Analysis Overview
SHA256
ad2c824209bb9d31ba699720eb654c674407fb3a1c3f75ec7591bd1013daf7bf
Threat Level: No (potentially) malicious behavior was detected
The file 91f4dceba7908fbb5d3cba0fdd060c03_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 13:30
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 13:30
Reported
2024-06-03 13:33
Platform
win7-20240508-en
Max time kernel
144s
Max time network
148s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 20e9d349bab5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7421D5C1-21AD-11EF-B393-E64BF8A7A69F} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000ca347328ea21e747755bdde70123e0768f7c72dbd573d935ceb11c853e76a074000000000e8000000002000020000000312fbef4fd2318316664b78ec7578deaa94c83af1ede23f8aa5c7af71c9fc1ba9000000064740a98b4cff16469af579e9ed7fca37683615c3727c8cc0e0d38241feee1ab3dc80371905af8fbdee2fb89826d366d57e5894a8c98c752d9549de6353385156007485d11d2c363bf2d7feb7021f34e28bbb96bd48599aed9eaffe3f0d96b87011c461ecfed646bf6c1bd14b93831e3ae8276e7b9f3814456e8bc215aae285322e2783ccd34435136ef7198e2f5cbec40000000c3be3d1f295876348032ddc7025b3f68a805f897bfe8be1241e4e20a68d299ebacf05a1590dcbfa24ec28e47a1a682c97dbad9742847cfd5ddf2e3dfc3065cb0 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423583300" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000d70c0039e6f66b5dd4db1c4e7bc4aa316a1b274084b9aa6d8592324301fc2af1000000000e8000000002000020000000967d69441cb3e9b72b6ba3eebb8a337fb4fec04b952e8e8158b5aa033439537020000000cbb38fcd3d72aad7f24757781091b214b9a83413ade56466235fd2837c5ebe5640000000fb63d6894589dd6b94e7559f5001d912458a68e569500927c45c91ffb21cedbed8c39379eeba026c1152193f04ce2952d113be982cdaca7f2d245aa19a3d7a5c | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1444 wrote to memory of 1316 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1444 wrote to memory of 1316 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1444 wrote to memory of 1316 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1444 wrote to memory of 1316 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f4dceba7908fbb5d3cba0fdd060c03_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1444 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | static.ak.fbcdn.net | udp |
| US | 8.8.8.8:53 | christianbates.com | udp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 8.8.8.8:53 | longevitypower.com | udp |
| US | 8.8.8.8:53 | www.is1.clixgalore.com | udp |
| US | 8.8.8.8:53 | www.mcssl.com | udp |
| US | 8.8.8.8:53 | www.mountainroseherbs.com | udp |
| US | 8.8.8.8:53 | ediblegoddess.com | udp |
| US | 8.8.8.8:53 | www.1shoppingcart.com | udp |
| US | 8.8.8.8:53 | stats.wordpress.com | udp |
| AU | 124.47.143.183:80 | www.is1.clixgalore.com | tcp |
| AU | 124.47.143.183:80 | www.is1.clixgalore.com | tcp |
| CA | 23.227.38.32:80 | longevitypower.com | tcp |
| CA | 23.227.38.32:80 | longevitypower.com | tcp |
| US | 192.0.78.27:80 | stats.wordpress.com | tcp |
| US | 192.0.78.27:80 | stats.wordpress.com | tcp |
| US | 162.159.134.37:80 | www.mcssl.com | tcp |
| US | 162.159.134.37:443 | www.mcssl.com | tcp |
| US | 162.159.134.37:443 | www.mcssl.com | tcp |
| US | 3.33.130.190:80 | ediblegoddess.com | tcp |
| US | 3.33.130.190:80 | ediblegoddess.com | tcp |
| US | 192.0.78.27:443 | stats.wordpress.com | tcp |
| AU | 63.141.128.18:80 | www.mountainroseherbs.com | tcp |
| AU | 63.141.128.18:80 | www.mountainroseherbs.com | tcp |
| CA | 23.227.38.32:443 | longevitypower.com | tcp |
| US | 162.159.137.34:80 | www.1shoppingcart.com | tcp |
| US | 162.159.137.34:80 | www.1shoppingcart.com | tcp |
| CA | 23.227.38.32:443 | longevitypower.com | tcp |
| US | 162.159.137.34:443 | www.1shoppingcart.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.152:80 | apps.identrust.com | tcp |
| US | 162.159.137.34:443 | www.1shoppingcart.com | tcp |
| NL | 23.63.101.152:80 | apps.identrust.com | tcp |
| US | 162.159.137.34:443 | www.1shoppingcart.com | tcp |
| AU | 63.141.128.18:443 | www.mountainroseherbs.com | tcp |
| US | 162.159.137.34:443 | www.1shoppingcart.com | tcp |
| US | 8.8.8.8:53 | www.cliximages.com | udp |
| US | 8.8.8.8:53 | www.cliximages.com | udp |
| AU | 63.141.128.18:443 | www.mountainroseherbs.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab2933.tmp
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\Local\Temp\Tar2957.tmp
| MD5 | 435a9ac180383f9fa094131b173a2f7b |
| SHA1 | 76944ea657a9db94f9a4bef38f88c46ed4166983 |
| SHA256 | 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34 |
| SHA512 | 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a |
C:\Users\Admin\AppData\Local\Temp\Cab29D4.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar29E9.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 118d51b09e2584643c3d23dcc836e0eb |
| SHA1 | 59d12bdf4460dedae19cd2662ca1bf819082244a |
| SHA256 | 209c38516ab354ca5935fd975924c92f78bd0f0e0660990a17731afa5fdf6cb1 |
| SHA512 | d2966772375044494ca3fcf6b915c5e1f962a50ce452e169a0e938e394adb0bce3f5ac7a0772a15e6985d26ba4caa6c7e86ccfaeae06a5bdc103f03546393f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0fed540a762a7314d48a340f8ddc7bba |
| SHA1 | acc88ee821e3bd1d0b6d48a62f27ecc9c3599775 |
| SHA256 | 95f0c2bb41b93adca51fbdc87ccbd675bb4b022217eff59e411575aa33b98da4 |
| SHA512 | fa989a01bfd640b32fdb1cd1c69ec1cf431167fb357dfa333232eb782b05ec3e8c6f4b8a12103e23623b49b3fdd10c53b13d611bac781f11b7eedd3db1dcf66d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5dc40bdaa5f7dcc73092c87ae2691490 |
| SHA1 | 4e0071bfb3b21becf3096045da40bad489f27eda |
| SHA256 | 47a45e6e34b48ba3f35104c77791ca803203c9c37014c49309bfbc94b17c7b3a |
| SHA512 | 38d6cb661f14a7e0636a6b31d035a28084e66474e2cfd37ec24da40247b09393309c2ff396d0ae819bfde6ee31597820b0914a7d28d82dc88d1cabfd8787f750 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 604c46ac982271cbe23fa864438db35f |
| SHA1 | 84d756708ec7f1b68fe7d04f564dac9344e9a781 |
| SHA256 | 7aa4f0a53fc9f0895f10ee33184350f243de3b7b8b6016f63a31411b0d9e12b9 |
| SHA512 | c11dc819653bf4c62bb442eb7dcec529b49c738968af9a8ce3c35d8a101571cd70782ada5a9be33fa31d88b23ac96b540040a4bbf26f41e4c06209174d4975dd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6B2043001D270792DFFD725518EAFE2C
| MD5 | d7c2f6a63e97bb0ae2ec3150e52bcdd5 |
| SHA1 | 43bb7a0c6331039f2cf4717962e8d2fb2988b7db |
| SHA256 | b5a357e03a8a91448fc1e2ccedaf7d97099f02dde1e8cb02d1838f56ff3adae5 |
| SHA512 | 2a60524ddb0fd676fa162b0e19f3da57d12be86005b3c858a89b9a0dd72ed712f267cf1c4c43e30f4854210778efccc22fdc121c3e135f3da74c3f1cb32768a0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6B2043001D270792DFFD725518EAFE2C
| MD5 | f55da450a5fb287e1e0f0dcc965756ca |
| SHA1 | 7e04de896a3e666d00e687d33ffad93be83d349e |
| SHA256 | 31ad6648f8104138c738f39ea4320133393e3a18cc02296ef97c2ac9ef6731d0 |
| SHA512 | 19bd9a319dfdaad7c13a6b085e51c67c0f9cb1eb4babc4c2b5cdf921c13002ca324e62dfa05f344e340d0d100aa4d6fac0683552162ccc7c0321a8d146da0630 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 666c656122ae42f1a60474a11984c96c |
| SHA1 | dc72a0bfe7a8b0e1f07cad38d4da69cc1f7ce92a |
| SHA256 | e3f0627922f60f1f00f9e9138737302d280a7e1bc49b93ee29ad0a05c1f72400 |
| SHA512 | 965b19f2759179b3a37b6754c415cccee0bc33e09a2e95485081b53e6f2824e7f011ed928d9eacdac000866d241bb3f5f842c104868d25b2a4f6416935e56028 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8957affc7d2d1847cdbf3fa3713bdaad |
| SHA1 | 368b0d92b2f71726755139bb35f0a20ea5e0be83 |
| SHA256 | 15e90184b0cfd277739cde28d9f8175de5c4a00fb1547621331db614d39e9fe1 |
| SHA512 | d702cfb1b34988b5831c983f1ad019f51843baa70709784858dc8ab8d4dd29786a06cb4853075fb318f428ab71f6e7858adb80cdbef161cb7044b46591edd92c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2dc5977f8d45eaf9c90a8df799d98361 |
| SHA1 | 3e02a8c5cb3dfbb681c9d4224cb714f322410fea |
| SHA256 | ff29829404aa7b4fda9129c45cfce00eb1ffe23712c434b1aec4e257e7b850fe |
| SHA512 | 9b108ebe6e8f71ee006f1fd07a501d93596d6f8b6fa643855ee87e3f0101c8364cc0cc7b1bd493894463a65261e6cbd191c32da0bf580fd5c43306d54ab2915c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eb6236765ed85da88262320ec253fc63 |
| SHA1 | 1db86d439f017fd681b94505bbab0c757d7e26b3 |
| SHA256 | 6c69e6ef19dee88b2407446174d46fddfc2c85b2fa3f28800bc9058736d45e98 |
| SHA512 | 7bea249f0b9c91e9dd524ae5680c5ee825f6d36d96f928c511952a07b85988812fe5a943e748ede841085df4140a0b18a745ea858284b14a338c694bd4972f05 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 613e15f392e830ffd604a2fdb346dc4e |
| SHA1 | 7ba4c484bd9d1e0c1c5deba9b6a102facdf67212 |
| SHA256 | c1c0a92bd6e8aec2830c7e7a0fd15a5952d3a2a156910c3fcd9d6ca3f6bf598a |
| SHA512 | 4d558cda675fba110f4802cf81e3d99d4f284ae987986d2cd10e5503a47aa750c95460c648ed0f54fda6da416f6b3503013d163d15b421bbd391bc84c9940637 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ff2a1e6a781ca7aeda6a2c6d8ab70a24 |
| SHA1 | 771f0de6b206a2932f594a5517fdfef4d5463792 |
| SHA256 | 68c3ca3a866c6f941e6b93372c1fb4ecea246565bedad3961c133605e581373b |
| SHA512 | a4aa222983b04a38857be5301469dc5188a4b8fda5d8f540a9a31e7a6ccf4c6d7093ebe083ec1870ff98145fb22b0e10bbbcc021d53e51d3a7ca6eea340dca96 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1d4ada32576c0d825c576700560057ec |
| SHA1 | 33cd847f72b736a48533fd6d1eac34686af74b0b |
| SHA256 | b88d330d4f6c4657798f26db51659781769fe61fdfed20cb0c419e66e4140395 |
| SHA512 | f90c14344abb2b240da762a726adab247efe5f91de95a8b349d051cbc7be5e0ff03c5a387d12fcd23aa044221e1fb7d9df37c4677f34ff1622b8726d5a659fc6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fd77a743b3527d441a4b0f4f301de121 |
| SHA1 | cb13cf7469f37e9776c7df28a4b53ca4ad81d001 |
| SHA256 | 8b5fbb6ac920867472299724483be07456d490113cffa7294f479ae0e2dc76cc |
| SHA512 | f214b6871a84bccc01a5006ffc95dc5f0a7a4526df0b493fdf245f50cfe4a78ca887c167cb484b76b1b50d7f6907282aa9a67516956c59732183777562cff45a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4690a1ff56a76a510364f75d359a0451 |
| SHA1 | eedd635429e0db1cec9123591d61c3ecceddc959 |
| SHA256 | 53013f81719040e7509548b5e66b5e15e65af5a536fb084ba34edd3b1937247c |
| SHA512 | c4d7de7c91e924553fc0782676a516b712c182d6d0ca31bbaa18f4bb5bfc32191fad792ec1f7801a3c889a2a40cd31fe0c090f02a2702be38aa057753a0a6a7f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b6612b919f773306315eea7b75e6d002 |
| SHA1 | eb3d4dbdb5a7774a87cf0d5ca328d1f20cc67ca7 |
| SHA256 | 7c7c1b499ba2073a1b8906409addf5a6d1886f7ee5a9c4103c54d9e94ffccb5f |
| SHA512 | c24229de7f805188bad8ceaf4113f8848b8de3d49f848a7de7392b7eaf4b079cfb52a010c737b0a8d504527f73a5a5e72731af78b4c2988d06d1bca0377fc2ee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f38e575c49d23a6cd4458f21e160e1bf |
| SHA1 | 49dcd4f4573e3027782ec9b275d88e8077f823a1 |
| SHA256 | 24621f3c68e544d80ca86ca713fb0d4b2318bb368e18e392944601a7d3716e4d |
| SHA512 | b5bac8e90957c8b2d9549eec8c2f635f9973eae304872ed9868814ed77d5c1f92e23dcc92dfc7d7b8eed47495370b5589b83fe3c531fbcebf526523e364cdc34 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8cf03d84d05cdea960b1bb96b9b58738 |
| SHA1 | 77aaf2241402b5316858d2df5658bf029ae6f730 |
| SHA256 | ce02738024583f9788f06bceeaae5fe0d18282f1e815bcf5f08b4cd85701f25e |
| SHA512 | 1e31a8c3dbc1cd8f303d3517fdf3e09305cd403abe35147d020e5c8a0847ef5b0e24e5cbca70b20f51a5b77c768d94934474279bcb1f5d08bced9e9722b1b1ca |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5359212517f6b9dafc3aecd93a322773 |
| SHA1 | 15386472ea6b1ce6c29410f4ed85ac2d4ee85731 |
| SHA256 | 6a2d95a81fd3640d576038cc7b4bf19550d28d8b593e3eb07dcb842f97465a30 |
| SHA512 | dcb3ba5a7f6d61cac4f91cfe9628555e6bf3a12c556933d20b313e73b3da08c3cbf7244d13d036d6d3d6fcde7e6db71596696c5384bdeed0212a17f9afc6e38e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f43b1911e8ed80318566ec1ef693df13 |
| SHA1 | e2bd079e082c51c96390e15922a765983cb7833b |
| SHA256 | cb267641ed2c3de92ccfc4cbd7662621af63e998ed9590ca6a7e01d931c70c3c |
| SHA512 | ebe307772a8c0e8ee59e82e7758ae66f1bd7e665bef5724fd88a6b4a7b30b0d2157a887e5f8c36c5c626d53462cb5acb8c0600831ade533d1385a3394372cb68 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f8502bd9ffa7b732d86c80dab6f13800 |
| SHA1 | 2699f616b7d7776742942ce59091c7fcc1e30a52 |
| SHA256 | 76fa212ec6496aa51cb215abb16d2dc1499e464b5bcdf14fa6ed9feb2fdcacba |
| SHA512 | 903d7a8f104c5d353be742163dc8c734a714695b4f4f9ee2d59c9b549e4ae6aa176d316a9ad33b8f96c084f7f78b4641fb6029be836493bcd20d070dd97fd1e2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0fe5e7db8748aa052b428e6dd36f0c62 |
| SHA1 | 0fbacac70696c0b5703ec7667b13eff8862c33c2 |
| SHA256 | 33a0dd291ae49f3135cdcb662974c211c60a31ea695a915a3c271862d6b4fa8d |
| SHA512 | 511a4aa03f0e11df1414c7b8bb7c87b3e84cbf224ccc7807ce74134bd963124cbc72ed05f2191dc5101c38cff5988fec8cfff963c0fdd9e2abe379d935acf5c7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 89d35488d0c39d0532178d09d2a7fbca |
| SHA1 | 34a54eeb77addf7c436c17f02b4bee4ed5b5c314 |
| SHA256 | 3455e63af9c0473e9b95bacb7a12bbfcd44cd851789790df70b107f6760d1816 |
| SHA512 | ee4869c7ec9d94122059b0e91770f35379547dc44cb810072a3e0a3e92c29e248bc531e1cac58dc55ace21be0ca198f59ec03474a0b3bb14a9191478328dc6cd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 439734e517294f2dda5249d9019b3937 |
| SHA1 | dcd7fe3cd979af7b6c3793db167271a968a20d6c |
| SHA256 | 0ea8cd90a1ad1b0e19b403da48894b6b386a0fea9a4d0e8ee225f5bb5064ad05 |
| SHA512 | bf6caf40036150a457b473bbec426381d4d11f3775a1a440fff708fc2b6a5577a496036c5a28c80213f27a2795932c33cccccf53c7e51e5b74389c3c4a6ba433 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f9ae3dd23da99fcbb3e69b5fee347efe |
| SHA1 | ebc85f5c88e868bba9d5efd3e556c64fb3f15afe |
| SHA256 | a53edb67e4540251b44da544d7127da7f1448bebabca458ae30a8b2b11d375c0 |
| SHA512 | dbea892d24577b4a66d01d049c3c00ea68c6e52a55d7bc6f8ab1f747ead384a5195616eb2ccf04a9693323f6b4278117fb5a89a2c809fb48d1c5de469c90593c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2220f5ea17cc5c8a71f90359899a6f83 |
| SHA1 | 155c74f862e6419c2544cd393269f57070a279cf |
| SHA256 | d9f336e0b35d53cfc1bc77e780b3b496851d2d6791fabf3f97978b9f8617c346 |
| SHA512 | ae24cb9d35b4887bf2d21e12d2f8998fce3d2a5dab8a8fa1eb0bdeb98565766ad47aa1974ba14e3d41edcc7f1272314fd1217da889d4970f299b134e49f7887e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dbec2c7c62a3232f5fd733957ff789b2 |
| SHA1 | 284c19cf6496a9579e6e8d36fedd38f894e2526b |
| SHA256 | 5ba6ff80f2683741344dffc154aed08f5d34dadaffbbeeb9df8e52cb10ba3d99 |
| SHA512 | 4297d15b17aac5f7ee84f6284408a7bace5a5049406c165989d861c6d3762f61aa8aea3a0e2d10661bbf82930e3d937a80b628c54e3100380c93621326286d54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b8b302fda140eef2463b42c16060c7ac |
| SHA1 | a350093341df3798378e80be0b65136d8847fa7b |
| SHA256 | 3bf5941dbd84f4fb44d4648eddd9a0d23e0bd5b5ec73b7db8fea980a535c82c3 |
| SHA512 | c0c4d84f7237b1108e8a1f632c65ead0546dec3a5d715716cd0cbcf2da4416b38d2e72a0a644212dd7329c6cecb32c18690c37d292e369dc716bbdeb18ec57fc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 86b865b1574e7aa293c77202dceac151 |
| SHA1 | a6f5d8e5b53ee3fb903ba16602516525259d3bbc |
| SHA256 | e6009bc61ffcab990f3cbb6328b8f1a469234283b9a05acbc478c2424c6a21fd |
| SHA512 | 4b74e0571ca430373214d9cff78e6dcdebc67c33550c1a830b096c040cde7ff769118d308ccef9ddf4adac38491b6d92a4adf69c57b45d73ba50daea80afb6a6 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 13:30
Reported
2024-06-03 13:33
Platform
win10v2004-20240226-en
Max time kernel
148s
Max time network
153s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91f4dceba7908fbb5d3cba0fdd060c03_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3688 --field-trial-handle=3240,i,13319578961094268484,16557498665191861597,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4944 --field-trial-handle=3240,i,13319578961094268484,16557498665191861597,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5396 --field-trial-handle=3240,i,13319578961094268484,16557498665191861597,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5516 --field-trial-handle=3240,i,13319578961094268484,16557498665191861597,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3532 --field-trial-handle=3240,i,13319578961094268484,16557498665191861597,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5864 --field-trial-handle=3240,i,13319578961094268484,16557498665191861597,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| GB | 96.16.110.114:80 | tcp | |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | christianbates.com | udp |
| US | 8.8.8.8:53 | christianbates.com | udp |
| US | 8.8.8.8:53 | longevitypower.com | udp |
| US | 8.8.8.8:53 | longevitypower.com | udp |
| US | 8.8.8.8:53 | static.ak.fbcdn.net | udp |
| US | 8.8.8.8:53 | static.ak.fbcdn.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 15.197.142.173:80 | christianbates.com | tcp |
| US | 8.8.8.8:53 | static.ak.fbcdn.net | udp |
| US | 2.17.251.4:443 | bzib.nelreports.net | tcp |
| CA | 23.227.38.32:80 | longevitypower.com | tcp |
| US | 8.8.8.8:53 | static.ak.fbcdn.net | udp |
| US | 8.8.8.8:53 | static.ak.fbcdn.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 2.21.17.194:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | longevitypower.com | udp |
| US | 8.8.8.8:53 | longevitypower.com | udp |
| US | 8.8.8.8:53 | www.mcssl.com | udp |
| US | 8.8.8.8:53 | www.mcssl.com | udp |
| US | 8.8.8.8:53 | www.is1.clixgalore.com | udp |
| US | 8.8.8.8:53 | www.is1.clixgalore.com | udp |
| AU | 124.47.143.183:80 | www.is1.clixgalore.com | tcp |
| CA | 23.227.38.32:443 | longevitypower.com | tcp |
| US | 8.8.8.8:53 | 173.142.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.17.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.38.227.23.in-addr.arpa | udp |
| US | 162.159.133.37:443 | www.mcssl.com | tcp |
| US | 8.8.8.8:53 | stats.wordpress.com | udp |
| US | 8.8.8.8:53 | stats.wordpress.com | udp |
| US | 8.8.8.8:53 | www.mcssl.com | udp |
| US | 8.8.8.8:53 | www.mcssl.com | udp |
| US | 192.0.78.26:80 | stats.wordpress.com | tcp |
| US | 8.8.8.8:53 | www.mountainroseherbs.com | udp |
| US | 8.8.8.8:53 | www.mountainroseherbs.com | udp |
| US | 8.8.8.8:53 | ediblegoddess.com | udp |
| US | 8.8.8.8:53 | ediblegoddess.com | udp |
| US | 8.8.8.8:53 | www.1shoppingcart.com | udp |
| US | 8.8.8.8:53 | www.1shoppingcart.com | udp |
| US | 3.33.130.190:80 | ediblegoddess.com | tcp |
| AU | 124.47.143.183:80 | www.is1.clixgalore.com | tcp |
| AU | 63.141.128.18:80 | www.mountainroseherbs.com | tcp |
| US | 162.159.136.34:80 | www.1shoppingcart.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | www.1shoppingcart.com | udp |
| US | 8.8.8.8:53 | www.1shoppingcart.com | udp |
| US | 8.8.8.8:53 | www.mountainroseherbs.com | udp |
| US | 8.8.8.8:53 | www.mountainroseherbs.com | udp |
| US | 8.8.8.8:53 | stats.wordpress.com | udp |
| US | 8.8.8.8:53 | stats.wordpress.com | udp |
| US | 192.0.78.26:443 | stats.wordpress.com | tcp |
| AU | 63.141.128.18:443 | www.mountainroseherbs.com | tcp |
| US | 162.159.137.34:443 | www.1shoppingcart.com | tcp |
| NL | 192.229.233.25:445 | platform.twitter.com | tcp |
| US | 8.8.8.8:53 | 26.78.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.133.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.130.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.128.141.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.136.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.143.47.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | mountainroseherbs.com | udp |
| US | 8.8.8.8:53 | mountainroseherbs.com | udp |
| US | 8.8.8.8:53 | 34.137.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| NL | 192.229.233.25:139 | platform.twitter.com | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | www.cliximages.com | udp |
| US | 8.8.8.8:53 | www.cliximages.com | udp |
| US | 8.8.8.8:53 | www.cliximages.com | udp |
| US | 8.8.8.8:53 | www.cliximages.com | udp |
| US | 8.8.8.8:53 | www.cliximages.com | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 52.168.117.173:443 | nw-umwatson.events.data.microsoft.com | tcp |
| GB | 142.250.187.234:443 | tcp | |
| US | 8.8.8.8:53 | 173.117.168.52.in-addr.arpa | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 192.0.76.3:445 | pixel.wp.com | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| NL | 23.62.61.72:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 72.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.80.50.20.in-addr.arpa | udp |