Analysis Overview
SHA256
f579cbec1a01d855fa0a8256006996d5bb49291fe19d3c5fde543d6e8c5b43d8
Threat Level: No (potentially) malicious behavior was detected
The file 9241f2d559c50f4c1bb557af24c2eddf_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 15:24
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 15:24
Reported
2024-06-03 15:27
Platform
win7-20240215-en
Max time kernel
145s
Max time network
146s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{6F623791-21BD-11EF-B7A6-525094B41941} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000011ae002a9571e6419a81c1cd47604293000000000200000000001066000000010000200000004548074572d74534833a66cb96d7bf80ae55c2772b47628fdb52c3fedef14308000000000e8000000002000020000000dbd1b5402e4ce37d637331a43be9559b78f0d1626523d11df68c8d47327e0479200000003b195308d04289b4008758fc5c587b4dbf9d8d48a345d67319e8f1916c65bb81400000009091c1659ec4f664092c04c885d05f3875b9284900e9cabd95fad8f9cf8036ca4ef235f8f96c0c763a41b7e89f088bbe90dcdac30671973f64c31028e04baf5b | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 40e58944cab5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423590165" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000011ae002a9571e6419a81c1cd4760429300000000020000000000106600000001000020000000cc1a12a029f9f00324da3a7097ebef607302d84b01ec658343ed39489bf491e9000000000e800000000200002000000071397f920dfe1ce55c6fe657c6bbf20854badde167323f14a720e61d9a70bfa99000000066d17b8b1132044c2e2bcecfdb37477db3f261ea50db3356ca957f16f436446bed0277c59d55fb44eb7b188d0c5927328dcaeceb3bd75756224ca74766af8e7328f1e4679caf793fdf33624d3e91fe80fa068b0832399bd1e9c3b7d64a6b86330501a1dabef68703db4d5823ad8e5d95125cf6b8c3ead9bdc82acd58808b0e805576b0474e0ff80089e31a7a8e4894e340000000448863e359bdcf5eb38eecedb135d9db46838c27703bd97fdfe784069bb30adbe28b29ab2d4d99de02a860d7184ca0455b2e75ea4dedc399f3e40e741138c31e | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1512 wrote to memory of 2228 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1512 wrote to memory of 2228 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1512 wrote to memory of 2228 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1512 wrote to memory of 2228 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9241f2d559c50f4c1bb557af24c2eddf_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1512 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | img.sedoparking.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 205.234.175.175:80 | img.sedoparking.com | tcp |
| US | 205.234.175.175:80 | img.sedoparking.com | tcp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| GB | 142.250.178.2:443 | partner.googleadservices.com | tcp |
| GB | 142.250.178.2:443 | partner.googleadservices.com | tcp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| US | 8.8.8.8:53 | www.kon-kurd.org | udp |
| US | 104.21.5.83:80 | www.kon-kurd.org | tcp |
| US | 104.21.5.83:80 | www.kon-kurd.org | tcp |
| US | 104.21.5.83:443 | www.kon-kurd.org | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.152:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | fc1cc4a3bd52e9ef123906fdecc7b0fe |
| SHA1 | 154034775dc55ac747d5eb1ad16ba5fee2495e55 |
| SHA256 | 1e2d22ab1182a0fdf864639626b534ea9535da0f58a529a5e4bad73ff6a531ca |
| SHA512 | c6477cae876ac79a6f8b4523032c6ba80ef5f8a02ed7a0803777096ef6983da0fc9ddbde02429f6e205b2d8adf0399a80a1580dfe8d108e7703dffd3d092c8f5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 40a29922340825e20176733a2c7b59d8 |
| SHA1 | 61bfed84adea1095e0d9bdf40f2804aafb3bcc9e |
| SHA256 | e82b7ee333d7efb15d8e365357c0269ccc3ff936e2c4c8c29d8dfd1f230f29f0 |
| SHA512 | 4c701867e054595cff395bac80d89ae85ae22c9a3ff9a0a62c1ad6709cad26bd98cf75f18c8353242a80a54d80e0ba08998f998d1d0576131c33f462bea35003 |
C:\Users\Admin\AppData\Local\Temp\Cab1670.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar178F.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f6af1e2286f7294e0b405b7ef88bde7d |
| SHA1 | 4f3ceacc7c187b21c87795565ceff875a6c07005 |
| SHA256 | 0e57115dd2cc0be5afee5eb151ab75eb51462f68e088f2a0e24a64b28ef5bd8c |
| SHA512 | 9ff7c97a602264ecbd9ce93b8716275afb3c35b2550f7094ef7fe8d5688f81abd1bf427f85fcfe251449532fc6180fffc4da09b67b7cdb522ccaf2e4e808bd1d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b46c638a614060f63e1217b29283580f |
| SHA1 | 12c010969c795ddfb3a8a8a8914a7d9397eedf33 |
| SHA256 | 0b00df033459c12b9394c22160e7f6a9b68d10cdee6a4981a0dd2a035507f519 |
| SHA512 | 1d0804b79f259ecf6a803e63eb38d9e81032b81faed2289b8572ab2a8d0178246a09fea6d0a2d07a9c0a3faba87b1dff4eb5ad7a8e27f501ee1e47268b9fad9d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 285bde1b8d6e5f89e8787a6fee564e28 |
| SHA1 | 503d232fec21468c4f022128c5f2f3f2fd4f6f7c |
| SHA256 | aa9e7b91ee7293529ac0f0b067304b8e55f5c4b5087a5e200cc020c7890c7fa7 |
| SHA512 | a70fba810357185631087f224118486dcb466e470b172eba2f3d39226f099741044a5671e4adf00f3df711f04068c4a3b4882ecd66afa27b29787d60a91c41e2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e914ba9fe5d9bcb83f8eb3710cc100f1 |
| SHA1 | fde87849481c67c10ec886f9ffa99defe002ea26 |
| SHA256 | 4d7d9c455e3011c6ae60cfaee8a658d454dd1c5daea5f7a662850b9c071abf7e |
| SHA512 | 08276540bdb47e23ceb7e8e257309c6800aa39b1fee5db335296bac61764d47e87ee0c45adcc99cae5982fcab854c140b69256fbef255a649fcab12850e0a308 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8548b485752e1bcabf05745f9be8e078 |
| SHA1 | 306fe9ceefaee60728e2a93919b152e833e82807 |
| SHA256 | f8037f23cad8dd304fd02d14a493e475e30a4780de9d618734def9392599557c |
| SHA512 | 78774b1014c46e75cd71ecafbe5c61add5a60f1922e0181c8f4189f53a3e8f80723a1470a5c6fd0fd4ec6b6daf2ba82ef8d057376092f233e6526228ba7b17f7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b82c846986e69d968331f69f492095e7 |
| SHA1 | d918196e455f2e774b0b24855d6ee5cbced85173 |
| SHA256 | 993b0ca0feb48f2ad37e072cdc07297be990ec5f249398c2e9e16c11fb5f571f |
| SHA512 | 34c89cea84af5921bbb03a78760f3158b13cda0107d0f2dbbcc22b11ac0f40cfb86bfd899cce81f03b7ce38ed0b6ff92c576c75f7d6ce4f150e862ae09a22f53 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 205d4ba726d46b086d9615270df75def |
| SHA1 | 79a1d9a4ac1c49b455a0f46e175133c173687466 |
| SHA256 | 714a711564fd1ef68a00e8187c3b6d772bbe3e6202c3cdbfe17ddcf92f4fadfa |
| SHA512 | f614c5bb845cd91b24b91c0af0c880c38ed3d7455c4b7babcec3e87db9bdfda6e1eedf40365493a438677eef1c1cc6bf19297627f09336134f95886edbce2d91 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 036d70dfcbab2ff1943525425da3c023 |
| SHA1 | b841f1c37a8370c3e10f64d1898e97eb9325fbd0 |
| SHA256 | a693260788b416300e719243780cb390bd28e78ee4b9b994be64c2391f3a33d8 |
| SHA512 | f02e77bb69940dda047e2cdc748b74d441a24cfe9c1c95e147f0e217feac8a5043ee75217428cbce1451fa30857fef0cdcaf015e4bbe34fd939e06d1395ef032 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4b0c20e50b412c7b1ce88b05bba91232 |
| SHA1 | 5d148ccc68d8cf4749e29d854ccd03ba236b0935 |
| SHA256 | 3fe10151ae5b2434229b19695c6124254cacd439bcbe8e1d45d4447148797a5e |
| SHA512 | d9f2ee5a3d326ca9d1a7088020f820394c483cf03f7f44d734980a1479d10d27ae2e70566844fd81a9eb97bd35c5fb3b519c98b68a12629723dd9294437d12b6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 18382a447eddabb58acc47af0a1d648a |
| SHA1 | a86b675a2b70690ce0d9d226fd89ab5d5ed8f5d0 |
| SHA256 | b78bbdbd20681fe495f87400a31e4cbad808ce248d9d11528a0cd4801aa451e5 |
| SHA512 | 64f6a948b208fa5aff16a3cd0f054bcb87c6d743dca84ecf09975480d3721f6364c7f09a8b15a075f1da8820069d1e46c156877a6e288b109f0efaf6bcdd6361 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 57b7960bcf991e659258ea7140981d82 |
| SHA1 | cf16063fc1bf54c3908dce730769931939eb5cda |
| SHA256 | db9e36373bf4a48b84a7fff6ca61f74b58d88587a3dd5842efd4c17f84fdd935 |
| SHA512 | e7e6243fc7f3eec659a8690597d4f94a537389dc20f8be78310cfa88f3d6c1da34b24f38c86e71776b29c1e918d2c88ee7298ce9f640aa153b778cbc5335fbc0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2518bc54b01c2ae39ac84679ca370276 |
| SHA1 | 1a0d3ca793ef12cf30ab762146894ade4e3fbf6e |
| SHA256 | f5ac27062179ef9e059186dd787c9b2a81285bb28cb80a1c025671e1648f51ac |
| SHA512 | 66fca9e60d07388f04589050a9e2b04dbe6918ea55afe526f740f60a847ea3349b375a4b26ed3662dcf0617358615c07b54259996e8e7f01ee3003593f39c0e4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 397f4bd89e837cdd6e2ad961bc58a4ce |
| SHA1 | 38312603aad4915cd46a47a2c5f511549b640ce1 |
| SHA256 | b01821cbf5425057919dfb113e378b80c9d566b43b8e8fd75756ef1474f0e44f |
| SHA512 | 61da67b100d331d92c729ee401414ed7f72ffccab189dcf4ea29498cf201a0ac38a2e06cd7a06d1ce214641040c465fa12f4d71642e169e114bf7395c273848d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a9d9481e905837986c0d20dcd8013bd7 |
| SHA1 | 9b9e3d92ede265d0f59b50ed422cfcfe9012adf6 |
| SHA256 | 8a136455f83007ead7c30ce693f0e8d034b15ededd1517a444a3cbc77bfadb39 |
| SHA512 | 1fe68de822d3f91d274f5f13cb296572044d69fab7009b92b51c007b88870575f53990a16f451d256a6731f5de96878394d8bf43a9afc91fb15c0dee260bdbba |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | f4cf25505a324948eb32e79564c9b246 |
| SHA1 | 62a58ba1f06b484d7c152555a0ef8f8bf7837cea |
| SHA256 | 911c234f2f200b7538fb8917ed8cd5288fa72caa6353866599d84767c45d59bb |
| SHA512 | decf9a5154ced0ac91d39d9602125f8901017bf7fdf9680df508c2c2776ad54a642b084fb0e4c94fb40261bfc242fc7e34c202c5d394680685f82137c1ae453d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 06d22cfb1100a096b6e65bfa5f91d444 |
| SHA1 | 6188e34fed020c2611e11c63ff47131956081470 |
| SHA256 | 93dc7f89601333ee75a6b693f60d38d266241dd4182160a830dadf9bcd9c654c |
| SHA512 | 51b30ce42ab48704a75ee73bee1f7d22dda55980fa1bb29be1eb3311fe378df8a5317d40bc8d3c101a7f3652e1c27fe13e4c36326877cd0b1f3d0ef4a7ee42fb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6dcc905bc1e43a0cb03fd6fd8404cf05 |
| SHA1 | c96a39b4bda1a2ed284d2bd50a1d5dc869ae205f |
| SHA256 | acc393809c1bd6815d29a05584f94a9eada9316bc56fff3711fc1204975f9908 |
| SHA512 | 1e079990e70cc716236ee9a019e737361b1cf79fe1a98665f687a9866453e1eb49516708a0879130efbb74f6a137068b548c84fdc623519f4a92d14babb1ffc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 37d26dc74545fd9291c0f653a6315634 |
| SHA1 | 889f017ef70ec836f248c0dfe815993ff9759609 |
| SHA256 | 33fbf3ffb1967ca62baacb781b7267fa03606c1030a802d53cdc03267b6c5c39 |
| SHA512 | f320b2ff10d05bd765ad79d8dd5d3b8d65f0d10524b1692967f86355ede192f421da90a04f72bb6968eb688eacca7826806566cac646687a1911afdb76f09c88 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3f1d74146ea59bbdcc7bb5117c21e4e5 |
| SHA1 | 08602a81492ba826749bfa482b949e2dc3e21385 |
| SHA256 | 8e108c4d36720b3af6a0935b32631632b68148c270ec3929d9e61fa7af49b824 |
| SHA512 | 9b671ff45168dbe5ba1cb58ba783a90b299cc2f048c855fcb3b6e829dc3c3179495608da69464fb6c3c10ecb4f104c7774b4c9f885c12b83b30bd21899a79ea8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 6227b59b49b580580683200c6b0489ad |
| SHA1 | 21f0dfeac47c2de9e6d97797c7a5eee4a334f192 |
| SHA256 | 4e2ab5586eb6b6139e6de0a2049e34b989d91d579fa5b208a6ee7b898c5f10fe |
| SHA512 | 97c000894e6af1b03f3ca2b35d739a772259d94635be6d458ce0bb80e25cffa974754cb438e1fb51e8358e452252a870f64614cb261b67fe093106251eff5c43 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c9c4773a38e4d05dba2b5e6216d46dc2 |
| SHA1 | f24d69c7cccbc2f74b931a4364389b2546ba6bbe |
| SHA256 | 8396e3ebc9546b28945d6933d1119c7244e38b82acfb8ad65bc513f427e41db1 |
| SHA512 | 9f7377ae341010ed1887477ac1bfd3796abeb6a9695067c6945e9d3808612f766422e845afea92a5f31be7625da193e89026a7079ceb5bab1d132e7d15ea2e07 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f3088444f0cef938e47264dffc566392 |
| SHA1 | 2b74f0cc0129c44dd6dc728c2745923009780e6d |
| SHA256 | 447f1f5ec6087c2009d923bb0c6ae048f887961d74a9d0967412edaa79ad3f93 |
| SHA512 | 22abd547f6a2fe024319f7718fddd7aae3a0fde82ee6f43e3cbc415dcb9b23139804f809c0b06d9c69159c3b0ac4d0782e3d8fc990d617b9811f323a009eed81 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cf888c451761a95daeb03fdc3219a106 |
| SHA1 | 37769b4490fa93e01cbe554467d712ee9e2c8471 |
| SHA256 | 4d8420f4c5687c248670915b5959918823a7c58b9d96f958d094b605d3e019d0 |
| SHA512 | f7d71fba7618acb56141aa24f8f870daeb30e73f8ab6e49523b7205ed1b75af4c5af160c1ff726baa41a2c2f3831cad9e44538068ed8d79bd0249864e9106c85 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2b9b37d82bc62ed729e03ceb99d9e456 |
| SHA1 | 21567d74ae7954a492af2a4de09aa39b244b3bd7 |
| SHA256 | 30b056a21318f233c1760b269f94d58ca07587400fb43fead323b8849312fef1 |
| SHA512 | a6437c75be25ec6ae83df255b9e37da0df833d316cbcb55b8589ad1162c67027aa35f949f7975d4c9848fb447b339b3fc4d548fb1b49d4beab2b2cd467dea5fc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 290f5dc358035fbde367e9dff8e262ce |
| SHA1 | 1b943fbff84edddbf6ab28e2341ffd52119730db |
| SHA256 | 82aca45186baafe7f57ca6bb9ca09eebf398d4f76527a251f7d39891defaf1a1 |
| SHA512 | a577842ecfb0308f44d69a94e17c75478be73d673e464aee71df07da7497962152a276c2bf3ecc41d73cb4021d8fee21e1919338fae28984a035971aaf50952d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 11a41f1706e831e7dd1aa6ff4f89b902 |
| SHA1 | 990d9d90fdff37103236b14db219e6d204e0fe9a |
| SHA256 | bb0cf379a18584aaeec750776fbbd0f6435b91bc05b98e111c656eb3fcf3c031 |
| SHA512 | 6c5254680585d2f379f233fcffaa786d380bbb6ac273dbf6ff4cedf4e9973b1d6836c073ab6f2c6d317af0f5a06c91a4d22e4091524fa49047cdeebbf6d8330b |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 15:24
Reported
2024-06-03 15:27
Platform
win10v2004-20240508-en
Max time kernel
133s
Max time network
138s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\9241f2d559c50f4c1bb557af24c2eddf_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --field-trial-handle=4044,i,16710585221322798697,8586257254049248207,262144 --variations-seed-version --mojo-platform-channel-handle=4108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --field-trial-handle=4080,i,16710585221322798697,8586257254049248207,262144 --variations-seed-version --mojo-platform-channel-handle=5004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --field-trial-handle=4880,i,16710585221322798697,8586257254049248207,262144 --variations-seed-version --mojo-platform-channel-handle=5248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5388,i,16710585221322798697,8586257254049248207,262144 --variations-seed-version --mojo-platform-channel-handle=5284 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5416,i,16710585221322798697,8586257254049248207,262144 --variations-seed-version --mojo-platform-channel-handle=4272 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=5860,i,16710585221322798697,8586257254049248207,262144 --variations-seed-version --mojo-platform-channel-handle=5880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=5872,i,16710585221322798697,8586257254049248207,262144 --variations-seed-version --mojo-platform-channel-handle=6128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5660,i,16710585221322798697,8586257254049248207,262144 --variations-seed-version --mojo-platform-channel-handle=5436 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | img.sedoparking.com | udp |
| US | 8.8.8.8:53 | img.sedoparking.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 205.234.175.175:80 | img.sedoparking.com | tcp |
| US | 205.234.175.175:80 | img.sedoparking.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| BE | 2.21.17.194:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| US | 2.17.251.21:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | www.kon-kurd.org | udp |
| US | 8.8.8.8:53 | www.kon-kurd.org | udp |
| US | 8.8.8.8:53 | www.kon-kurd.org | udp |
| US | 8.8.8.8:53 | www.kon-kurd.org | udp |
| US | 172.67.133.53:443 | www.kon-kurd.org | udp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.6.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.175.234.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.17.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.133.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| NL | 23.62.61.72:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 72.61.62.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| NL | 23.62.61.72:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |