Malware Analysis Report

2025-01-17 23:30

Sample ID 240603-qqdkmsfh7x
Target 91f2f1303ec8a8da6fc1ac2ab685cc12_JaffaCakes118
SHA256 de88c7fc5b259fd8b86e2a822aa5c42d0ba8aa5cb28ef2db1da7ac2aac601b5a
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

de88c7fc5b259fd8b86e2a822aa5c42d0ba8aa5cb28ef2db1da7ac2aac601b5a

Threat Level: No (potentially) malicious behavior was detected

The file 91f2f1303ec8a8da6fc1ac2ab685cc12_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 13:27

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 13:27

Reported

2024-06-03 13:30

Platform

win7-20240221-en

Max time kernel

146s

Max time network

150s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f2f1303ec8a8da6fc1ac2ab685cc12_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 80931fe5b9b5da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0C540B21-21AD-11EF-9511-66DD11CD6629} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423583129" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000233f0bef95ad644799943973d4045d5200000000020000000000106600000001000020000000b163f9c1ee3dd2642d44fa2a5eb157c45a98cefcdfbe33e2209c8f7bd40a3921000000000e8000000002000020000000aa078a7c4fab87c33d478a8f77a758c14c54ef51f4ecd8d4a6da2019074d0c3d20000000252b89232407279154862a55031445f22eb9a3d1e5f2bee2bf14d90f9a7b2bf740000000b59be26796b23161e135762b5181174ce929796c1c5d5b52ec5b286e45ac1306fb3148445db8ee2075127cc0a0b3934f9c3bd413467690242faf712a26ebfcdd C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000233f0bef95ad644799943973d4045d5200000000020000000000106600000001000020000000a0d68cca4e8ff2092cd0762951985b5a797fec954b9009ae6027ba506ab5761f000000000e800000000200002000000078eec2314555f4534fa8f98514b26914772fe652becaa314e394be1b97755a6990000000c61bd93bf579acf3328f137f02e8d801238762b29819ea28d9ca8a2b95afb0724b13fb85fb4851f87611a454b222a502527683d0c6c23c5f46b903fe5cf9bf212259b48c955fe7771bccbb93172452eef77c73fc069630998a748de9df78865fa838b2e4e44451094f46692eaeaaac8f75f25a427faa58538776a10f290a94e520ee8018ccf89fca1209874dd18458ba40000000cb3b3f474d0d75259e5220df66a606477128a9f998c034db20b407767fb3cd7ae307f9358af6ca13ecc282933018ea5affdeb7956b4f9e05cfc9c7e4adab4d26 C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f2f1303ec8a8da6fc1ac2ab685cc12_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 tintuctv.googlecode.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
NL 142.250.102.82:443 tintuctv.googlecode.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
NL 142.250.102.82:443 tintuctv.googlecode.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.200.42:443 ajax.googleapis.com tcp
GB 142.250.200.42:443 ajax.googleapis.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 8.8.8.8:53 lh6.googleusercontent.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
GB 172.217.16.225:443 lh4.googleusercontent.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:80 www.facebook.com tcp
GB 163.70.151.35:80 www.facebook.com tcp
US 8.8.8.8:53 www.cungtraodoi.info udp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
DE 162.55.172.212:80 www.cungtraodoi.info tcp
DE 162.55.172.212:80 www.cungtraodoi.info tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 13ed5e0369cedc64c8437eb9a493a981
SHA1 880053c91809fef7b2a3d688143f554d5a05c0bd
SHA256 3560614f2f62c19498d2ad6c3b9fa8f232883167479de05e924a5a3ab19a8454
SHA512 18b3c940a3b722b58c476af4141ab987ed9f7557c1e52f3f20548b2c209abd67c943761d22e20ed59c36d69f8cd911285aff7efdf2d20f51c35cad62932aefa0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 092ced801bd1e9c71dcd05c3851abd11
SHA1 7044bb89c729fd27b17f176c593447df985d7c90
SHA256 bcfbac356ee907e5bb221985081e4495f21ce13d0f7ae193bd4b2018e9c5ace1
SHA512 07444953fc5057821ba7c54f5593b5f5afad218138328f469f6444782b00f89d7ff94271163d8908a5fca461de251ece6d088718a30e29329d533a410d1e0a73

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 8addeafe6ef789439bb505066dd89d7e
SHA1 05a240c857edc0293a03b61e3021323fc9732b1f
SHA256 c904fb4d7baa12d4cc1f1a402b0a1fda9cff249170f58b8da3b9bd9994536a70
SHA512 f53b376e30e5dff7afcaa094e2eb65eea200d7ac97f746409d218986cc4d685da51f133f86a88ce01362d2553d845062141adcc3512866297188e5718db8f1a4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 70767e52147159ced3c2bc81169d4871
SHA1 9fc526802a71701b5f4f6c91f6dcbcd55dfe6472
SHA256 79db6def959c13b76da0ca66c13c82ea2b2929fc1a715cc686ee4bfc62cee16a
SHA512 85f46084d973c7090562a135f52958a4b032adae722b2f1b7cad071d2fa332fbd052f70b644afd34c6c99c8b45ad9751627ef49f0d685350389f7242cdcbd6e3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 f4d9bce4c35efb85725baaa2c5f986f8
SHA1 8ac00d5d5a21c562ee7d876548a03163a4dc1564
SHA256 488a1b5067ae5e0f402f8faaf4232f85e7a57efb7fd3f4ce5cc0651e8c104e25
SHA512 c2c4207042e461ffe2b697f936909bb0df6573af5a691429ba24c31a4fd8e2c191280ea401e6615830ef2112303cdacb8a05b43b8055b1beaaa2673d0ed6873e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 e35d0681ba9f8396adcd53bc99ba3740
SHA1 f9918053ba67eda22796547948aebdee8aa6100b
SHA256 afe8f7d0ff576ff4309999428b593d6989137954acd5b1c1d2f07468ad88ce58
SHA512 44df49743cc63c198fdba71b34961b35c8778004230640b1ddea0c4de9cac72dce34dd3173859d8398d65caa00ee833915a311989322dddd182a777ae8e50192

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 15f6aa5fec4a4f1d625fe7fd26b35236
SHA1 56f6ead35364463d658d6bbe068fb9dcfc341279
SHA256 9ee7005638109728df0371767e40928b9fcc1efff3488a8b276a5c0032586396
SHA512 535d4d5fa0351daf27a0311991b8ff15d80c2d5e021a9a67335c9fe3a65016cd7ec31f8fd30f10c2da27af0f1d32088e9760ed9e49939380fa8cc30e2ad02224

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_827A2BD464611B5891D523F77B43FEB1

MD5 3cbd995f8bc61a3669d6dccec2391d8a
SHA1 39e5903bb99f1d045f6b0c2429b43ea8e2d551da
SHA256 d302d7266945490d5d06e91e1c2557830688004c572f39343357dfd57ada50e5
SHA512 6335e0e9db04d46564a47818a02c3ed714ee705dbc70ecadf252f2813ef62ed14bf739ea545d69e3214d21600a2d9257013545ab3bd7eeba17fe1fb07b2a22ba

C:\Users\Admin\AppData\Local\Temp\CabBA6B.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\platform_gapi.iframes.style.common[1].js

MD5 682c26af19b240f98d2cb951721fa54d
SHA1 18e58b652c7f82a55ab4b1910693686049e25d62
SHA256 96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980
SHA512 078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

C:\Users\Admin\AppData\Local\Temp\TarBA7E.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9a656d5a34d260d004a4a81d6b850441
SHA1 00de0f93db91eeeb04781f3c4bb30f771be5c14c
SHA256 f96a1e52554b915c23cb3b7df17a2c95ed8317139b7f0b7ae3689d08df9e965e
SHA512 9bf0e3dd0f9df084a9862369b5bf1101751cb3eba1ca9810d9e7e960b41cb7d48262446c82572b47d068d439c552e3a64866c801958b649e2f4099e332251fd5

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\cb=gapi[1].js

MD5 f9255a0dec7524a9a3e867a9f878a68b
SHA1 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b
SHA256 d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d
SHA512 d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\TarBBCC.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 635558a1b5f82c6f66e9e1bdfb9a4d5a
SHA1 1cfc985b47c5313013476654bde42bb5fe1b79ac
SHA256 aa680981428366bf0965d5019463ad0ec6eabebffc70a1818d57148001282e3c
SHA512 1bea16139753c09e3d65c867e400dd7f374a1daa7bcd311b1876c765cd7e6ef118b5d4c8f6f133aa4f64f430078f1e80d63f7c36ba341cc7f2c0ad4bfa09fac2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 90c9c70f0abfc0eec87096801713542d
SHA1 9bcacc9b888b5ea24ce565c85ee456e357231d63
SHA256 674b0d517664c190497f3290230f88be8f71ec9a4a9d725352e2476f59d778f8
SHA512 3445f7b7522205152ea9cc42ad6fabf3bf7a83b903a4ff18df764acb5e018e00d190f6d084ce53c4f5cacd0928a08c463182952bbe71017ee152ab6274d3f628

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c104b32de226c60f6c9b4858ec5cb038
SHA1 b190f55b81479120f099a692abbdfac4be7db8a8
SHA256 a01be565ea801165f87b0ac30860d3a285648eeb1c1e454430407c2f489f780c
SHA512 e62c56383dfd9e263b3280a23c70960710da11319d97ac09a8ee88ff7b136863913bfea25b7a88e71fc7d1192d1d5ba10289422f2bfa8c1e37f1bac422eed90b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5de80b8c975e3c876b81523ef49da9c1
SHA1 924324d215d0ff107a08f2ffa75408d8a5bb5e31
SHA256 f56f2d4318ff52f8fcfc8adff9385e93d818611e420a6780c55a4499e6547844
SHA512 672bffacdeefd84963dcbb9657f83eb91532ec2f38415ae850c2107c0b3fff6ca4d4d96942124ffd83ffff578cd443422ae071fda4a480d6780859e617456ff7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 13dbc39fea5877356f853d01e85d6b3c
SHA1 f6256b01b0a63a1eefa38bda46d017a236e80825
SHA256 8bff58e5f93a883f22a51363b157002bd30b6d41036468b595fadbfb7062aa76
SHA512 5ad01cf26c2d23cdebb4423f042194275dff0e70cf48284b899b14cc0406c6339cc65c7d66bd7c2cc2603f0c946308226829edb20fcf9944393f55e4291ee400

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0028f0bb67927d91a20ea52724bbc3d5
SHA1 1bc24aafdcea21202721f50325d25c7610c73779
SHA256 20fa2f1638e33d82af4060194241b980511ee7847bffb2f722d48aa564c0a751
SHA512 d1caead48fe3f0e00c48a71201a7f50b21060c557ad3a4f2788996209d5cbef343ac92686c0061d31772692f54d0997a73bb8fdddf4675284e98d682d01f76e4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 39ef545753152c08c2673bcca44b9bb6
SHA1 0299753e7262170b8cd984c4c747517d239c647e
SHA256 21e02a269a79cd7fa4eceeaa9fd1a586613827025c8a18a10a7a65be97925edc
SHA512 25d8dc899f6aec34a0bc2f7ad5c95678a5a4e3a076b8e8a0d4898351d28cd0ff58bf6dff1578a7b158b03d4cda86b8ab774891379d89afbe1be4bd4bfb4593ed

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5470ded4176571cea853fad5da613a3d
SHA1 74818d8dd660b423aba088df8b5d5bc509be9581
SHA256 b3b99167db6cf299b7e17d39c157540adb67387b30f503dbae26c631ca375001
SHA512 021f03d6f806294f65a22ead9aa589f7f9c64979ce28d373db94d3bc3e17bf599f5efeccf49d3e50379e7ea0406be16723bb23755d2148308bc9ad6b10c51c1e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4490d90263b2b0e9f961d7b274b6f7aa
SHA1 3ddb64b671bb3b70d0de719023f44961df728d8e
SHA256 2e4b71007a00e04c5ee3eaa7c0d36e4b8cb6d17d64b917e9116a954bdb00322f
SHA512 97afcbda52eb00c315035a65e21020052bfcb3bb58db56f82ba1b69fa8b1a286d36a4d2f31e7ef1ccfa3ebd174f448e133ae08a8721f1e46295e5e225293453d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 50abf4a6fba323ec6603c620e0733a24
SHA1 620336891f78b552c2e5df911a3454bb9eb02e01
SHA256 1b873c36b18fe8812c7d11dc6eca1d4838baeb19c365c7f62b34dbffb128272a
SHA512 bd22b75b0ec30d708b0db328af885a511bd92e67411bdba85dfde4229cb38b7aa2c27ef76aeab9d463e77c635441635a9d6424e5064a07006cfacf282a0c5ee2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7b59ea779d7b588f473a6ae9bab51c94
SHA1 9862726bb6cc432d7c4e5b0e04224dc15122dc5c
SHA256 46268d6946f339a88ef33619e053561235459a685bc578899a770c4404d9658d
SHA512 e5c8b3709b6303bc18e237b32525727c561666f27450196d37bd13a07dc7693fbd320e971fa4f574ac3f0f94fff5070806eadb5432f019bc9b4ff6557cab8530

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4cc53854f4409f75721a6164521b3490
SHA1 4006fb613f1e948b556cd42f6ebd26696dcff22a
SHA256 cc852c72b8e8be5eacb2f5c7d87936bfc681a175166ccd4feddf5fcc145bec3b
SHA512 8c05f527e2f000179292dca3a8b54b904b1387d6c03d16a59e316e6a723b4fb6939611fd3913bfc2bd8536083df9682d30394a7c778cf3990955461d41e9eac4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0bc6e14131498eff1d1dc7ed59df4c5c
SHA1 4497dd74458d6cea2249fe69814699446922d6bb
SHA256 233135b8dbd5b9bd39e87e0f57c6929f128be49d2268c17216e11a0a99c9f5ff
SHA512 d0b722110382f8707255287be3b5d2e2fbee2e90ad456b6f26622416d155525b6bb3d18e56514fe2e47070135709cfb7fa023c3b8fbfc3b65aedfcde2fc7161e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 6ba76a5873332effeeb5e917125d2b2a
SHA1 242800200ec06b3aa757e34f5749cf68b7a07254
SHA256 453629651b7842d3c1567bb8899aab344c7a226334e6a60e2fcb7ae3d97a28cc
SHA512 9a4fa7d396c9803d2b25dea2d39e956b08aaf66a05cd31f28a5021172ad3dc313f7a300a53bca4705eda21ad7df715f5a816df1f42acfe95bf636dcee8052f10

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4aed2247803b56882aa1889718724c6b
SHA1 c338f0795bca8b9f42fac3bf66a7b2c00e416216
SHA256 0c82ec4468c10f11ed07a291b14ac1a8f5509ff7461f01a7e48afa37acffe983
SHA512 c497c6aef26d7c5923c9e1d583687f77add54acb47279f5e4d190550090ff7c8d9cdedcaa397a45205b7a6de8dcf26a3ae6d51ef6f49e85ed6be3fc8448acb2b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a8d7be218c9ba3053ee62b31ff7a3105
SHA1 7f62b1c808ea6c3da79db9c3825ab4f230b41c7e
SHA256 aff1f6532ecc1c77f3f425ac0b434c96219d1da31d13cd7ae5342b357cc9ac4d
SHA512 74bcc0a9833ce71b62088f99d54491dd18c04e35683561e55b3379613e6882b262b30ec55bdfd8035bcbe0573f0954ac05d86a6c38d846c8cf02871b83552701

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b5e21293752a40faf2318240d83aafe4
SHA1 60f1668eb35f0f6fa4a57b4204a3472b7cc10331
SHA256 dbb865fc4088b7fec9b8c0949d09d9f25f0fb74b91e99af058d6ff43d239725d
SHA512 969ff85b71bf6e15951ba8e92401d7ddeda88ad9b2ea7001636d3dba4730fb92ab2c9de6d7148bbc065d7cd1955ed784467f182321cb149e08356d8c8e5e4608

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bd49fe4e8a72cae3bfaf1887aa3632c4
SHA1 7f0488b5536e73f6291806a09313ff929beaa2c8
SHA256 09d4bd6298ccab57eee5628a4cb7a2d175371dfce2c81302c0991f78a1818528
SHA512 7215f045dee767c230f3c45c4316f5cd33e8153de0bd0963add48b3a9593b819d76f912b2302ffc3fc36f2c643d4c9f5835ce89e747cfb6829cfaf197209f71a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4cc8b7e151fa6d275034af9c5a9c4ee3
SHA1 e88b4ee5f65e4706ef726abb42af1f302a4e3f60
SHA256 3be5e232d6182c793b7e1896cd797d88feb4de338a549264927b9faafca895f6
SHA512 3630dc2a136d9b1a3526842728fd7efb895fe46d0d0f39ef919f99876920f6d45816a704845b868d7347d49827176305386350e1fe143d758e92574c8d6961f3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 05a35544ae8076eadd4da89fb113e3c7
SHA1 4070e37c645cf564657b690c69a4193cf4ad3dc4
SHA256 3089f1e3146e6179e68b1d4add64e9f05088c5910fe6ebe0fb1ecc89662e95df
SHA512 7ae7f4e2976d9d3bdc5935f77f4a7dafb7ff4f08aaa084e7927cd30eda5ed6da5f4e1a8b2b04d6666d0a034ed0c0f50f408497301ee5309b4c55b6e7545b0f98

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 384635f2ed95b3239df26797ed3d60da
SHA1 e1310c1f6643fe7096f94a943df36dba548f0f20
SHA256 5e04ab1ab43cb677fcd4f25fa9f853b0f73249fe5926b9d64aeab724e9523dfc
SHA512 3f6987ca41cc9c550bf16eed13a4d38f422b704a0994740a787a776f530180edacd727fbe6b20fde059a807c95c248f96100e07250f0bc4d9d397c53c91e7ac4

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 13:27

Reported

2024-06-03 13:30

Platform

win10v2004-20240508-en

Max time kernel

134s

Max time network

151s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91f2f1303ec8a8da6fc1ac2ab685cc12_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91f2f1303ec8a8da6fc1ac2ab685cc12_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3980,i,11746347647270949551,7786733067759450703,262144 --variations-seed-version --mojo-platform-channel-handle=4508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3972,i,11746347647270949551,7786733067759450703,262144 --variations-seed-version --mojo-platform-channel-handle=5020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5240,i,11746347647270949551,7786733067759450703,262144 --variations-seed-version --mojo-platform-channel-handle=5256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5320,i,11746347647270949551,7786733067759450703,262144 --variations-seed-version --mojo-platform-channel-handle=5416 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5268,i,11746347647270949551,7786733067759450703,262144 --variations-seed-version --mojo-platform-channel-handle=5620 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5248,i,11746347647270949551,7786733067759450703,262144 --variations-seed-version --mojo-platform-channel-handle=6068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=5960,i,11746347647270949551,7786733067759450703,262144 --variations-seed-version --mojo-platform-channel-handle=6296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5812,i,11746347647270949551,7786733067759450703,262144 --variations-seed-version --mojo-platform-channel-handle=5912 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5468,i,11746347647270949551,7786733067759450703,262144 --variations-seed-version --mojo-platform-channel-handle=5456 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
IE 94.245.104.56:443 api.edgeoffer.microsoft.com tcp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 tintuctv.googlecode.com udp
US 8.8.8.8:53 tintuctv.googlecode.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.200.42:443 ajax.googleapis.com tcp
GB 142.250.200.14:443 apis.google.com tcp
NL 142.250.102.82:443 tintuctv.googlecode.com tcp
NL 142.250.102.82:443 tintuctv.googlecode.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 142.250.200.10:445 ajax.googleapis.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 2.17.251.21:443 bzib.nelreports.net tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
GB 172.217.16.225:443 lh5.googleusercontent.com tcp
GB 172.217.16.225:443 lh5.googleusercontent.com tcp
BE 2.21.17.194:443 www.microsoft.com tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.217.16.225:443 lh5.googleusercontent.com udp
GB 142.250.178.9:443 www.blogger.com udp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 56.104.245.94.in-addr.arpa udp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 9.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 82.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 21.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 194.17.21.2.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 104.242.140.51.in-addr.arpa udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 8.8.8.8:53 lh6.googleusercontent.com udp
US 8.8.8.8:53 lh6.googleusercontent.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
GB 142.250.178.9:443 resources.blogblog.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
NL 23.62.61.72:443 www.bing.com tcp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 72.61.62.23.in-addr.arpa udp
GB 142.250.200.42:139 ajax.googleapis.com tcp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 64.253.107.13.in-addr.arpa udp
NL 23.62.61.72:443 www.bing.com tcp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 1.bp.blogspot.com udp
GB 142.250.200.14:443 apis.google.com udp
GB 142.250.180.1:445 1.bp.blogspot.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
GB 142.250.180.1:139 1.bp.blogspot.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 3.bp.blogspot.com udp
GB 142.250.180.1:445 3.bp.blogspot.com tcp
US 8.8.8.8:53 3.bp.blogspot.com udp
GB 142.250.180.1:139 3.bp.blogspot.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 4.bp.blogspot.com udp
GB 142.250.180.1:445 4.bp.blogspot.com tcp
US 8.8.8.8:53 4.bp.blogspot.com udp
GB 142.250.180.1:139 4.bp.blogspot.com tcp
NL 23.62.61.72:443 www.bing.com tcp
GB 142.250.180.1:445 4.bp.blogspot.com tcp
US 8.8.8.8:53 1.bp.blogspot.com udp
GB 142.250.180.1:139 1.bp.blogspot.com tcp
US 8.8.8.8:53 13.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 blogthietke.googlecode.com udp
NL 142.250.102.82:445 blogthietke.googlecode.com tcp
US 8.8.8.8:53 blogthietke.googlecode.com udp
NL 142.250.102.82:139 blogthietke.googlecode.com tcp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
GB 142.250.180.1:445 2.bp.blogspot.com tcp
GB 142.250.178.9:443 resources.blogblog.com udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 2.bp.blogspot.com udp
GB 142.250.180.1:139 2.bp.blogspot.com tcp

Files

N/A