bdc0078a6066153dde5a34a4156a2a8a084548c0438a17b062be03688a69cc922763c76edd8dd811689d0cde2aa705ba3215738b6

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 8253339d271545117a7beecb4cd2b8c7
SHA1 f7207c33836d4f82d31fd9c00fd5693448648bc2
SHA256 b2182195273baa625671f2e7237641c4e72886fa96a218074d51da680c4d01a0
SHA512 e09e40cb0b87ba863670527ba93c89382994e5b4a4ca35637d728f6a4f8ee9180bc2d5dac11100e28904a3948d7fbaddcde43d5ce7c9a6996f1a354251bd84f5

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 99721b4e1c684ae7ed4e006fab57438d
SHA1 10b9ccaf4c70a615e511b6b09514d1cc934a491f
SHA256 5e245aef2dcc219bcf42202f5940759f61b72f6667ebfdc181fc23cf54017ee3
SHA512 a4824ce2a076d60cb27b7e0a5e6d594e95ea8b9da61eccc0d15573f29c1b8b5098aa463d1519510a3b813c72415ad29c59eb412e09d8d590e7939f5f0b0186b0

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 a8fad380b013d79d01217d15fd4bb603
SHA1 d9b87f9531296e4dafacc97ae96a629db9c56eef
SHA256 a98edcece8133bc068a0d60f4de37bedc89cf103dda6986787ca79b1b35bf31b
SHA512 aaaeefbae4ef2ffaf4b565b51faa19e9a87225792acb7f45ddb6430997a72ea307bdcce6b770fb25b41a0149be99061825a926831552e86da76d5ee7e0bb8d83

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 d0ac6f6ecb76cfed47c378f6363bf775
SHA1 f14d9589456c0782c23ec4ae2d67a5a358693c38
SHA256 a9c1f47adca902425f1f330406012c57c8b40743450bab866fa1e0c108d6e10f
SHA512 44afe169e41d4952c62c26b90d1f79bf43e8dc973838f8226ddb0656c2af362fbd59eed6061bb1a21b2f9d88f06c9634e4e64a9ae479a3b580a756aa2d6889cb

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 6df5467a19767c38512e7e0afe63121a
SHA1 ee12cf244d93b94b41bebc4555d7ebfd8c482636
SHA256 5570465fafe613524eb31a4fc39c8622714e4258228c0244be3f63a656a7a48a
SHA512 eed8fa720a6a39ea4c30b6f179711bacae08abe6ee53994c706cd909a803846310f72a9f38d72e3998a55cc095d0f66bc50de68103d3e771f6e9c2e5acdfea69

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 be7992105f6c93365a43133b21e25b23
SHA1 acf68b5505fbf722b7a09169a3415149ba0f11a6
SHA256 ea5b4d16994aedf6ea48e6f72d81a98585eb25a2507a18055341ac7faee16ee5
SHA512 d695e1711e32008aecb9fdc5266d88f1cf341a688a23090584a171fa7da954d6b8db516ddd8ba1bb2488817b21902e2fa3c0398c848008c520a82b93fb7a40af

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 5129675f7f79ba660b7dd0f3166c78d2
SHA1 db0ba3474b61dda91a45519ac2d28a2bc114c23f
SHA256 f2b9672dcdacbfd471c23870909e848a3a6f90a52c6180f74a6393631e5cf0f3
SHA512 18fe86d65fb0bd1817aba915bf1c279ec8b039c5078267f214e21bfd4deba8ea4c64a9f976b66e04ccda4c42f9df5896a0251b09fc49c218c6f576b7ee626d19

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 7c97756c2c035ebcfe9208dd86591df7
SHA1 57e29d637804dff916a207896274157342cf68ab
SHA256 b7fbec450a4da215d0f778737445d0d3ad164d12e33b31e982eb75b64b4585e0
SHA512 5b44f363277a9902132cdaba7b84e2cab60592d37c39fca6c64074e62fc6189f72f6ad4d3d98f65562ab435de1b213b42824f8319b678e845314d68445733208

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 d6c4f31bb22eece1c3447cc8c4c8011e
SHA1 8551f1fdec1ac650fe66048e1e1c67d012f08352
SHA256 7398ca1f1781db1af9606e54c60a03a77b6221ea9ee8ec0a448b2ba51c0bc440
SHA512 b7eda8ec65315c66900ffcd4e88f6d14571ac978fdd7808ccef2eefd15626b5f70f481ec0b97dbc698bf49445ffc8488a276edaf2d7090f459b7885037ada494

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 00e88e9114ba29df00610f6b386d7cf6
SHA1 f1f0e5544873350646a21fa90fab5ac161ac3e70
SHA256 185f57260756d78bcede8cdcc33e6a17313540f1a7bc4003b9236bd3b4765c68
SHA512 0a97871e9c7e0fb83d266d556bdcb06e49b5ee520ff68384ec5a04ce9c999fd140d0d149cdd9d55cbe094255cf3704cd6d3196fb224736434b2284baa6d88adc

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 741cc5bce581587515185786ac2d858a
SHA1 8be138675b2475780cfedc32eaa3b985b7f33aa3
SHA256 e7fec69c83e44b6e23daa633a576dfc47819f0c7d29000c77b256e4069695ea6
SHA512 1a213d34ac9df8cbbbf8226d5ba5eb20cd2ac9239b967781ed893019e1b0e9bcb71d5f47b048b0d14c803226fc6206fa3cd88cf214da075f5a2497ce24aa5c48

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 ae3c610f42516b23190e3f317e2e01bb
SHA1 004f87a1abf2a9cbab5d04e38795344d73c42104
SHA256 714a867022c77aec16122a3df9708fd3036b146b8c5451762fb089147001adac
SHA512 0074c10d34f75f68db07e568409ace537dcf3941a4711eef47805150234c3b9e7ede18edf8cfe4e66f3527a2e77f83c4aacc3e816bbfe193d4120e3126948189

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 5b226ecf05ace94b4c3062e9df4f707b
SHA1 5281a2d36764ee3d62ad33c1e0f5cbbd0d47f1fa
SHA256 15bf4b8ff63f30d12714939f51a26c4a8c4509629a5f84ceb9d63d9707efb2b3
SHA512 b13dab98b3bfa4942776711673a18c993fd58e7d5d4f4228d3f8d564ce4b0ab969ad28d14622b3c377a4a71587304424e5198e9b1a80145de3bfeb63a2bb11c7

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\G4POC86Y\www.youtube[1].xml

MD5 f3ebd0f776d73dbd6b17730b7540fa5e
SHA1 69d6519b59a321986ee8c17adc207c0056715d3c
SHA256 a5391e3a5bbb3d647824bbb3de443dcad572095e85a0c44f36e67f65aff9b2b1
SHA512 0d83de93999324a192c7ccf27ca61c2035efbf90af17752b7f0f554a58b11cb6e11133e0688c1c4b1d602944407e41b51f96dca93009387bda19751e599df622

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cc167619a4836474a7b43eeeb4282691
SHA1 a67fd79aff678299675f555736158ec43026da86
SHA256 bc4bf27f3f660357410e4de362917d24783423b866bb39d267d3b9c01230028a
SHA512 395b59761dcee6914db0f958be3a7b6ff08004698a412d8b695e7f0776b6cfd3bf7469a0ff5d21a3f522c3beab5431fa9fc4d2ee288f6216730ec20d9b7f7f0a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9f7180e1d533a518dc75a2ad1cc4e95b
SHA1 7cc4d9707500214941d4b43c3f56c48928457985
SHA256 6174d782872464ce627061efeb5baf3a9b2471c0fa58bd0c484f9f746aa42a1e
SHA512 6891ada1f71e8a3a989c2b697d0f72719abe27822a67f0fd3ed778b8fc3070de5f576f406dcd4a528a97391fdcf0e0532429980b10c0c9e0c772bcaded04fdbb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 51538f30d073e6f6509acd1efbb14e3f
SHA1 0799e604d08d850f571f2841f9dfb403493f0f37
SHA256 b3c12da887ab99cf3326bb7e28e3f994e758e86560ca174cdd6b4a4bbb0a7ce5
SHA512 787ef97d6bd49d1226cae0843ab171332f5f6f9a755a500b9af5811376e09a67d51815c66e376611c2f7b29bfa062464de24ef3f51ecf3ca2bbbd67c2e3175a8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2c535e9c2cd72026d0cdc04e5046e4df
SHA1 3f263b2afde6ddbbd0d5347d9e1a79fc97659c95
SHA256 060ec2076be6bf370beed0cfb0df9638b495ddfc99cfdd12c779699cca71f1df
SHA512 77815a5d5c34c25a3c49284432e36c470eabd24e0e4e08ea03630473c0ab279cbd1ba6d7f120a5c234095e4312189824e56f1e41e8e44712ce80d7742a98c62c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6a54cf134b43ab664633164d69802658
SHA1 3f60b1d9960850ccfa17b4c2921ac6ae2e1f4440
SHA256 4259e87e0930c1f5e54144a155153b11da73dd2abcae0fbbd9cd83b6b6e80077
SHA512 f84c32722092438a67b4e5f9780c7177b48ac5acdcf7e25f193f33f0af001fbc8283228ffb7975a328477c1caf2c0f006789678cc95ffcdac964b289bdd980b3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bd97ae74920a6181deb49cb0417942da
SHA1 e8ef1202320ed2d0a1d88cae569a98eaf0fbed48
SHA256 9c1fa953da2fd03f9efb5fa2b256c0b692ece8f90d3540cdcc9a4c1e2448971f
SHA512 9105a3c7c9ecee9b8aec03111054249c61dcd836e188a26a71ed2946bd7065743fcf0fa486ec7c04be7745a1f3024f0fe673e96fb2d1cc01bc627bbaff5117de

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0990d2b7dc2c1ca498e576f44a59c300
SHA1 8bd03fa655147f7080bbbe1bb2ff50863734d1ed
SHA256 ffbe57463bb3110e77eb062903e4eee41af1764c704c852f663031382bfeb270
SHA512 4640fc7c83c33e91b921f403ba63067d51d89a978c8818f97569ae5be0e9d56ad3b19934b878aa7c699421afd0897715af66d5230aa1d8f7e56fc50f367b0f72

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3115735adc8d0e114269dbb9ac845e6c
SHA1 2dda9f9e53594cea92cf598c164d5d775e2a6c8d
SHA256 25d6d9b44f99b2c8646373c9205baf0f2dd377a8eb02d6b1bb7500a7fde06ebf
SHA512 73df4ba831e8f573205bf224f505ad6059f609743551fbc02e010812d99a58ab00f29e2302e6aeb84521dded945ad51206af515bd4a0976ca5d2d6c341bf5056

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5c371ad86eb831a1306893611811f156
SHA1 ca355b58a97be7f8e188812850033e68e933643d
SHA256 8d53d50687b5384e3f9c820243df3620d80b41d66f783e1d7666b79819d2bb87
SHA512 edf247c4746a0d8b591253127fefe9110a76b79e05a9306d054dea3d3fe28883a21d875f033f2be5d9086cd2b8ede7fde3defb11ff948402f695d495fb2c8683

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 db02a3f01911df33f56e86ca72d6d093
SHA1 c2cf07001456155f6cb3a5c9d5f468d962ea7585
SHA256 d4afae9974b6f95025378def7ab552ab641451f1c82cd8b3918a768a6c02af24
SHA512 c1160a2c879d5c422bfd4c719c2ac812f8b6cb7e6447f7b7bb378d92a193fc33df882e389613518299f56665a9b7d7efd43f9cab53d34ca9520421341c4558f1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e718d789294eb8938cd42ec8d0d3a6ec
SHA1 674618f113c9f03d313cbb0a186b6ecb61eb96fa
SHA256 8dcea2f030b315e62fb5f3532fdea19e1d7598000c14d319f852d40d6389da5b
SHA512 6d0f48dbd52ccbf51f8f18cce8f936c28ed5aa0a12ba639b733c562efa3bfc758c0f39afa5c726071fa7005bdf107e9046e1477c485946226444fc9a22dd454e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 04038a293161c6fb6c5abf54130acf35
SHA1 c159489188d5bf45077b8d269855d379af0faf94
SHA256 414702a14708614bc762c402f83e71eac5b5e543e9b6e6b2085a32017b28d140
SHA512 80ab43859fde068e4c67d0a0f33eaa13ca83b5256e1ab153adf4ea480188d028cf8516ca3375a2cfe4c8608033c89d85a2c6d0426c0d109f8afc6ecfd226a9d6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 de7212ec0df3d2d13685893146c71daf
SHA1 acb384a1f18f015d5be11df7405fe0ae7b6effcb
SHA256 730ce0d3e3573ed426a61b7853c44ef9d2ff0807d71bf71ef64dc1c038e19c87
SHA512 36052ecf9909e23707e6a6b5df27ae23d427e70f5b07e7550d62f82d4684411fefccea6fe584f5f16a33862c322c11c37a570679d2ceb8e2b9135c711c73fe28

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5a066ed123df0c559fa204aa568363cf
SHA1 0477a5a6e2e86d7f2d0c85b2d02e7c523e1f4697
SHA256 3f83b84be59bfd1a91aa6921bc75fd154a964ceff67a878d322612c32a0e0510
SHA512 2d8fcb9e14fa3ce229d93975745521ac1ec6a9fa0e1c76bdc446db4307d177025d66fbddbf9a47c492c8e526dfd9eb9229b1a111dc1e1d804395999093c47c06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 18028eb454c688ee363a7667e191eba8
SHA1 99179e59319e84c8c2b62552bfa7390f2baf202c
SHA256 7531ed6ef3c679121be0759e728a881754c934418aec553a2d9207c7f015534c
SHA512 7adfe3791ef052e5d563b4af5793174ce0697412590275a6dc96ca428e88d3703140e16c719e25fdaf8f35b2065ff3184b54183dd59af8c0964991d4f5c6908c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d6a1c7b0ba4619bbd09d45ee88f7bf5c
SHA1 9a453d953aeb006e01fbb2dc920036b06aba84e4
SHA256 577bff200e9e6cec4e9a3c6c3ff9f395ba8f1e4eb5cc5c91ed577904330de675
SHA512 a45b5f7c51e5cb0649a5af0594d3087c65658738d7629ba7b51c8db043684fe3b7f3a84531e325e580f38b659a906348bcfd8b6568744ea9217343857c0cf2a3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4165d60a5c4bf6f100cca6714008b95e
SHA1 48fbf0a951aa5e8f10ae96296b03807fd7f86eca
SHA256 e7ac7679a3b9a23ea4073d47263cc4c6fda9b45094ae3e546b1b4aaa591c83b8
SHA512 1f9c800c758961f7a582b2ee8673708124ed92cd81c279ef731b4d5027af77c07635fb9079f0a2364e91186079f96211268108c33227e08dbbce8fe8adc6e932

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fc47b69acdba8490ff1e4c01b7505ce8
SHA1 c4262e840bd198f7315ed25abda3944d02574486
SHA256 be4b2eb28900540b8f1805ae4d8969e6b210f45a7e95f21dfe18602199037a56
SHA512 907ee66995ee69f807025e74e27896384e6fdb664a1706764400b9e7f8f587b83f98f71a10e4ef68afe095d9e5e9f17908404b526ca036db965601fd3183aea3

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 13:21

Reported

2024-06-03 13:23

Platform

win10v2004-20240508-en

Max time kernel

136s

Max time network

140s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91ef226593db80ca43e18938f8e8e771_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91ef226593db80ca43e18938f8e8e771_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4140,i,1809100026287847100,9768898026582633513,262144 --variations-seed-version --mojo-platform-channel-handle=4880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3960,i,1809100026287847100,9768898026582633513,262144 --variations-seed-version --mojo-platform-channel-handle=4664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5264,i,1809100026287847100,9768898026582633513,262144 --variations-seed-version --mojo-platform-channel-handle=5276 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5284,i,1809100026287847100,9768898026582633513,262144 --variations-seed-version --mojo-platform-channel-handle=5344 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --field-trial-handle=5288,i,1809100026287847100,9768898026582633513,262144 --variations-seed-version --mojo-platform-channel-handle=5692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5736,i,1809100026287847100,9768898026582633513,262144 --variations-seed-version --mojo-platform-channel-handle=5832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=6024,i,1809100026287847100,9768898026582633513,262144 --variations-seed-version --mojo-platform-channel-handle=6096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=6104,i,1809100026287847100,9768898026582633513,262144 --variations-seed-version --mojo-platform-channel-handle=5768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5304,i,1809100026287847100,9768898026582633513,262144 --variations-seed-version --mojo-platform-channel-handle=5708 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=3572,i,1809100026287847100,9768898026582633513,262144 --variations-seed-version --mojo-platform-channel-handle=5572 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 konthaiusa.com udp
US 8.8.8.8:53 konthaiusa.com udp
US 8.8.8.8:53 www.konthaiusa.com udp
US 8.8.8.8:53 www.konthaiusa.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
GB 142.250.187.202:80 fonts.googleapis.com tcp
US 8.8.8.8:53 www.konthaiusa.com udp
US 8.8.8.8:53 konthaiusa.com udp
US 2.17.251.4:443 bzib.nelreports.net tcp
US 8.8.8.8:53 konthaiusa.com udp
US 8.8.8.8:53 konthaiusa.com udp
US 8.8.8.8:53 konthaiusa.com udp
US 8.8.8.8:53 konthaiusa.com udp
US 8.8.8.8:53 konthaiusa.com udp
US 8.8.8.8:53 konthaiusa.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.konthaiusa.com udp
US 8.8.8.8:53 www.konthaiusa.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 158.6.107.13.in-addr.arpa udp
US 8.8.8.8:53 203.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 4.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 www.konthaiusa.com udp
US 8.8.8.8:53 www.konthaiusa.com udp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.200.22:443 i.ytimg.com tcp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 22.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 13.87.96.169:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.200.22:443 i.ytimg.com udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 64.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 169.96.87.13.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 konthaiusa.com udp
US 8.8.8.8:53 konthaiusa.com udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
NL 23.62.61.129:443 www.bing.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 129.61.62.23.in-addr.arpa udp
NL 23.62.61.72:443 www.bing.com tcp
US 8.8.8.8:53 72.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
GB 142.250.187.194:443 googleads.g.doubleclick.net udp

Files

N/A