Analysis Overview
SHA256
dc028f97a33b2b8c5f497e073f5d7a6bbfec435d7e6454ffd203941822c22042
Threat Level: No (potentially) malicious behavior was detected
The file 91f46548b8316e59c9d11a237e0c06b7_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 13:29
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 13:29
Reported
2024-06-03 13:32
Platform
win7-20240221-en
Max time kernel
135s
Max time network
130s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "13446" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "3943" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "13364" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "13446" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8954" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9493" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "22448" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "18996" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "288" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "13364" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423583259" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "400" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000023779399e3c88b49bcad2cbcb83c280d000000000200000000001066000000010000200000001b4e3d44615c72e79e6fc8b9794578194acb4cc4e582818b3a5a9ee42603b298000000000e8000000002000020000000e0ff0ab4c8b103afafd4ae9bfe297357425677fdd7d7b594c5a30fb0709b2adc90000000521f9d9682e6231a24439ef6dc3729559661d9abd10d5dab42f26bf04123ca75a7cf116b5621b7455797c9cd31ec287bb56e4febf53d5820f691b922b5a4d48e5fedd147214d8cfcddbec0f0f657e8be622370e2cd87d960d81e795c74117aab50445215d72af310fb3ca182c456eacc86ed5a493f8b3ee0d440525cf04d82e7df4c57deea6476035d5948456684390b40000000aad91c0ebbeea995a96e322dcf26ad1bc2bba70d40965f86d0307b68718f44565b98ad649ce5485d8b3cf2e38a45fde8f35bfd8768358bf2e83fe937ff08e681 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "18996" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "22448" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{5B27DA61-21AD-11EF-B1D1-D2EFD46A7D0E} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8948" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9493" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "288" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "167" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "18996" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "3861" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a094ee53bab5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "3861" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8948" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "13446" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2756 wrote to memory of 2620 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2756 wrote to memory of 2620 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2756 wrote to memory of 2620 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2756 wrote to memory of 2620 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f46548b8316e59c9d11a237e0c06b7_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2756 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\CabDDC4.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\TarE05A.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 1a68d212bca9a97a8a68ad5ed4d62e3b |
| SHA1 | b4bacbef894b1ebef84e89b8aea7c74fd3ac6776 |
| SHA256 | 76f6568a3d71cb62e372d7488d3f6b430342ee87bc20a5134d7107208c8d4202 |
| SHA512 | 966e592986a3f5992386b8c1c433b2c7192a958e0e96fe4887e69270c4db216aca72550ebe2b9a544dce5fbfa868ec556afeb60cb18c643c6af9d260b46beed9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | b6c1cbf0c6cbb661e1bf5d2a522b9328 |
| SHA1 | 960bf41be54b067c291f99ce249c782624475795 |
| SHA256 | 4d87a4949cfb0b815cff121b76b21cdfa4852a6cf8f78b1a8c118d9bd14c0539 |
| SHA512 | d80130f37681db8b3849293c60bd5febec7e9ba4d1ce6d9dd13d223b4932bf7318a711f0bc508bb50cde488445422661974a6f6992a30fd2251038e25fda38db |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\www-player[1].css
| MD5 | 6e076abc1095221e4e3e21dbd9d1db4f |
| SHA1 | e908cc0f7829aea16b42d8fec6aad567c41f587d |
| SHA256 | c7e69ec7e436426c5edb45bb5fdd943623f987ecfdb86413528b596e5b0888e9 |
| SHA512 | 3ceb46ea8e5d5abca4a1a053f20b38ac6d6c9ee60594da54122f4ff09422495261dc9356d0ed0c240ba44324c37bde120a90655b2ea40556280df674ab44fe2a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\www-embed-player[1].js
| MD5 | d2056f8d081fbfffcab81d61ea45b151 |
| SHA1 | 710243082f40626f64943ad3b656400f444d7130 |
| SHA256 | 49fa9b168cc8bbc037cf4498e31c355509e9b438b0d19fcf750b1c5fbd1efcaa |
| SHA512 | 530ca2c291c44d3d2b5869b0ae661ac047748a5cab50de280a2c8dbd26b52cdd71a906b3730e8a849debece542eb919462a8407ef2410acf28c57d2b6068cc14 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\base[1].js
| MD5 | 9178a954abcce420219864651c7787b2 |
| SHA1 | f874d3e998441ba6439cfd7e89514facde08cff4 |
| SHA256 | 40cc1692dd4d8e1c8ed29593ee222240494b872b734c0e31da4628014da7346d |
| SHA512 | 927bf88499cdd64ce32f3780a0cfa88b14fdfbeac6a237454dcc43ee5d56b04754a40dbcba402519637ba1a3b0f948a597260a74ddb0b316698a41559d8e1cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 3ebc3771fad93d5f886907fe624d0dcc |
| SHA1 | ca3547f92c1fd4fc4fd3ec32bfd9c747f4cd4b07 |
| SHA256 | 5cd7e3a11ee27bbcb20a72170c0f81df0172fd85bab620932eb4a5fc09a2f1d7 |
| SHA512 | a2eb00469c9e650ea6af7f48fd3aad2c404ad36b339dd595117baf389066832cf9d52d224417a2c50446a1174ac15cb0664b119d75f9aa37da554b1ed775cc6b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | b75cefd752c1316f8e7db2063c95baaf |
| SHA1 | 04096db0bc2004763162d7259574741adca8db87 |
| SHA256 | b69e9a672169cb685a577e18d951d51cc432b97c154174a14d9903b56ccba4dc |
| SHA512 | 9be317683f44c85c468610fa2638adeb32243691ca210fe2c81349092ed39edfdbb823fdee0614ebfef7245fe0007ddf8abf9d5748768b024bba14b30a5de0f6 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\embed[1].js
| MD5 | 322e970509e24ab233b6c326a9339623 |
| SHA1 | 10e2ea809ae638d5f32385d05c569922ab19bc17 |
| SHA256 | 99cbd012a57f19a3fc1b412866ba13d6b9de2a5bb22449dcbf14ec0a88937000 |
| SHA512 | 8f8bdc9418feed04e6fc7415e9e57f0934a6b136b1a763e0e39f67efa47e004a8c3385105a1c1dd9fa48ada83ac5a2a93940f20a99d6d16722ae903c93d9817c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | f31f3efb3514033777be9c18be86696a |
| SHA1 | 8579bf3e238ac741549f89881b706b2d2261dd45 |
| SHA256 | 09b7281261d921fa62a5b94bfd53db68b730bb1e9c878124823c1d95079d2bb9 |
| SHA512 | d1d807ee8cf9553a8bec0ac95e2f84e732985d14a92eaf01fc32d7653c51af1457e52148cfb003e91cb8288382e95c011a4b8e4fb38be4880e731811ef2cf501 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 1ba0971bf5fac2463c950303ebcb8f2d |
| SHA1 | d03b35dc2734f4ebe65e2fcddf1c3209a106f0fa |
| SHA256 | 65eee4c4ff311c505126e62db0f2bf9e2fb510097b84848edc3d6c4a6d121863 |
| SHA512 | 103bacfa966be2c7d87ce50c6c063d1889835ba8701cb134e1de9fc2e5fc7e4daf2d403a4d9f6af7ab8cf702fba07ec4fda5bbde01fa4ee0692a4c5e7fdf18c1 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 1ae0bc3751274eafdbb646269dd60565 |
| SHA1 | cfbbf94bc7b9efde099700cc8b65027fceaacce7 |
| SHA256 | 1a5eac8d266ac6c286a894d99b719d99c8adcf762444bc8c29cf85e662ef3267 |
| SHA512 | b6c4fef2090773aca5f330b4ca8f48632420eee8b6683687eb9033be596fde6eabec5b588a580dd1ccb5c89048c628370e0b19cd9e9b6b1c4f59e59e42f44001 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | a603b53da7a0d0aba8c2b9f499af4a87 |
| SHA1 | 0575ec91958084097321c271f4f4a05c154bc10d |
| SHA256 | cf6a860876383b72d3abbc38f1d1cde3eb96927457b5e08a4f1eab0c6b68afe2 |
| SHA512 | fb737741305f0d1ee9469fe38753482a4a8fd65d1568fd8ebf3af5a24805a7b6e770270ed6b959d55a62b22d8cc456478711f76b62f67827baa329b1497e43ca |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 9dbf5fb67a24ffa0e253a348b217860f |
| SHA1 | c3311b08195e498a50c8208db1263583b87b6760 |
| SHA256 | fca667ffc707c432235926e3f15569b7575530bf123bf193b6fb25f0f85d62d4 |
| SHA512 | 5af39f27a2e802c8a048f2993d571855fbb6861b0c5df03ecdbfd9118294d9f787803d7d417b82fbdf862653d7d8aaf9e6a39729ccab301a0133a6fcbfe0c24e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 9c2f6170495505d1158055adc71c7eea |
| SHA1 | c99710e00fc1a7534cb6d8f403fa70ebb095baea |
| SHA256 | ba65808780b6bb854154081331cbc7d0b215aaf32d54ba9467e1c545ddb0b301 |
| SHA512 | 38e6168edaf65c17d04756b661990cbbaa25b44769f49dde39e3288bb46606cf2313c99f7fa17254e8f6380b8e7f107123fefa6a779ce43da50a48ad298ffabd |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 055b39df62ac494aa669d483cb802eab |
| SHA1 | 31c39903fc8da3414c6d54cbefcccd5d6f28b46a |
| SHA256 | b32c6959dccdfb5cc8b33607e756da2527b4341daabd336a792753e7145ca608 |
| SHA512 | 43f262a981fca93879da7a84956a3536b523eaacfff3aa1cc97b37cd4295843c38e6a7aecff78f66561a65eb341bc31aa021764d25c3882de8232d48366981cb |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | ef099e359107de5ece14f26ac8a02cf0 |
| SHA1 | 7e49202249c9e93c8eb99b83f5f1ca5d3f949dfe |
| SHA256 | ed61f00e25e9c622d5eefd37a5a4c169d2e78b1461e00ee75825e7defe2aceba |
| SHA512 | d4cd576791c7aa3925197c53eac888311d853da7900e1970c2f387e00a29c5d233124013cde6d282e9295ba793cb60e811e1284040b8ef561b371a443a482e6b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | e027c24b89c86251dd9d16757c24399f |
| SHA1 | 0b5c0379718861cfa66fee66281f681e1e892401 |
| SHA256 | e806c5d1818e38fa2e0c12dd8ca1571e8a0b4c3a98524218082e241b4e882066 |
| SHA512 | 25de7c1b03bbadee720888b32903bb806a6e8089919d58a89123414a4662e8f2e138793b1511df073698d66ed5ff1fa9f97b9e6e43bee0798ae2095e79334fb5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 6825ce518f0b15b76f3fa04501be86de |
| SHA1 | dec476d07d53bc6c623fca0699755e558468d3cd |
| SHA256 | 4a8c967326afd68deb90d4d89d09e96abf87c39b20587b94c2c1f4812414e166 |
| SHA512 | 8c68a33dbdad6bc4031fc59d4f710a80006d7c2141e298271769330f31742781af4df0808bef337915553c2b094a6678de9e772971cc47aa87f1b1a59936c491 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 5899f0d8799964a538aed0b2cfb76335 |
| SHA1 | 91c4272f8f061e8082281d70861d17b8d7514524 |
| SHA256 | 7de9831c789ea15e1b7f9e395b30a8e1a85e9057cf71dca41f6581b7ea2bccf0 |
| SHA512 | fc2e05e1cec12bdd2bff814318e6b9817af39b0977292b041baa2ead013d8357c7d2f96246ef9e20a8bd65a596a360fb5e0326f79e1be7d052f49d5f2870e31e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 1550498d7ea4e801d1eedccc5608a969 |
| SHA1 | b4a13ceaaa0a3bf6cfd4e6267efa8dd2a63470ca |
| SHA256 | b93951bf13158a9626876f3366b863a5206a7de1c0303fb9c901ebcab95d97f8 |
| SHA512 | 89debe81171257fc9378482b61254d16a4a1e156ab7b97edfb2685eeff0f89d1bceb8dbc3286bfcb23486016e578b5e1def9698921d61d7433dd29027717e9a8 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 95d790fb6ee0bc729166b91d7184bd3c |
| SHA1 | 06ae7cc947a0d46d104e681cb1b74b027f724f3e |
| SHA256 | 677e3f1394e077791e9411f27607181451d98cc970ad6df4091117be4ecb6fdd |
| SHA512 | 133aa31dbe25fa3174045d2e84421b7e1efbec954d88f6b400ad8ef46740e3c597b6fa8af6f93141bd62b6fb1f7794c85a4b310891b9b836297fcaf8ea980909 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 2832865bb70585f1e3153e77d7d02930 |
| SHA1 | f2385daded2f74610efd0b92fd4365f2f8cfdb9a |
| SHA256 | b47f4ef529d29c2cff50be107f9565d6d2377c4b0cfff47ab3754f34247f10ee |
| SHA512 | fccef40e8af28648ec5c2f6839bcf9453f208928a62b0f1d2e0d133cb8b24ebbdc9388267ea49a2421aa40748f475aea7319703d459b72cab011d9224b019422 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 501a2ac818103bdab9ee2dc5fd4b5670 |
| SHA1 | f3fbf96448abc75d540a7efa3f0b15695a13c57c |
| SHA256 | fb155ef91bd46e1db1f575147d326a864f5bf5a1656bfd0cadeacd4de5574e86 |
| SHA512 | 85fbb6f46807cf19d489cd01f300d4a3382f4ffd85232acbac8fe643127d3e2d01f06f178911fc32d76cf092b033dba80439c499a296d692921fc4f36eca9737 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | fa4c05bcd690da839b4d30f8eabdf03a |
| SHA1 | 36c77e731e830cc90382f9b1cfab5f0f063fd3d1 |
| SHA256 | 28e9990e545cb16eb60dac80780136de2e119178da185e7fcbc4212f458e8362 |
| SHA512 | 7f7db54a0744002093c162172891a66b07223413c1dfebdb8e5a1a9609e184663f9a374b06907b1f5846169aa41cf855dae2a633ff6a4172aa75c5b45b783a7a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 8d4b6ae4c38554b991878a9e19fca91b |
| SHA1 | c17f0e7c0386cd5e23f86d69c2ac2e660615ff9f |
| SHA256 | acd8cdc66d245fa54db4679004d23e645ff2a3d85b25f4b20beb8db31cd663a2 |
| SHA512 | 777ac28811af4cc7ef2428e6eea2df78453d78762d6e9a664aab86ee978b4621ce872a9cca096b0fd2ebf7c4c5ba9b54f482e1b5c54d7bde1da3839d1072ade1 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 87409a5dfd65fb6cf28d7aea45e20296 |
| SHA1 | 77fbf7b56b818ff1f0a2a41769535962e68e6aa1 |
| SHA256 | 4aae5b2f7ac46814c40f95e7efac143caf1c016efbb4605d199334a041aad826 |
| SHA512 | 0796ed318dc750d960cc9560ffa85c99a8d0750f9b08fac1fcd7f3500024c3cc74cb7141d1e8b9b455dfd3d08693e5feb08ae09d3cf421683f73e0ce338207c8 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | b2c9f40e51c0b97fac4892987dcba377 |
| SHA1 | 6db996a9ca54cef3a8c00778fb753e6a314428d5 |
| SHA256 | 62f8e7feb62fa100d2064b154d7ccb6cb350d546b50bf2901733e89918e079cb |
| SHA512 | 9168351f5cd310d850e4ac0d6983b786392b4fd20a837eaf4b706a7a6f3f0fd6cf96f394c20159b51072f0f4a97df80c52413510d34713e320efe0c8d5ecea0c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 561d287d108f61e52c401b38ea81ef04 |
| SHA1 | 960ff61928a1f03d09e59afc90b68653f50b5b21 |
| SHA256 | eb9bde1a116f5225948cdc4801b90c8b8dcde3fd57a4b3c21158e8d19c2627b1 |
| SHA512 | 0cd59145f811dc2dfb2a0c2348389faddef13ba67fdb612e4d1bbe8a1cc362cb28ba20e74321d215c1355deff88a70a0e7046b6e4be4fa90e8e2585b064c7106 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8dae1f01126b19ab1e9128ad9a36c032 |
| SHA1 | 0b5698f199aa139ebbf550e257bccdb2fb7ffc89 |
| SHA256 | f2b9aec1c7abc43fefdfc420ae756d7337a86e293da8fe3d23e95d94e00f1963 |
| SHA512 | 259427078f53ebbb534e9d35120a82adc44d417eee56bb5a7635cc693366bb2556741fe063c14b25838f2a5a9693100322e95fcbc15cfab64cf4f6d889927a21 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1d701da7efde8b13d82f889e6f7a8b03 |
| SHA1 | 03c5de08fc651c988eaa46de4c0b565dfa05d5b0 |
| SHA256 | 24d78e7042713fdc68431017f0d3580be1cdebaf8aa708f342d160307b4f566c |
| SHA512 | de635caffe5e7fcb9bdb9382f532ad1c601afa557dbf0210dbf2e1fa436414745b61b3419ad603419ce356f920d6acf21136b452d2f457bc2ddc216bc5261d0d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d74bdfe26cbd5a381fd1fb578f72fb3e |
| SHA1 | f0a0943e3adee0f7e39670b832d0de1d6e3aced7 |
| SHA256 | c6d54b99d786509a65b06d3b293ed879e8dbc769ef79e99387c8629d1e02490d |
| SHA512 | 5a524add42e077eb1b71cadeacdb0c1779fba52c7b64c27df5897ebe056946a0cc89f6a4a1a7bcc49e688bacf68abe74eca5e31feeabc580fd648d9a62a03e9b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 80d26d80e64d53d3b271d68a02f838c9 |
| SHA1 | 94861eac5a1dccceff6eccdfa372f4a0cee30884 |
| SHA256 | f9b7c584b890a8c8725a6ad9006e8f818a8785d0001b10d9cca37aff2647a568 |
| SHA512 | 0a4ade409f9bbf74fb9a1f904ad44c7972255935aa2d5a13295bd34265b5e0ee8a0f83206eecd40a0503a153d5b8c0d71ec149e5a9572c4f0d881c64e125ccd3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 71b97ba0bd6978ee7796a148b57d5d56 |
| SHA1 | b85ebe7db3a7ef5fd07bb03399d3170eb8ffe405 |
| SHA256 | d0c71f618818ba4de5ced2a0e0a6a39b26cb16b565b7dd6dcd3fd7fdc047dc06 |
| SHA512 | 5196cfd11437e0b2720a7e9b89de805b1e5186246766e7f1ccc514aab5fae167f2ba3849f2d4e3d2b2254e9e5f9b50445a76ab8d3097d233e422fc5c01373a40 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b91451cbf9708dc46804b40fac3bdcf0 |
| SHA1 | 2cbc784fcd559842379f1116004d70b995c40577 |
| SHA256 | fbdeed8eda1b4aac1a7eac862a0d20c5ea217504c920898740418616d97c4c63 |
| SHA512 | bf79835aa0980d9e91f82b516278d06e1a1963d1356c7019455045cd3f14f7804a0465091d7dbff3845a346a0e540a0a14de08ac8d2f5323aa0876ba9aad4332 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7d355b696d6df8bd42b1a7bc9d280997 |
| SHA1 | cd12eae9e17252af3f9ae30f8309f99de8dc5fb8 |
| SHA256 | 8479539731ff7b33af3805fa2e2c018bc8ab6e4c20c96e725811e430d4816893 |
| SHA512 | c67059d2ec96023c8a2ba6500c6b2a5e7833e724ba158f035e5aec1e67300103dbfd41aabf0e340907bee5cf7bc0704f58c4336cae507ce58d34526ea43f0b2d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 247ef462c1f35dc80bbede68cd7dc521 |
| SHA1 | 9e4f092cc5853e9e24949468b3667b136dd26ae3 |
| SHA256 | f30735239b6d19710b2819d483cea4e97357996ef544020d5bd29e3edd0a8654 |
| SHA512 | 23c3cbdb51e1388a3e50725becaacc6e31d96d24064a215574f6e5a14957a6dfdcebdece3a9567740c3930ff1f722bd17a420c04f5dff9d621949511d57aed2c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 521b33be9d4f4251d508a2048478c4ca |
| SHA1 | 2c9eb29c1121c358ff87a725046249492dadf306 |
| SHA256 | e254970cc828879f0dda34c36b7f46a0c35c2fd2e9af1d1758c88722d41d2ac3 |
| SHA512 | 2526dfd3de6b4f8defbed2783c82a05586f8aa911f52ba184f7b6efc9177dc857a4cdcefba6a0786ab06ed8722cf28eb765d85a334dc936403156c3f0d24c0f3 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 3560e793efe071d8de091371ab5e49fb |
| SHA1 | 8abb3a419d4a360156a989753e3bab4fcd156350 |
| SHA256 | 81c297efb25f228d94ee619a0a65e844f3f74fae5b9348a0b95644db5c4d4a95 |
| SHA512 | 35452e9906ba9c087ede7aaf9b4363080ab68770a7924b89be454a1e42d2626f972c32cf5f4f2f769c805d599cf5f28da3d2938ac25be7913943155a152cf985 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e83bb9f9e173397ac27b429b93015880 |
| SHA1 | 830eae45ca31118e4bb4ee9dc6f189116f62d82d |
| SHA256 | 47076f4a1483ba49d7ac682b20b34af7b0f52556c8134606a13afd57ec391637 |
| SHA512 | 8ba4c52c298398023e69a5c15426ed6d3bef9bc5dd12e4e48f854fddeca99b78cb71fca5a6e9f9110716c9733fcde82c06a228a276a8545e1d845617010d18b6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 046478edd8af21a138398b2d93199270 |
| SHA1 | 7a7fd9b914f1e38786aa4a89c5c8f56fea319c02 |
| SHA256 | f2f91bb1a2956ed0024a3d31b067c91cb99eb70ee5daa6218605bb793d51f77b |
| SHA512 | 4fa0c8f77e80765615f54a9539e08f2eb20be3ac76ce8958e965ee0a923ecdaac0d7216c4f6fdf198bc8ab88fc878dda1d588b970088d941d4d0ffddd6976ca4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f7b4067c59be6f62f741adb4cdfc66e7 |
| SHA1 | fdcfeb361a91af3c8e0ea73ed814e5f1fa9f3df3 |
| SHA256 | bfea74e6c28f7112af23981fdd6e4142b50c4c55451b0c9245cf7c9c1443aa54 |
| SHA512 | c50fce1f2e09974f548d18664bc7498bbf0b66aab6415cd0b40d866c39dcb8f2e51ad5e424b2b1691d1b0abffeb2ec6c3586d54cb755b76d1682db6aac47323f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0415d7bc9fed886d17d10267c9d7f1bd |
| SHA1 | bb47c413f980884f9e1ba7a551ae7929797be722 |
| SHA256 | 7a560c223c7bc1891bfe213fb38b44ff56cae4ce8c822d679f2d8570e4fe4102 |
| SHA512 | 9ea272f8b82e583c6ed267965c81eb0adf71f1acb39e5d2ce4ef73137887c0617f4b00d238eef774b0dec9b93397d0c9b0878c3a4b20160f081c7404c737e566 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c90bd1b60c0634a5c77162f046ec42d7 |
| SHA1 | f3a6d2b1300e5f0fa8085c3ae628a67fa8f8b7f8 |
| SHA256 | 1f225a5722e7e3e1f3ead5d69fa53800c54b41280a9db888852ed638712f3713 |
| SHA512 | 6b912478528dc72b9196bbc3765804a4364ac60a31f7890b771b412f1b823f81a52086f14d3bbfb252ccd6dd7b89819aa62a80197fc72d2eaa77a681ce6cacb4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c394d7b847d9952b7e471192e7072da6 |
| SHA1 | d577eca275f9f9e195fd1f652a6e661849363e20 |
| SHA256 | f8b425ad2a11d416359b896989ecfced92f199f7a4fbb7b5ba208a8d4eeb43bc |
| SHA512 | 9af9cd5b68a43621dfc1da6d63009c1945faefe17e795dadbb4daa27a8733ad2ae7900c73da70b880fe467d936b0ee0de47226cb6cbfd1ac0ba1f671da485cca |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 95c97f9828296cdb9be355a1670aba64 |
| SHA1 | 1b2a30e062b510e2ce4fdfbe9cd4a3ac6dfbd50e |
| SHA256 | 0332bc704e9bb1082179e1896ceb4216f381c553712c475b86c8cf61a7b632bc |
| SHA512 | 8297dea39d767343f61f9885b0a3de80076af49d8d44e289fe28c894cb70aafb276ed6407fcf90c6131f063de2ab79ca57c73a20d0d3f8ecd242dadee8986904 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3a322ad885487bac395f406f9d485152 |
| SHA1 | 5b5f378b077236f7929869f84b31fd8b31028bf3 |
| SHA256 | 73473b0df7eeb1af5674846de8a092acc397737be00c43bc3510072b15f7ca68 |
| SHA512 | 67d9455991331dd104f434ddcb2bfbcfec3f31f0423d9ce0d38dc5cd578ffad4455238146f98c42b1238ae4a80c0776fb7f6328c9726fa5da0310ae3744888ab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 83bba09ce0568acece0e6f6a94f273f6 |
| SHA1 | f3eff97842ae2066559734f0eb3797e6bea5796c |
| SHA256 | 2b365b6a82e9bc94d298be67d05f4a13fb99855c0f0f49b5a78d89236708d9a1 |
| SHA512 | bfe72b6a87b08157e91c7ef54bf59ee8aa3e9f918ca6b6cc657da444825b667b7cb5c3e6f3e3cbc06e0d97da91c3e632e4f790ecf53edbacf68da67bb897e336 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8fe831454b3ddd65f6735ee141167b5d |
| SHA1 | 8710c303633adfebb1b3e35a77d0fb293a7b39d2 |
| SHA256 | 2ee60538c3d7e7c6469db2861e0f7ae7e7607933d8dd63f1ea1e62ba9cd3454c |
| SHA512 | 9b85a0b8a114ef82fe77caea946d7cf8f92de925d60f931ed125dcc247922725f319a1655ea95ed11d207da8d10bfb427045954b593f870f87361058e7b38e78 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | fb3230addf05554b931b68b0dbe56597 |
| SHA1 | 7e03bd2bb57b6e582f6bcc787414af699afb2a1a |
| SHA256 | f0f669ce4f291151511434d11eebd4f05b0a8b2efc93aa959b21545ec8ae188d |
| SHA512 | b28fd4f2671e1691e03ad797ee79cfe3ddbecffde43190d60b32c6d89cfa93bf375758fbb594b96546fa7b59828fba09f441e2a8ad9d5ae140b108275b850dea |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AID74HUF\www.youtube[1].xml
| MD5 | 445ff9852b39892e8b9c0c00fd91a75b |
| SHA1 | a4e44a7dd872ee18ea3c8378a0dd560287691cd5 |
| SHA256 | 5f1f849690be1030dd904517ef96edfd7e4bcf226a65dbf77a72af72fe718013 |
| SHA512 | 0895588f89e8def489fa390f361ea1234f64d49a681bf5acf30de794f4f93dc00ec1c088eeab09f8751a1efefb4a044496b469b5de2526034da9415bbdf913a9 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 13:29
Reported
2024-06-03 13:32
Platform
win10v2004-20240508-en
Max time kernel
149s
Max time network
150s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91f46548b8316e59c9d11a237e0c06b7_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa84ef46f8,0x7ffa84ef4708,0x7ffa84ef4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2276 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2440 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4824 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4824 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2264,14479270401605397509,1622350604836402885,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 23.62.61.72:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 72.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 27.178.89.13.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4158365912175436289496136e7912c2 |
| SHA1 | 813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59 |
| SHA256 | 354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1 |
| SHA512 | 74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b |
\??\pipe\LOCAL\crashpad_2840_YWXCPETGIOCCUJQD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ce4c898f8fc7601e2fbc252fdadb5115 |
| SHA1 | 01bf06badc5da353e539c7c07527d30dccc55a91 |
| SHA256 | bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa |
| SHA512 | 80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8436cc909947b1fc04dfa9ba71c184f0 |
| SHA1 | 6546254e24b0ce6f01a178ba8b98c2eb87332731 |
| SHA256 | ee81cda0248283efaf4eb922e98f3718157d71ce53d7b0963a56655f7d687e80 |
| SHA512 | c2d51ec4af06cbbba9f93dbfdadc91f4d113326a641708413afad3f4d3a9a526bb8d0e9aecda8c0a16e63889b88111b017112708ec1808684b0cc8a92ec53ea6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | af28fbbe1e98d1a689fbbf0fb2811412 |
| SHA1 | b25f51475d95c7e008a38aa90315ce71aa20121e |
| SHA256 | f51ad19e434fa33b4282e8d5adb6d49cf193574e3f4aa3fb6ddd9047648441db |
| SHA512 | f814c4de8ee10c9349d0791e604d69d606df57a16705d92434e88613a2d3940f5c3294b1ba15cd0dffb040964543e9279c2179108483cc491aff98c50e52d24d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 375cc26eef81c520bdcae43af51dfbb0 |
| SHA1 | 9700dc29de90efe6a1a2743ad40ad00ed12bd55b |
| SHA256 | 35405b68fa08cb80d2c6c56439ea2c6efac916ee33a98cebfe147a206c3e0666 |
| SHA512 | 1b471a9b3ecedf6d3a9fa939294f1fbbf63b3e25cf10e51c4d3138281315339aa95a780700792301f35355f886db9d830e88a9f4b7afc8ff5b9d6d68f5944e6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bc700d64dae450c42187db496c11f4fb |
| SHA1 | fc071e3a692361effdca001735dd47e7d51a5d00 |
| SHA256 | cef291aa8e93f25fccad2d71ed37b5f8d598eea1d75e7377a342d0c18064f26b |
| SHA512 | 46c6b9aa29239f82c60baaa1baf9994a1837c9ced6968bf9c4dce0b8648ce3b07818395ad81d1cad1cba19e19e7c16d0b0a7b1a208310f01596ae6395284ca1c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0f18f059932551ac0c149fb326358950 |
| SHA1 | 0ef91431a8eb770dc24b7f9623b9193254b572ac |
| SHA256 | 0340dd2041215ae4c97e83fa34f25be925edf80387442b587cf852ee40effebe |
| SHA512 | 08d56c9d43808844ee6219394fb28bfd296961957855ec99c98e16d51ef920a29feb4177816c88a348afa34181b85f8e3c60e2ab1af6bb4cfca0ae4a82959a3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c429161326d68c933d251e93e1fd3042 |
| SHA1 | fc3fa9f95fe92f1b56ecfd6232bc57c626d8fada |
| SHA256 | 99965bb065c7d366bab0092de96502ea56589e4f15fe02538319b97b987a06ff |
| SHA512 | 2aabc3584b5d0abbb5d08a0de9682e7ea27b3028a12330fc3238a0ada9a15881a92b1129088dc4276b4f9b89acfcc23ab5dfb80bef1847cc1206c358f7aa2de1 |