Malware Analysis Report

2025-01-17 23:30

Sample ID 240603-qm1k1afg9s
Target 91f0b5ca70a87d1e466db87ee8032a64_JaffaCakes118
SHA256 9f47eaf7def7ff5d5973b47fc8fa89c62bc287fa0651c5cb41a6b55406e4246f
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

9f47eaf7def7ff5d5973b47fc8fa89c62bc287fa0651c5cb41a6b55406e4246f

Threat Level: No (potentially) malicious behavior was detected

The file 91f0b5ca70a87d1e466db87ee8032a64_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 13:23

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 13:23

Reported

2024-06-03 13:26

Platform

win7-20240508-en

Max time kernel

150s

Max time network

150s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f0b5ca70a87d1e466db87ee8032a64_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7764F7E1-21AC-11EF-B6D8-6A387CD8C53E} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423582877" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\International\CpMRU C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f0b5ca70a87d1e466db87ee8032a64_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2228 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 cdd.net.ua udp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 tcp
PL 89.184.88.6:80 tcp

Files

C:\Users\Admin\AppData\Local\Temp\Cab1A18.tmp

MD5 29f65ba8e88c063813cc50a4ea544e93
SHA1 05a7040d5c127e68c25d81cc51271ffb8bef3568
SHA256 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184
SHA512 e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

C:\Users\Admin\AppData\Local\Temp\Tar1ACA.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 edf461fac5ef6bf0ac185b008e606f33
SHA1 eb3bf27b41d5a0e52193c7a3fea783437ebf78df
SHA256 b5dd800ddfd230ec9f7eb1a73c9be185dea3adff67e18ab290315d36f00500ea
SHA512 0f71d6859b5d9fe9e864773dd28da273dba15270fdcdc48384094adf932728d877ac711949da4cfe82e04a9910da39859a2eca28b85d83da00e1903d8eb5b39d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0fc40066a0b0ec10811836b7c6b893c2
SHA1 24853fa20e3e3252c840aca793971dda911bf18f
SHA256 9bbee6d4de238e06c15000bf8fdeb31d307fed36630a72df9016882b3b7a6b20
SHA512 7f6cfd30ff4e26a7d97f7ccb71c17f0d97d3e9678e19288abba273a96c51e79dae559254f3af23af2be07471bad564eddb1c8ed48dfc829e4bf3c7abd21abae6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 92eab84612ca81bcbd0e3cc6c724279f
SHA1 d7e8dd35cbc98374e97dfb67c39eb90f4ff15d9a
SHA256 b8c74f67a19056ab539e4a49c6e7908635f0ab44c9d6284f796edc41452e432f
SHA512 a16cd1982e5daba5ff9ce9211883e549eabbbe61783544edf717911b62eeb1dfc809bb9ae255cc7a92f38abde1999bd8ef45fe62fa8c9835016cc54604fd67a2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e77719992f2abeb8601897faec284561
SHA1 a639eb8a254146311704ce0868930132c0e7b1d7
SHA256 4c5dbb535ee07aac01287bed3e99d10f363254042f605677452e3439c7e30ce4
SHA512 856a27327b9b9f7a260f76c0bee90b73c52183a327b3464ae6684b453705c8fdd7fd1442861432c67944466b18cd5a02bb8ee971b8f2832bf61644fb3859819f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9589862eff32df5b802afff87b61d3d1
SHA1 25a17cdd2eeffc674f7dc2f054b96021510486ab
SHA256 9e2f50b7e643ff0a393d5d7c09a37ca2921fb7d74089b40c76ebd98835e86943
SHA512 838d59e2155be89c77d0eefaf73f30f514df81882edd989bcb1105f23b0cf758d27fbd08402400210509e27a51112d0a87fbec672447017f36a78810979208a6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5b513476536e52600f7f9085fa774da8
SHA1 f65145f2d7d78c8faa76996d5439627ef9fe83f2
SHA256 5d80141f5e868e879decc27f4e712a6ac249f4ff9ce8541ea7f76fcc7baf1bca
SHA512 c7a45c06bad08ce6152eee98ceb8ddff422a7fe7eb88d909e6e800cc83a60e0ffdc5de1bbc67254f6b9ec84bc72d3abcc9ff792a8dca66e4e5a03274471c0366

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0d5022ba22f4aadaffdda92e363fd442
SHA1 8be61059d301e57c4ee27da759ef2393943a5b90
SHA256 7879bfbf4625568b9614983ee082ed95897bd55d509fc279ee5592c007024d07
SHA512 6998a6f6d14ffc4c3e34749def08859a00b3538f2ec98eac5866f8388af57fbe33a83489eb2058688ef56b103473fb8953be9d2aeaf6af20a9f1855474874f0e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 62b08e17b9a45160e91e63256b6a16d9
SHA1 b9a0c1c5cfdcfcba327e8656827b115dbf65cfd3
SHA256 fa13fc8b963588579aded9cde04f4257fd84114d5ba39d7fc99d5773e2f580f0
SHA512 7a0c60323666b3d1fc378b72bf5c7a748dbbb2d5677c0dab702d624e7ccab1cf25b9818d8a8e261a61122fca0825c97b4a65ebac6b48013b706547425e54f95b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7ae4957efb9dd2cb30e3bfe8240e93b0
SHA1 6ddde070f2f3a375f6ac46855d18ed7f0bc1a77f
SHA256 8ae1547845d6786c257da82c8eaa08e93d7e30c643a4486760ed9c03bdf7b463
SHA512 4e46c2c6f34fc79f6352be75d802fb2fbb2f1e77a4490f2559daaa33b6f4574793d1be63835b0be3ac395292d31e5f30d3d651e1b50ef57c9162d43fcb1e8709

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 13:23

Reported

2024-06-03 13:26

Platform

win10v2004-20240226-en

Max time kernel

141s

Max time network

150s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91f0b5ca70a87d1e466db87ee8032a64_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91f0b5ca70a87d1e466db87ee8032a64_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3976 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5152 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4608 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5468 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5824 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
BE 2.21.17.194:443 www.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 2.17.251.21:443 bzib.nelreports.net tcp
US 8.8.8.8:53 cdd.net.ua udp
US 8.8.8.8:53 cdd.net.ua udp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
US 8.8.8.8:53 194.17.21.2.in-addr.arpa udp
US 8.8.8.8:53 158.6.107.13.in-addr.arpa udp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 104.242.140.51.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 21.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 203.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 52.168.117.173:443 nw-umwatson.events.data.microsoft.com tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
US 8.8.8.8:53 173.117.168.52.in-addr.arpa udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 13.107.253.64:443 tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
NL 23.62.61.72:443 www.bing.com tcp
US 8.8.8.8:53 72.61.62.23.in-addr.arpa udp
NL 52.142.223.178:80 tcp
N/A 224.0.0.251:5353 udp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
PL 89.184.88.6:80 cdd.net.ua tcp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 22.236.111.52.in-addr.arpa udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 27.173.189.20.in-addr.arpa udp

Files

N/A