Malware Analysis Report

2025-01-17 22:49

Sample ID 240603-qtqz5she47
Target 91f73a056d0ac77a6c356d20ff02248f_JaffaCakes118
SHA256 a1a574fc0765c02822af690b33b44931d7e49fcd517c0f01a399ec1e54ae386d
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

a1a574fc0765c02822af690b33b44931d7e49fcd517c0f01a399ec1e54ae386d

Threat Level: No (potentially) malicious behavior was detected

The file 91f73a056d0ac77a6c356d20ff02248f_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 13:33

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 13:33

Reported

2024-06-03 13:36

Platform

win7-20240508-en

Max time kernel

140s

Max time network

141s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f73a056d0ac77a6c356d20ff02248f_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e9361000000000200000000001066000000010000200000006b4a343716fb9943c6bec5bce7085cda718db8d211eb1bde325eb1531a496583000000000e80000000020000200000006308f629aa545296a82e262c4de3de631318bea5774443268e9e412f0536628f200000004560ffbbbd60e77be9eb71a2dde5404dce196ee0c4ecaf7e8b5d04947963eb6f40000000ddc6d5fd8907cb11c67c73bd26d202447eb2711d8e22f4bad5393e00f0bd02c8c2cf1c8a1a49c60a448810e23910f3f460f2e29ed2240d652e0dedcd8af828b9 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 604533b2bab5da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DC722E41-21AD-11EF-99F9-4E559C6B32B6} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e9361000000000200000000001066000000010000200000008ee0bfa9a805b45525d655016e35abc4174cfc3a3d6c8d7d7012588f879b11af000000000e80000000020000200000009d19bbadadb886ca37d2d4cc1694523a172461a032620412303d4e08038e140c9000000045904d10972bea1ebd648988e3667edc96bfd1724176929850d2d6a424b5063f67cb1e1aac85b6d0af5be15f702e105aa06c1e902e9c6b8147cab9b4579f819303c17887a9523ae5568d28cadf386da0531a39d9bd345f2cb5e9002bcedd27e34b7e91b7dc114e40e88be80f54bb869c0f344a88de143dea9c66f1984bacfb5059453f6fd9534ceea57130ff0f8ecd0940000000675fe4ce38c9275235e57da7bf4232ae5c42db43b55a219fc29c4cc7b5fd82b8da94f58dd15261199683f52f7bde323e51e32994593e78e3af18b29e4f21675d C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423583475" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f73a056d0ac77a6c356d20ff02248f_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.bestvite.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.152:80 apps.identrust.com tcp
NL 23.63.101.153:80 apps.identrust.com tcp
NL 23.63.101.152:80 apps.identrust.com tcp
NL 23.63.101.152:80 apps.identrust.com tcp
NL 23.63.101.153:80 apps.identrust.com tcp
NL 23.63.101.153:80 apps.identrust.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
US 8.8.8.8:53 bestvite.com udp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
US 8.8.8.8:53 connect.facebook.net udp
GB 163.70.151.21:443 connect.facebook.net tcp
GB 163.70.151.21:443 connect.facebook.net tcp
US 8.8.8.8:53 d2z0bn1jv8xwtk.cloudfront.net udp
GB 18.172.89.94:80 d2z0bn1jv8xwtk.cloudfront.net tcp
GB 18.172.89.94:80 d2z0bn1jv8xwtk.cloudfront.net tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
US 8.8.8.8:53 assets.springbot.com udp
GB 18.172.89.48:80 assets.springbot.com tcp
GB 18.172.89.48:80 assets.springbot.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\Cab1113.tmp

MD5 29f65ba8e88c063813cc50a4ea544e93
SHA1 05a7040d5c127e68c25d81cc51271ffb8bef3568
SHA256 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184
SHA512 e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

C:\Users\Admin\AppData\Local\Temp\Tar11A2.tmp

MD5 435a9ac180383f9fa094131b173a2f7b
SHA1 76944ea657a9db94f9a4bef38f88c46ed4166983
SHA256 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34
SHA512 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

C:\Users\Admin\AppData\Local\Temp\Cab11B5.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar11C9.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1b05ea7aa6ef6a7e4b3ca277d4f972cd
SHA1 e2d2f77bc2d929a01e5dde7c8b0170c6e4a5a861
SHA256 73e8f04f1fd176955f3aeabd69a6952e11f5aa2215d1eae60b179ecd37314e82
SHA512 c740e8bbfa37aaa08a021d1bec47042a4a048206b7dfc053e732fb9047aac67037cc38c4340d4b03e5d1cf6b266506f292f7beefc792660155280e2a1eba0ed1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

MD5 d4ae187b4574036c2d76b6df8a8c1a30
SHA1 b06f409fa14bab33cbaf4a37811b8740b624d9e5
SHA256 a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7
SHA512 1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2b5aac3b00c169a1f009a999ba911313
SHA1 b3f6f26f559119e4be95edb9e2e112b5ed316fd1
SHA256 02e6186b5bfa6465270578e141be11dfb9beb0c6f73896efe0faa571d3f70f1d
SHA512 a581605b8a899bcf4e369085268941c13e3b0521fdeb931639148e74842a5fe01256ee0a64aeef34e0e834cac26be38d95535a06dcf3e79ddb584664bf96cb39

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2431b0a4e07d5168e33aed3fd5586a36
SHA1 ee4842a4bd09b70ed0ac4a0657394b22e4cfff42
SHA256 d746e75fdfc3bd9c6cc8ae70138e4f9c3d62a4d1c95e9fc732cb49c1676fbeb2
SHA512 a8efcb3629c6c2b51103d956398040661b638dbb9c3965f3fad70bac3ab88c315b86ba8eb561ec33789f86eb9d9b848cb8741b2992a987f874bed33af4561555

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f1b17adafa7775613394f6cff369233b
SHA1 b4f8c9f4f49be476076b33bf1aea969cd3609be0
SHA256 0f1c44f5db0681d4b51a2599d5463d1155cceebb4368af8e726668a0bec36e4e
SHA512 e47770dacaea756a4eee7bc40973613a162807e53f6f6a9fe5db680d4b3a126e90ef1bf37857cb4e8f11eb03e6f501d85f8fd502c452c4e1b1f8a2ae4385206d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751

MD5 f7bc3e1f25df5e55a7a0c279ed97ff7f
SHA1 efa4d4ea1af70af9cc1f697136e43599ccfe7873
SHA256 a1e86d2ee8588151a9ceefa5bdca8a3ef00f89ce86c8dabc4672d48013483e00
SHA512 4d2faa0040c7bf9b861a84f9a2bb3157605f835415f36fe046175d256aab8e47c779df07bde9083eeccc01378c58e63d0ee0e249164498caecb1d468844145d6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9c0a3b6961d12b2992444756663a03c8
SHA1 4205df762ec92bbb136f30e79e769564945515d7
SHA256 dfd2d87cead4bb81d0696e0efb043feb627915a8a6f56910fceb7db7bdbbb6b5
SHA512 835093b6f4d58b8dbb9dd804e27d6672a88ad12e0c127dc0e502db67f3144483804f3b03ed9e0811fe2bd1e421f7ca15eba6f1be0b6d45d6e0cf8b963b4377c1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751

MD5 822467b728b7a66b081c91795373789a
SHA1 d8f2f02e1eef62485a9feffd59ce837511749865
SHA256 af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9
SHA512 bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 62f7a3cf1e1d074a72b58a51255a43f4
SHA1 0bafd0d8e4903a039c901873139247935ac75907
SHA256 d0f9c5bc82f97f5e5d436e302c48feda30e167fa2ec7607b68b607cb976dfc1d
SHA512 cba698478b7036e24dd52fce1a04fc582f52135702febb045ae58ad8488f98e504d6986a3e7df4faba619484c3c1f6796889b30a9f1452d03e1a1759bf8da65f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 900c0ec9eb7dcc4839f7e57ad917b246
SHA1 73e3dbb30269b3263c414247399ea82ab84d722f
SHA256 3df06d90355cf66de2f2738878043e348a7605c884720b29632eb7134751cfd9
SHA512 caf1ce9df475f2f30b62d2957be7939be66cb78f1eab0b017ad5c5a5a0001686a778b5f3e5b2133eb4191e2f592a4d54098a7e134e79be3aba95ae7aa2fa150e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6ae41e52f910fd227420e681cdb80c3f
SHA1 ebe2a72db448fbfc3a88720fbb57f8e19264e601
SHA256 aee638b885b62de2b8610f6fb62bffe78610e61c605ca645f212a74dfad522a0
SHA512 35d7e431cc3c5b62e8460af226dab29b073dc572e05ba8ccc41a7b758e248dde95663b8dca9e5791b43accea749ba74e118f91b929556952aac0a1465f6907d4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ad3e13d8ce27fe44feae83d182d35c42
SHA1 5aa04a47a11eb3d8ea186079214b116260e08068
SHA256 97bd2069f8857add9a6dd5bbd4a5d54e0b3ab1c646ff4fc165ee3f6604d86615
SHA512 5db70cba6f84170a888b9c7412654875bb4a633406b271b5bf646ae4357c57373715f2c9ef33b039f0beebb90226474df7d025b2fce469850d916bc14a3d2a73

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ba455cb49bc6db42ba00b77356880b8d
SHA1 9dae5347c999d0b50c6a6b2d22a9e6ed0029ba69
SHA256 168c3fd0f9f813a4055521e20f560cdb830f305f7ed041050185bcf223e31141
SHA512 6124069310446fdbb89943573813044f461a853836b62bd1aa1be16d0cc8cb3739b54f23e7ad854382c0857f9ab4e05299863a861bf28fe90b6de7fa71db537f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0bce5f09a6c693a942e2fbb081e15460
SHA1 11461f81eae44079904acbfac6dacf49bb57b7b6
SHA256 eeb91fea380e5fd6d9fa785681df3b71fc6ce3045dd33782424adc02535b0b04
SHA512 7d5ec5b8015223d1500fd84d0cd1c815a303805eabd84f8561ecd633985f90c932ec4c555bf72f55d0fbf3ec236568f344360c05c79f0cf118828191d120dba3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 02d7bbba6762facec65a4d6458ef5423
SHA1 8150ef26748d98918f87fdd32f40de77ee949d4d
SHA256 0b78a824b2f96550422b0aa8fc8157908ab831c161eb64e236c9a6ae0cad38c5
SHA512 ba89027039be815fac46ad1c4139a1b7bbc3adfab1989d7886ff971971ca60e927d85557464f5588f94636ee6d5809ddbdc9f6483616dce88bb63c1510cd2844

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b37a2fe94c72f582dd533bce16699707
SHA1 a01a8977a1aae0e1b9f1cac0f93424bb8e878bc4
SHA256 9d3de035ee78e0bd9327fe054c41709aa3e345883079f1d73efa7cd2c2426332
SHA512 25e0ccd5d6318689623decfd30a82c462e257586c507afd3c4b9811fa27fffe333f76f3be4c2119024f49010c21d63bbad4930de306ebb06bb785cc5e35873a9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9b432bde4f945626c29ca1aa1d05e2dd
SHA1 cda27d133b980d57e22e5a894a660dbe797e2b51
SHA256 c6fb2b2b9f0fed1102d7b6b9e5b1f9f17b98a43173fa81a30581c8776112548a
SHA512 f0ba075c18e9eb6924b24d5989f8d10a67b3c59408c45e78652ceb90d7ce06a94e57c1bda258f0d5058b14a9a8e006c67f6fa259fa7bcbf3ceca4f91c47117b3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 39efdfbfe49969ddd2b519b7c648b87c
SHA1 14940c9e7a723777626f9b8ba8471d4158eb7538
SHA256 7903eae80561c593fdd19c14629215957173405e1145ed18a2af3bcb3471b729
SHA512 cc82040687607c2231b533b25b3c3f2753e4b02b0143084f4927fd6c23e7aebe88560466e9a63480ab8ad8a62079a8848b24d45e3251e076b77890aa6f52ef9b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 17d93116ad0ea8cd0ee2a3e97fd91bd8
SHA1 879dfd10a21b1832e182e302b340e34a096a30e9
SHA256 662b58cd9feef23823d753feb7002419935224df3add7d8f8d41c531557e774c
SHA512 4e79c86c3201630946a2ddaf7b5908de74dafc0b75a8b3c386ed7080a0189bb605830f570dcb9d8d458688d1c36448d963d3493b77329490442dfa553f56c49d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3074ef30f7bca112c9965b198dc9355e
SHA1 0acdbb0207d18d3e93a944009876ee7704ab5483
SHA256 a5a00e3fe99ab8f4fb8126b1cfdb5f54661f49e80e05918315acbbbf7aa9b16d
SHA512 b91a450db082089ea2588c9487f6f5a9d1748cf0846a6bdf74243b321aa0d7f89d25b6763aa72696ca4a97b8eb99533d47ee2812719c99d839c5faa919386be8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fcf4018d19fbc3acc774beeb1b6d8e88
SHA1 ba3752f7493ceb4b0dc536a0ed390a8915245feb
SHA256 8502172b01e2be8792086fc7f28f1397046101da84e3d30bec92cba8501e3eb0
SHA512 da639a4a6e8afd1b6a60e171d3ca9c295cf35ed01d00de08929ad83f53e47773ccddfc8261a5178dbaa437fdd6facb9f666c812709c4a7efdf1522a94894042a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1c890f24cd847614c4cb149cdd2bb75c
SHA1 04ca23fb7d0ae1d07cabfa8168182bfe77eb3304
SHA256 8c9fa1c85dbdff83748bc4f067cb8fbe2894322884a8d349b00a3c0fc7f3c3b3
SHA512 a2b85392e0b9ea37914f0d1a4af28291c9d3860b2e7e5b39533cf6c8b12c45179b342341b685ffca10db25f088908217b37879d8714e46f5d2cc25d096ced00b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d9015b09f0e3f66343cee737962ac1a0
SHA1 0c3ca740ddf328c0be20036da7ae6272b1dc949d
SHA256 c9540be5ab6332ad79f7e3e8b7cf36044b89686acfa4fb4c3a0ff26cf7b47c59
SHA512 d41d2bb4eae6cf9d265cec74d5d250630258ec78cefc2a183131f24b6c52d566dc6f9f973495faeada211f8b05abdf8e245adf3c4be5ac581db80ec5bbf6c837

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4a30644b6a6b598580b3ee3310ae65d6
SHA1 af371cf83474176a644a30f0e50da1518dcb9b20
SHA256 96b51355d22da670e4dff27d6aff1b8e1fe04f92ec84086e64a9e3b085a62722
SHA512 6815699bcb482c6e91b7385d8c723838b3cca4a46c77d324dd19b0acbc7a34706d62e3d2ac1939854a7e7dd63891901d9b63885b380b8659c1198847dd858a0b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dbfd99414344a491cf47df59bdcd5fe7
SHA1 b081eb711ede73ebe34352eed2b470f6a948105f
SHA256 8079f155e5410ea13dd830aee404a548a628be9343469d0805bf63b44b04312b
SHA512 89852d9d9d2eca9602bd224e6667b2ec798da618101e2979a0e87860b2c6a0b1281e42722b461d9664b45ff014197f9b0cb3caa703377f5192b40dcff5305891

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 17026c4e5b9cf3c20249717ceadc4d40
SHA1 fad3f2d5409eb0e709d988a84417b616b886f345
SHA256 0e1dbd4b12a5bae5fbb17ccbca5a9e7100398e8d9df1cd889f195c309793b36f
SHA512 4a5286d2e28aca1f5bca925000e209a6a802f7db721b8f59ce986fb66857c00d716ab97d6df6fbf5e15df3139619dae2188d1adae5b9105901420346a4c3bef1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e469341aecf7262eb9b2f781303e4214
SHA1 156326ab456986bf830ff0945e3a858525f6ded7
SHA256 10940aca4acc9dc0f505ade4c2ed57bab4a89133e46299cea89b48ed155ea9e6
SHA512 f1b2b9ca8617e2b3d643b92b176677c4fd07d96c336b88ce58b3d24c4539f182ad6645316fc950a39ed47a58706ccb751638513da4b867027677a7e829c0f95b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 98635c8203973d6351e5d746c52aa7f9
SHA1 8a64728b6c8718f45d09410072ab6d7b481891ec
SHA256 e7f97d9e6aa2844932bd1f81caf0c3f59aff231af92ac7d51a6ed82d2e0416a1
SHA512 185d5b5678837b71c60fafd416c56e64e4705adfa039e58901a2cfd52fb3c6905a73ce2cad9288bd15ca40a69797d674c9e9c11f47a1fd4c49f5c2fe3d7dabd0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e491254b10134a4f7a18598e938c26f7
SHA1 63ef84b4c17ef8c9f0a39790c98b7ada3816076b
SHA256 930316892fdb888772e3cfc0bb4467c0c8bbef5e4a25d54d1c42326586dfc17f
SHA512 76669c68df27c672b45d777a3035da8b95c8ac93c0aa57fe0273b00ebeece98b9ffe8a96ce92a690bbf2f4aba11b15f8b0645c7df0cc6fa0f6f37c8289ffe7fa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2ccd4462574c19ab57e24d2f8861c4c1
SHA1 a70e688a0e014fc9bfc72391c7253bda964fc734
SHA256 1509e9256e9b4f544fae8b1cc660a46ab5b124b11b52092440c95e40e081e25c
SHA512 d793af30ad45cbc3dc3fd199922e996a9ef68d1d6d6eb5af55927bd37be6a21817cdbbcc27c0958debde272ecc61b9511c5bc07a2c2b03bb97f8b8c01eeff866

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ab1fe6a4d78940494c0690eff2e99179
SHA1 07c721d04d891f2d2f7bdc681186da9c853a209f
SHA256 3aa67d9d0b00ed30f6588b8381597d083b4146961114324d28b853a601584482
SHA512 d63eff29810c34685aa28254f7979869d45809203efa95167484d5a90843c27249b7ec96df3e6c9c2cdfb2893ee5c37878a1beb062942863676e81306b005462

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 77d6884b90d23b3ba55e9cc7a1e662f7
SHA1 fbf4052829e13ca247a7c3e8a8d6b7f581479e32
SHA256 f56ed407b5601895a914aa0721ecd80c7a78d395452e5c19adc43b8b1b51adc1
SHA512 b72a12993f152ae80de135b9d067e4599fb0159dd4b3a863a3b1074b7340c4105953557b7c3f1edc87cd351d6c70a037aeb0d7a8ddfd5c1df485e6469b3a9475

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 22da92d32c2bd08251d5a484e14cc77a
SHA1 404e236a490f46aa5401eaa1b59d5fc0744a6ce5
SHA256 36dd63a5803a853a014a0462c7d41c33110eab65e9a688071ce0be06dffc45e1
SHA512 7d936f40419384d1afe699d5ccc3b83d4783be2f4a1f802c1583b14fc2343b4a8b8d025934141fc8f693581fe8983be79ca2965a0dd4b2a966815d79980bbf1d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 33370a8ff27e5d8c71cd4aee9bdf13ae
SHA1 1a820ce042dbcca01c543ec77f13e5e48e16c446
SHA256 74557b7fdcbc59655e16388ef4265296281762fd402b2e7d4d84407dfe260025
SHA512 7e095660fb4d8c16cec3864aa7ef4a9a17a9b2eda9e48b7282d34b60ff2a2938f8d2dc6af3f601cfaa2a905c4838f965134289518c1f50c7ead8d85c287312a2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5bc27f5eacc4763803b906d1ef5d45b5
SHA1 ed2eb89297a5db01e925678baa89d22116568117
SHA256 a670ffe6a22876192d729842f8cf9e813e841a89df7f50af533cc53ed724cbfe
SHA512 111507ac618ec712a2735c58dd93186479e9cde16a8741ac4d92eb0a4d8ead2a73e9e47a591912d6d8c0ec5a778172f3a920cd3cce227470616492e2e9c5122f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9905e117a6bb0c4e0d8a5ec2ad9780c6
SHA1 9bc1bb71c46d3b72a917052212db9b99eb9221dd
SHA256 6dc35c45132b06d18c28a91ac2df0c55dc688fc22fe72d67a4c006eef53e3660
SHA512 0f955123072d07206bed4684f7b7e3b134c0f5fc4082df79c797119c5c0bd728e40bdc0504c40fe5f8e7c0f01a53945112e97ce42d643910baa4248c16bd679f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c50b2ddf28b6e93a4a1d609e5a482409
SHA1 8606fd198f77e2fa7850889d658eab22e0764a1f
SHA256 f4eefbfb78e39f88324cf60d1681f943b764ead676d0bed0f5585b480566bfe1
SHA512 435a1432716f497368bc206e3d460b37dfafb5fb9725f8a3a617c487ce4d7ef80d6b809af6a18d433d965bbb462ed9adccac83ca3b52a76e0a69debbc761d434

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a9f0496a5dc1a4c48f75fcd320b0acb9
SHA1 8466e15609494dc941896551df23447e23b43fa1
SHA256 d15f72612bb555d31c56869fe2dc6e21b6eeece3101b7f4b73d642c26fd04450
SHA512 3f90529816614dcf49d5b9285448e1946fcef16e053cca797580fdb4aa35ba56625466a1d78264f4ab472c3f4f3a546cd0da138de699571e7dcad73d55ab065f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 72a5403dc475a06523561ffcf55cb6d8
SHA1 20d4048bdfd1ead0af1c7689a02f7c8bd516d211
SHA256 71f33656871342f3a0f526cab1c13dc4db3f557730f450af3d4bbc78fc0f9802
SHA512 78e62d78683b3c952eca120970b7afce1a3687a481f896cafcc490b361d13d3306d325068d11c7c48074b8432c5c39520c3f66b692fbc1ed1e2b101d5293f0ed

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9ea2ce56b999bcd63515f9b03821057f
SHA1 cc8a888a0bcfc9f357934377fee442c8087de921
SHA256 363d124fd55dce1ccf8cae29f2d08fb7b3bf82a2e77daa564efcdd3a40b28b53
SHA512 5449f74ec83e9f4d955bad97f0aa5d6839226d81959ba1d420b23aec134b27b95f931aba6c333287970f6c678d05d9d98efbe2d48c3027ec0ebaca7add744dcf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7f6d5459d1e4ba8b9306597c3249c8c6
SHA1 2bd64fb304d0cb2c7acb40df4da258a2f36e4d89
SHA256 317a8150939837298c58d5eb1f0e70fd6def034eb8a9d37750d5d0f279d6294f
SHA512 41171d65b5f9f035ad8b75f117e0099a80eefab8ec469a4e425954b7b85e184e808e0b6daa9d8ee4dd5c10aae836edb78153518782c98854a079aa52bbf82cdf

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 13:33

Reported

2024-06-03 13:36

Platform

win10v2004-20240226-en

Max time kernel

142s

Max time network

152s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91f73a056d0ac77a6c356d20ff02248f_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91f73a056d0ac77a6c356d20ff02248f_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=5668 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5152 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5800 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5712 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5436 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5832 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=5848 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1

Network

Country Destination Domain Proto
GB 96.16.110.114:80 tcp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 13.107.9.158:443 business.bing.com tcp
GB 172.165.69.228:443 nav-edge.smartscreen.microsoft.com tcp
US 13.107.9.158:443 business.bing.com tcp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 158.9.107.13.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.bestvite.com udp
US 8.8.8.8:53 www.bestvite.com udp
BE 2.21.17.194:443 www.microsoft.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com tcp
US 8.8.8.8:53 bestvite.com udp
US 8.8.8.8:53 bestvite.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 194.17.21.2.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 74.38.227.23.in-addr.arpa udp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.65:443 bestvite.com tcp
CA 23.227.38.74:443 www.bestvite.com udp
CA 23.227.38.65:443 bestvite.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 65.38.227.23.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
GB 142.250.187.202:445 fonts.googleapis.com tcp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
GB 142.250.187.202:139 fonts.googleapis.com tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.189.173.22:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 22.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 13.107.253.64:443 tcp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 2.17.251.4:443 bzib.nelreports.net tcp
CA 23.227.38.74:443 www.bestvite.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 104.18.11.207:445 maxcdn.bootstrapcdn.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
CA 23.227.38.65:443 bestvite.com udp
GB 163.70.151.21:443 connect.facebook.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.253.64:443 edgestatic.azureedge.net tcp
US 13.107.253.64:443 edgestatic.azureedge.net tcp
US 13.107.253.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 4.251.17.2.in-addr.arpa udp
US 104.18.10.207:445 maxcdn.bootstrapcdn.com tcp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 104.18.10.207:139 maxcdn.bootstrapcdn.com tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.253.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 172.217.169.42:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
NL 23.62.61.171:443 www.bing.com tcp
US 8.8.8.8:53 171.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 bat.bing.com udp
US 204.79.197.237:445 bat.bing.com tcp
US 8.8.8.8:53 d2z0bn1jv8xwtk.cloudfront.net udp
US 8.8.8.8:53 d2z0bn1jv8xwtk.cloudfront.net udp
GB 163.70.151.21:443 connect.facebook.net udp
GB 18.172.89.40:80 d2z0bn1jv8xwtk.cloudfront.net tcp
US 8.8.8.8:53 assets.springbot.com udp
US 8.8.8.8:53 assets.springbot.com udp
GB 18.172.89.48:80 assets.springbot.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 13.107.21.237:445 bat.bing.com tcp
US 8.8.8.8:53 48.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 40.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 203.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 staticw2.yotpo.com udp
BE 2.21.17.180:445 staticw2.yotpo.com tcp
US 8.8.8.8:53 staticw2.yotpo.com udp
BE 2.21.17.180:139 staticw2.yotpo.com tcp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
CA 23.227.38.74:443 www.bestvite.com udp
CA 23.227.38.65:443 bestvite.com udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 253.15.104.51.in-addr.arpa udp

Files

N/A