Analysis Overview
SHA256
1eb4d90bf59a5853481ad328a1b60e367d19b59fdad4a53f7233e4780f893537
Threat Level: No (potentially) malicious behavior was detected
The file 91f282e4e556f12b1edb8237ddfa88f4_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 13:26
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 13:26
Reported
2024-06-03 13:29
Platform
win7-20240508-en
Max time kernel
134s
Max time network
143s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "13496" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10097" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "13496" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "13490" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "20333" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F1AB5621-21AC-11EF-A9A6-4658C477BD5D} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "20333" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000af3b9783a7337af3189c3bd58e4fc805f16aa3c9c02edf079de7e11c1a60980c000000000e80000000020000200000001596dc1f21863d0ac20d1dbb6c50ad98fd4d1354ac9c6ec1bbf5ae7b73cea00d20000000aeee2c0eafc060ec959feefb9cb64669cf91fc30a05bbbd11c756375ac49a784400000008528b22df3afe09bf3a89d70ea893b67b4bc81cfa0e6d0b53fe70ac65a610afc244d21571887263c81e277b57d0e1e3a7672e1edfe1f6bb7df0b2fe1b0404d58 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "3884" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10097" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10015" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10530" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10448" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "13408" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10448" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "13490" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "22770" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "13164" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "22770" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000a0c992f1bfc757a32e872c23a02d7759108fe89c88dfe95f63fb300161092c67000000000e8000000002000020000000b17647b444e0e17762718963abcf625a8b585a4cb7c0afc435dacd11394068d990000000d872842e2ab1be5ec276ebdd3f7b9a413f2a575ba993a297c93229574655dd7e7590d1ce7ff620604793c466c43d69c4debeee8a711ba5a799c0b34916e2057470e8835250ab41ad4ddcc9f50cf8ee1b1842c8227cab95e2b30b8779bd6ff11c33f4093cdaf9717472d65b148976b9744dcf3b349ef33d81eb3f76a9bb9bb6bb3045d62495cc79f948a3fa67acf49a16400000006ad92b9d5555c59c0700de6bb0a967797f9a7e56f0bbe3c7f5be2ec5f81888cdd39fbdbb79b60cd3f898f02fa766a8309ae167b8658cd79052c6aa5155278912 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10448" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "3884" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f06aa2cab9b5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1812 wrote to memory of 2160 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1812 wrote to memory of 2160 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1812 wrote to memory of 2160 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1812 wrote to memory of 2160 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f282e4e556f12b1edb8237ddfa88f4_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1812 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| NL | 157.240.201.35:80 | www.facebook.com | tcp |
| NL | 157.240.201.35:80 | www.facebook.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| NL | 157.240.201.35:443 | www.facebook.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab24B2.tmp
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar2584.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | da1ddbbd693a4d2c9649b79c0d0bc8e8 |
| SHA1 | d9cf2413238ac247da5afc5f832acb328dd1d674 |
| SHA256 | c1d97119b673fea689ab2b20efa13e010663f269914cd55d9ad820e40c732e3f |
| SHA512 | d7792af5ceacf16e2e2ff96d74c59c439eafa3cdf846e2d1ca1d7533b70adcf1bd3e3183cd387115bd60d2f8017345ba9268c5c6b5e0f801f3e0925f2305a9ff |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 13ed5e0369cedc64c8437eb9a493a981 |
| SHA1 | 880053c91809fef7b2a3d688143f554d5a05c0bd |
| SHA256 | 3560614f2f62c19498d2ad6c3b9fa8f232883167479de05e924a5a3ab19a8454 |
| SHA512 | 18b3c940a3b722b58c476af4141ab987ed9f7557c1e52f3f20548b2c209abd67c943761d22e20ed59c36d69f8cd911285aff7efdf2d20f51c35cad62932aefa0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\www-embed-player[1].js
| MD5 | d2056f8d081fbfffcab81d61ea45b151 |
| SHA1 | 710243082f40626f64943ad3b656400f444d7130 |
| SHA256 | 49fa9b168cc8bbc037cf4498e31c355509e9b438b0d19fcf750b1c5fbd1efcaa |
| SHA512 | 530ca2c291c44d3d2b5869b0ae661ac047748a5cab50de280a2c8dbd26b52cdd71a906b3730e8a849debece542eb919462a8407ef2410acf28c57d2b6068cc14 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\www-player[2].css
| MD5 | 0fe92418bcd14dafd31cf4d854a2fb52 |
| SHA1 | 592691394af239f5d823d5caa236c572e3fa6798 |
| SHA256 | f45f1399558f995cfc02656899d2338b8da40a49f558c9d04904a0c4c8c7f1f9 |
| SHA512 | 2a8408357b7c859c20d687a17fa2ceac011d33671c2592d83dbc850637f8215214545aae2b90d5a1af580f83f536c0508e81bc63d04635cdf1ed3e32a51e8a05 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H09CVCL3\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H09CVCL3\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 426134a2bdf70551300aa5ff95a6169f |
| SHA1 | 1d273368e1d467b82c7495b786a4171f599b3178 |
| SHA256 | eeb2ab87e7e250e4870b92b590164fd4678b4f1c8edebdef9099ba2d4a7add67 |
| SHA512 | e820e43df03077e9f93f73858bc9aae01946f8c7bb0865454e2f5307e2336d75fe5baa55eb63c3b2adfb39a6aaed7414ef439dd43d7359c97b857af4acead7a7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | f9c55e020c5a57c731e4fc88cdadb2d8 |
| SHA1 | a547e4946b270f6471a22ba0fc246776235cf7c8 |
| SHA256 | a3301571c94140342e7b5758f8f70c719af2fc80ecca9e850207e72d49baf92d |
| SHA512 | 2553f3f96a6c540ed2d32ede1a2de05f9b30ca5f7eb1201a8a661cea2e4d58ad9a8572f06649d09bad81cc3191033f2b1a509b507298506461c8da1d2a3bb6c6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 363a1aa87cec020397e3769c53294779 |
| SHA1 | 2a4fceeb6bf15dfea1f9d9fc1e67d953edf905b7 |
| SHA256 | a4ccfbcebbbb6e51c62253ff8f8728e3e4420b9bc8a8c25e113343f814bc7d8e |
| SHA512 | cd4133d340cdf07f46b2660eeee17ed62dd51e028c45022b819573fb82ff2e4bcf238d8cef714330557860029e17e81666548c02161e8b8ad18ea8d4363585e9 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H09CVCL3\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\base[1].js
| MD5 | 9178a954abcce420219864651c7787b2 |
| SHA1 | f874d3e998441ba6439cfd7e89514facde08cff4 |
| SHA256 | 40cc1692dd4d8e1c8ed29593ee222240494b872b734c0e31da4628014da7346d |
| SHA512 | 927bf88499cdd64ce32f3780a0cfa88b14fdfbeac6a237454dcc43ee5d56b04754a40dbcba402519637ba1a3b0f948a597260a74ddb0b316698a41559d8e1cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2XHJXO3H\embed[1].js
| MD5 | 322e970509e24ab233b6c326a9339623 |
| SHA1 | 10e2ea809ae638d5f32385d05c569922ab19bc17 |
| SHA256 | 99cbd012a57f19a3fc1b412866ba13d6b9de2a5bb22449dcbf14ec0a88937000 |
| SHA512 | 8f8bdc9418feed04e6fc7415e9e57f0934a6b136b1a763e0e39f67efa47e004a8c3385105a1c1dd9fa48ada83ac5a2a93940f20a99d6d16722ae903c93d9817c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 70d931b38835c6023d6a101a64f70b0a |
| SHA1 | 8f55df1d491a361c259573738eee9f9302bb671c |
| SHA256 | 4bb1eb2fceca6eb70c3dfc5fbfe128b8dbafcd75c6afd183953cb299d5ef4248 |
| SHA512 | 73f291dc32f47fc8d478c78d658310ba2369179133b17de84904c41498b823ace1ef5d10131c722fcd94704ea32d7b6b9ba3fcce6c5f26a0dff281fc1477bdc1 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | a6a7a515c215a42fb33e47dc9780fb00 |
| SHA1 | f410994bed546ae7944d03616e0ab25ad81c8b6f |
| SHA256 | b3bf74b473f407fa247272ac52cee2739fe6b69c3603b101d31c533a7db79d73 |
| SHA512 | 51ccab721fccce7bdffa1de4a70f5df465d2658fd50ed06489cba783bde29cb03f46a940a19967d3c9d245dcfdbc868f4ac132b6420522c0946ad6cea9e8b06d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 6eb27f9f270597b4f14c8f947c45dfd4 |
| SHA1 | 33d288056c69c89cc228b90b3d5ffd1be2e24fc3 |
| SHA256 | 9768b2afc8ba6dcffb4e6b308ed4f5c46d5b8fd9a33fc3c78d338c1d2b8084b1 |
| SHA512 | f18d5007429a974a5d02b32e7f431c502bae080751ec65f3a5d7aa1cae2c5121595bebd9731394552a8542496826c98dacbcfa9c3abae8f20247c72b1899e7c0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | ceb0d744823dd6e41f84ba77ba5d0a42 |
| SHA1 | 7becc2b21216861639cd554fdc888d18b3d406dc |
| SHA256 | 150a52b1a59da23744accf24c55b9af614e7367c1072f35584dc23ad5717f748 |
| SHA512 | 55b072ba6e45fa4a84bbc3f42763f4f0643033ceeedc06ac429fa6b93142f9b3b8e0ea15b3deb8b3b8fe59db1693bc346f5208acbba3706a7e821cb3a25c1eee |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 0536ebd30f227a3ee1d87f068ce7d955 |
| SHA1 | d7a4f7fdcda2137fbd924478f285ad0e3d807a68 |
| SHA256 | 2b7e9213f470d0ac3a44c492e3d167984b0b2b5b0e6e4a3efb4e1e813b010f5a |
| SHA512 | 330c0a5974c0ce42c4b40a8fcefc78784048c4b0b2dd5b0356ad08ad0399a9a6c9a442dfe7e74d2f048d7ae889429f33df0aa70dbf339f14e1cacd4ed6cd9732 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 4d759b9114cef446ec8ca4d44e1dc34c |
| SHA1 | 9d7936ac43857a2c9887680e1faac9b62e573fa2 |
| SHA256 | 0f90a9b4c46b31a74d2d33db3d716dd1b710d5c83336ee97bbcae049c91b9ff4 |
| SHA512 | 2df0012e5b48cd6aa63102cc41e3ebfcb6a01c1b9bace33e51051ec09ca8b515fb8a457894073dbcc052854f54208eac8fc6c18df01c6cb596402c65a2209391 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | f15de48f4335bc4ccacfce8ff2dcddac |
| SHA1 | b12bbc47ab668436b2123a6e912281b1e93dd1c1 |
| SHA256 | 76e510b904b5951b7805c783de2720dcbc4bcc510a712956ca6ca5a7599d6dc6 |
| SHA512 | 04fefa122367dbe37813d688f03aead2b79b789ee41c8a73826ce366fb0d63a73a930fe0661e202dcfd8332d35c7a2cab2111d6b29a7b2e1c88986ff959b6ce5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | e1ca870f11180cfc9aa1b20db12a355f |
| SHA1 | 4912145dbd0425d0690b2a3b1e85b4763b0858e8 |
| SHA256 | 5e7e5d1422437ca9d91a6abf5a6ffee2b421ec266413e8ca0030caeb09cf22bb |
| SHA512 | 752af14dceead5659d5a3682c39965639e4c6ad9eb66eb18b70bf588a5efb2e58ef0531df09b366b9c5559a1f4e19764c97fbcf94c8068e97b696adfd67fea0f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 737ea13704dbd39ea5864a3a60985e78 |
| SHA1 | 6f2f19022008acc050fb6d9bd62368285c6b4a02 |
| SHA256 | 35f9e9f5412425534ca8f9fa44af1695fb0f3f9324f99a0f519c8791a4969ee2 |
| SHA512 | 37e0bce1e6608d9b492bfcd7d6824e75a0e99b39c0cd7704a31bb63e89d57066af48eceb704a18e04efcbf2a1b5bd03b1583b9080480aeb53cb6b405c41fe501 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 113b318ff4f1de55087c624659111c26 |
| SHA1 | d4329ae6582bb5db449234ad8ce767157b7259bb |
| SHA256 | d03e1b36eda6e46b5ca0df9c295ee24988c52b99a139f728d6b6d8188f9ed351 |
| SHA512 | 87344fbfbbae26cd1211f425ef9394775766c17c9606ee3aa5f0e7f80fd8b1ef60069638d65235a4545ad60e836a4da04a903f27775cd5cd908ffa66172b0f50 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | eff8ccb75262aed388b86928b75a4d10 |
| SHA1 | 4a03c2cf2523ca1ce71b404cb257cac0afda2ee1 |
| SHA256 | f04b520746a85edbbbd3458c5e707b4571bb6d67d70d7ae9330a95e4afb93886 |
| SHA512 | 0ad4b64fe0fff6462b1e346467da1300fde7860f6931e6bfa27371adca8f7666b02c543197db62f2d6821bb38d224767c6191b2981af1a50266fbbf04a97eae4 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | a8acdfd8c874a81a38f560b8793f6282 |
| SHA1 | 75c90fad55e925c5f03d95423cd99865819cf448 |
| SHA256 | 15912a824263785583d209dc276f153a6786cd73c81b401fe749313785c80826 |
| SHA512 | b61aef29e776e684221805b04c2258ac8971b75ac89378e0ba50130fc7e5d907049b936bac8820cd72292c6f53ac13e8144762579c2da48e822d9ba49e4a233c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 819b94e93be56c6b4f971d738c2db5e3 |
| SHA1 | 01009bc6e21c27ca7f67793cc752940d393051cc |
| SHA256 | bfdf1d03211ccdad503f4d773f432d1578c0ff58f718fd6e5eba2ea062c8eee2 |
| SHA512 | 09125bd051290cfc53ae663c61c3ed15a868c6ccc6e1311221fe69ec33f161da1276745708b0386d652ba1e8d8a0c5646358213bed192db280a1fb809b53f08d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 85456a252ec90322bb1eb371477e8818 |
| SHA1 | 8dad588dda87a40bdf4e2008b4efbafd9ae2fde4 |
| SHA256 | 41dfa6380fe50d5f7146b8913064007ffa0c5fde5ea50094f7553787a5a1d91f |
| SHA512 | ec789c84628c0311b9b63f781712616498a79d4da43e51882ff4e5879b6e4ac571cf18bfc2829dcd03fa4348ef7b2b6a23ce678de8a858e6b999605ec1bf816e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 2d3bf014d3713d4318d98753d77e4f9d |
| SHA1 | 20e0ac90fdfdd949f014395d73f1cc74c90230a1 |
| SHA256 | 92a0b8d6b233bd4c13f59c84e0d52219487a13dbdfff110f47038ab8b1aa718b |
| SHA512 | 801a4d91230127b3a23eb8a38f912584b84365d44cf0459727bd3d08590717b82c2722154c92500a4ccf0f028f7ca5e3e6f26d9a7e78939c5f973e655c9eae0b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 72531b8a61d1756265fc0892954f68cc |
| SHA1 | 207607f15b0ea6673d184fe7efbc37920e4bd17a |
| SHA256 | b2a66a1d89ff1295272264eb0bc00b9b30bf132fe1d964f32abb6871252af429 |
| SHA512 | ff9ef4e9f35bf9816f6a07ea72b755e4cbfbd8ae10bf271d30666aef2db3f8e22e3c802117ea388581e80c0f3b265124d402be51f5ad6a8f134f5291ced7e9f4 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 5129675f7f79ba660b7dd0f3166c78d2 |
| SHA1 | db0ba3474b61dda91a45519ac2d28a2bc114c23f |
| SHA256 | f2b9672dcdacbfd471c23870909e848a3a6f90a52c6180f74a6393631e5cf0f3 |
| SHA512 | 18fe86d65fb0bd1817aba915bf1c279ec8b039c5078267f214e21bfd4deba8ea4c64a9f976b66e04ccda4c42f9df5896a0251b09fc49c218c6f576b7ee626d19 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 867951fc6ec72f2bfd7cdb64285e38b1 |
| SHA1 | 9e7580a5474dc8299e5f1a3048f3bd6d253ef0d2 |
| SHA256 | a76c7cc3a259caab4bda55e03d88623a742c506d6122e8146a3cdee4bb288d60 |
| SHA512 | bbfa2443cbd2e687af3524dfa36bfbe1cd5a98e467ca05139376397d2eda579cc2705669bb79a4c020b0aad3d21a4b4459e9358847c509f837855f3e93215e74 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | da0d12d9628e2e5d1d693604e9bf7437 |
| SHA1 | 329962541baf999754d40514f074955258a473fa |
| SHA256 | 308b2942fe5a626e2b611cdae96fdac858b6bc02543ca7e66944c6753396dfb6 |
| SHA512 | 8642725374a6fcc2069186e918ec409aea80cf56246f0abfecbbbfb07200c3b303e28db26c1f60dcb571d1b66d330a8d58066d1119011081ee0afd731d4a11e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5fc2fef1dd3855ca85aace257a6c2b2e |
| SHA1 | dba4472c577e68d4caa38e1e86d13805e613bd86 |
| SHA256 | 17b660fd376721709ca0a361ed3df7a91899d0c0bd934818aab3db5574872a69 |
| SHA512 | c12b49c14d9c018b3c64544f98c3bceb1a47e3b2f13f17ab323bbf681f6f574949dd5184f86252f1a44884f74a93ba07760d35c1ba4a56539e33556bb73668ac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8725aa3fa5fddfecf79e581022a81540 |
| SHA1 | 3d5cd6a5ca0f20c5f621abe3c9a3e8d9179074e4 |
| SHA256 | 493ae5957928423049a12dd40e9c25c23bafcc347660d75be3eee577c45b686e |
| SHA512 | bf0fa62c631d1e4d589f98af97d79d670cab1437e101c48a84f79d04fa0cd40dc76b6e4e4ee3f1a2d48e965795feb6887058f759fd308ed70d35c574b1d5ca54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5cec2a8b168e7259121799dddbdeaaa0 |
| SHA1 | 88192db88555e071a34e3bb790d5eec42936bd29 |
| SHA256 | 292bf4d8cbec3ab459cf4e30865d6f5a8b9ce551de9c123a15e7af424591349a |
| SHA512 | 2aea6a4c7d0a663c05b324a3122c51e143d5b717cbeccb64a122b5c18c9eefb70544acb767d91cb3983d972732ee4d7e56833deed5bbac32e7d5aa9633386964 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 23626b902693f752fc3df9aea15af10e |
| SHA1 | 53209aaa2010832cd4a34431c0b59a59df1dd30e |
| SHA256 | d155cd80b4bcab576acf1788842767782adab29f5f056e272eb9c98f51080421 |
| SHA512 | 2db98df554b681ba0d23ddfd9e61a71bf06c2b2644a3c053ac92c8d55cbb304491a71cb0792cc1cb9fbb2b2e37d31efff2e9e5c2a01f838614e85e4d62106111 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 27ef8e783b07fdffc0da7e1e093d2c56 |
| SHA1 | 12ac8730c636b74fb22ad248ff5a8eb460191247 |
| SHA256 | 6082158cf463027279397c0d3567331acf91cf8746569cabb6ed92b56fc470b3 |
| SHA512 | f433857037d1de09d525c11a9833452c65d77a1837ac58fe12fc71752fd08a12c79c4ffb3145313010647ec1ec4788fc16e52df823b59c57d5ab556c09ddbc1b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 28983bf01b45f3c1566f88c7f9b5e273 |
| SHA1 | 309f6e62adb52c62f4c245aeaf5e155daa26df44 |
| SHA256 | 382f484adb63996c0a80e7cc24dd60b224e37066ea9d66b5412a95201f6e0b65 |
| SHA512 | d0a936434aa4218768187be08d88cccd336b55f883e811e4d7ebd39829556874b67a4111804d8346df4a5f2394945d2cfed301bd6ecd9820116c0d276df37974 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4dd2b30a209e4a10040f3b8ad2df7ec1 |
| SHA1 | 32580017a7d4f7762c314f17e0622b1db59beb6d |
| SHA256 | b52d6a8726dcf088eff4652e702bcef07981158c4f84dfc288a5a9b720257290 |
| SHA512 | 7616fa9935c7e07d09a130a40cff285290b8118c7ae89f46c54869584216d995728dbc7940f02baa5ee44743ed874f71d56423d8e1574d50b6bc8c3d794954c5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f3ab459b6ab3cc89f99b716d70d44468 |
| SHA1 | b0f3255afa136c9da5f3504e0abc691b60777c36 |
| SHA256 | eaa0c8a5fdae42b747a9be0fe84ce3c5fbe9aaed9a0bce8225ef4589a6a029e5 |
| SHA512 | 9094437cd5d13c1843353583a1aef24920e8bb201b5b276e703fa40b32ae6cb10357f6849f536e94e17affe43124eb0928071ff315467e220848e9f74c412169 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e4e7a3176810be704a3c1dada8dabba7 |
| SHA1 | ba2fe13fd1f9a9e6263c2e545b5313886805b43d |
| SHA256 | 0e4a28e0aefde496f467e56ea7e5967d7ca631cf33739c417cdef3fb8fe550f3 |
| SHA512 | 954122c47bac7c39bd4d86299cbaf9b757b9f3314fc0d4620538e11a936ee63953a377f13fe6fb1e3a54c556bea71ee291f2a25dff86755bb593c69170cf86be |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 1f2332c632e8c85f1ea454badf16c7ed |
| SHA1 | 4445a5b517e06373ff0ab69f370e778570d305fc |
| SHA256 | 735c39b7bfefe1fea2ef0dccbced473f88556ed7896fe0bd5242ca1d40bd37f8 |
| SHA512 | 3f8e847f222c4b644c2ffe1ea22f8a138de7bf1a62830b21d31a40a025d9d4e30f96b153ab4290b03e9cc488540fd996b875d769859cc61a2a7a038e1565885a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | ef529b701b1cb4a7f91983fb6e8599e5 |
| SHA1 | d6db6aa82ed8b5683a42922c52310bf02976150c |
| SHA256 | 81764d2da35a487b84e50c06e19abef817e3d35339deaa76989e87a4a2b86793 |
| SHA512 | 34db2fbc59eb7832f7df6eae2658d9a5aa3ffdc92a4a9c0ed560688e31041bb56085d27e7b30ec797e40877808ac1afb5f161be784090e64fad770df0fdaaecf |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 3c05e4aa6ef3c3bb0ffe3921a494c101 |
| SHA1 | 995629902bfe11671e18e1246e14a2425d0eedab |
| SHA256 | adf660455f80307a0d5e62fb58c6bb52674a5b5d3bbfcb1238b46f2616d01eaf |
| SHA512 | 8f01cb3124dc12d430c63c1890963f3aa2c15522f3b36e28733d65d85428672a6453ff49fcbd3ffe2d5d1298df6973294a473dfe309f709fef39a175ec90dc64 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 33ac92fb1af5109a1b3620c31fb46e48 |
| SHA1 | 710c5acdb618dd9c136c0311c9c4687c79efc24f |
| SHA256 | 9f928abae3ef78d6aae86e7557e1c00cbbb337c2cf4fe60fbbcebc0bb33649a2 |
| SHA512 | d20922d6cefc14face00dcd7d6d9c75a454df20e272faf5acec65992d8783cfe0e57979d3c1974e6112df3e759e213c16641a19809448170c71b8a0b45ba311d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\82O0T3YB\www.youtube[1].xml
| MD5 | 6140c42c7326e9e9fc0e76751d5088c1 |
| SHA1 | 96e27aee89a9385a7bafea00a6322567f39a5e33 |
| SHA256 | 243e1dcc178c1a6b0aa03e0f35b65d8f18cd48adf5031a6306bc274c95127bf0 |
| SHA512 | 7528290d3b9370fa612bf5c920b45cddcbd5c4b38137d2f89a52a745cd8d5ba796bda39c23868acd6e8994c5e2f71418ea353b833f9437acb3457c9e5d726eb9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 41ace98d446a19a709b9a0b340d38fb7 |
| SHA1 | 4be2290b186765113419c66610f4796803f213d0 |
| SHA256 | 74bfd3bb100d4102cb4e330284d51a615cd29deb4d2f2c259c84810528f20c49 |
| SHA512 | 4007b7c7abb7c581e21907b992b01bc3ce708f6f65760801f1b11a575350e832ab7c80668011cccb164819c5fdbdac3f73ca6c07fc86a2eb319b5fd8335f48b5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bfd36e6e6aa90201111a27cca6e47ef6 |
| SHA1 | 3aac3b55bf81b1cab0297272b0d94c49c9164514 |
| SHA256 | da8666df8890c1876daafb1de8fee82b92e51da0b9bcb308fdd57983cc712de8 |
| SHA512 | 3738de06ef804d6dda76ab6467d62260e4fa978ee853f369eb65404a7a5662d8f1599ea98879732fc0ffdce3fddc3b3b0e6b1f04346ab67e80f45f798056d8e4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f089f787b76fe943b3179114a370178f |
| SHA1 | 53c8e226b5429fa7a935dc1df041a2a602112b99 |
| SHA256 | c74699957677a8c5f9d5bd140573782578ed3919d304474d760e7cfb50f3d5f4 |
| SHA512 | 5c4c6457e48a1feeb7f9662a3520e62bfd8e7334ec64694446748b4c7b7380e71f19572c9411b9086a1d36db4bdc7ab74e1ca2ab48e20589c322ead2f5baff43 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 90b8096d6626483255efa6fea0168f0e |
| SHA1 | a9387fd80294701934c6cd1d21f1cfca5e65747d |
| SHA256 | 34c5dc4ad19523971ef343a364233b0be4c46dd9ef2d799167b26adc334d680a |
| SHA512 | 6e6d4f64d636ee199b592829b6dc596f3b61aa34e0509593c22f5694d9760030f139648550efc0b9398c8a1384297418fe89ea2f6aee98e2a0d93389301e75d2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 54d5cbe7aa5e5ec82d87c08184c843ec |
| SHA1 | 26090662f44d19b1d340c4e1081a35c4a8a5ffc9 |
| SHA256 | 46ba30747f48ba84292821a08874c162cc9f2379ab39ac931a3dc6bbf692f050 |
| SHA512 | edf86f0c16d7f6d7164e42ccd7f499c80c021c6af1e6e4bbf360b07cf5481242bf8021b1a4d8ffdece6303c0a4a0b08cfec65a10c686fb9d9895888c8ba320a7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 08ef04b09cb2959eef327be2c9b998fe |
| SHA1 | e36cffe23c754c922bd409a2c56d214f37477ef2 |
| SHA256 | e42871176da96aaf9c90673c8079bcae4207bc44884ef1b8c84a5b6bce95efff |
| SHA512 | d0fa59ba161e4916dbdf7053c69538c2d5d82155aafb6b27f36bf703241f779def8c989226c6a2e7f767ced3d524e3ce481560a004ebac5ad178a48918cbe47d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8b6e118d9009ebc09163b978c1b8a522 |
| SHA1 | 6ec9d83f532609557c9fefa5030de882c530a1f3 |
| SHA256 | 399dba4845bcca2b10427523b0d45561d4dcffd4b26e7400cae0ecad4af295b8 |
| SHA512 | 15762f870af4e4a5cbb52e17228cea21a4e4362ad82499897f228ee0b79c3e8427a5f481b622bc032da5f5c63add1a50988bf22e671702732c25e9fc7b37f251 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7e4e5f9537da25fbfe97c1909d5aa6fc |
| SHA1 | fea83c44af7c445c93a80ac8595cab10c2d30a40 |
| SHA256 | 8fe85e59f084f6e64bf3dd32bd0efac4fe972c4f159a4fa0a5087036914a9170 |
| SHA512 | 568b692d3864f02a1232ccea2e84e50f31e087abb0bc577f368922dc006e274e67c5803c25ea631c9995c263cc6c2bdab3cb0022ebbf0d436d61552a66f5a41e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ee34ede9177567e0c5cc000fd2526c87 |
| SHA1 | 777f960725939a7f9e1a34302c0c20d8bc1eedb3 |
| SHA256 | 84cb1a38534664bf3f66906fe3cfab22b32e06dad8a46a994ff93c408026197f |
| SHA512 | 3576d4034218784486c99ed8198da3a9e8c5398331ec3d52b1fcc048ff3c2ef7946456357ceb0231c6c77bcca964dbcda9c5aacf1aa7eb2d2ef44f0733d8c2e7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f718f9a14308008d3a070cb0e1649897 |
| SHA1 | 3fdf0e585c36b27f3a0a8d236803eaf09c314fe9 |
| SHA256 | 235cd6e36edded1f5608a73f57dd69e2d34bc5fcafe6e41639f71bb5c36482b2 |
| SHA512 | 3d3142647db37f9c627c4c8483393bd784da7f99b066d7eb31975105ab1b2b0d894754ad16b5216018992bedb213afcf195679b476e39ce7f9e2256b55152e70 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 13:26
Reported
2024-06-03 13:29
Platform
win10v2004-20240426-en
Max time kernel
148s
Max time network
150s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91f282e4e556f12b1edb8237ddfa88f4_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd073e46f8,0x7ffd073e4708,0x7ffd073e4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5764 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5764 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,12112357076816933104,16364180099746017993,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1984 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 22.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 12.173.189.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4dc6fc5e708279a3310fe55d9c44743d |
| SHA1 | a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2 |
| SHA256 | a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8 |
| SHA512 | 5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13 |
\??\pipe\LOCAL\crashpad_2632_TRJZPLCNOUWWVTDH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c9c4c494f8fba32d95ba2125f00586a3 |
| SHA1 | 8a600205528aef7953144f1cf6f7a5115e3611de |
| SHA256 | a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b |
| SHA512 | 9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3121fabffeb7a215fdd854ae676dd562 |
| SHA1 | 416b47bfee335ed7298fabdf38d4298fe4949c2c |
| SHA256 | db4e68a7448d78cc2470ffb3f43885a61d0eec37e1d013c7d9d0817025130b13 |
| SHA512 | 46093fa8a7ec02695f745441e0a6743dbdbb61a38e8da0f217988efa68fe2f1852ba838d87f2c63e946a278294b2cb1f260a6d4d8221ddaa51c053927485fa89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a46cc43fd701bf822f2750c49248b3f3 |
| SHA1 | 70d48776f548ef3995285f37b4fd5711140b6c84 |
| SHA256 | ce6a198bc67a74f0ff371632254bf9285111fbc3384a2855b88890a2c154af07 |
| SHA512 | 26674ab514476d8b732643d039298b5d0f2351c6c8d980ccf1b16e4843fb328f2f9d4c8522f1ab26fdd4a7cd13ff5c5eaa7223182783025544b82f3499ce6753 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6d0b1178460eca2cbde452a4bd03ecd6 |
| SHA1 | 139f01d5ff0bf944fa4c135e50d8495962dd0768 |
| SHA256 | 5b8ba3e02aa8e2a273f5b4c51e1689b1688956cd15c7bab83121575663f52764 |
| SHA512 | 61fde45df1248017ba073d1b4d750cc4465de026b4b4fe5ffb3022dd2df5b1426ca66dfcdb1b036ac5e62210ea485f096ed72ed760d732d26a5868d3c584efbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aef943fe863cfe3c1338484f84fc0ce4 |
| SHA1 | afb5ff9c88233779ad980cbd29fd3a1f7921fb52 |
| SHA256 | d357de77ba4913ab77bd5ac14f3b38d0e9223320b3489ba2bf2fb637d7718aea |
| SHA512 | 2c5b8a73f7a76bdf49d89e0b6145995065db939e68ed7728a4c095ee4f448d870fa10b07b9ee7c68cac346553d0938679cb5cf28202c299c6a6c0960016c31fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 602b4fb4f5ee9ea90b9ba98892af4828 |
| SHA1 | 7c555a97288e15b0a51287573d422c3a58614c37 |
| SHA256 | d6522b56e6316d8ecbc60909ad3887a33ade2daa7bf7a1f9ab807fbd199d4433 |
| SHA512 | 35fa21faeb8165537d2c738f8f25c616bed968c1cca31b842e71676bad0f58bb303eb0a16b07620dfb1eaa196aaa5ec67f47f1cbc66ebb437165d338893e2fe4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4c3ebe02336465b4adcc7321570e97cb |
| SHA1 | 963a49dd8034de231b0d61a0efd3793f0a791f1c |
| SHA256 | 3ac508581df81d6298c7e21c4b1427663ff13ad38e68c39a6cbb172828b11ef0 |
| SHA512 | f5d9e9bb136dfac7adfef4892f022446ea7c2b229649a599a215c5cd5d15651ea308a47a63456403406a0f91e41f355eb5250dbdb90404b6d7a1796775779a9d |