Analysis Overview
SHA256
c71d9ab5c7d418790e5800246b8b4da4757da3a5d4fb5fa8bb0bc0c2d148da06
Threat Level: No (potentially) malicious behavior was detected
The file a15910203a77d6195eb45a5298834305_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-12 16:33
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 16:33
Reported
2024-06-12 16:36
Platform
win7-20240611-en
Max time kernel
118s
Max time network
147s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424371892" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "17540" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8953" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "17750" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a8076000000000200000000001066000000010000200000001bd079fd6be46538e970d5284f9e5ba4089a5438d60cfc51dc658cc38c629fcc000000000e8000000002000020000000106be31c664cbb962a7796f47929d6200957dd32deddf26ace028edd4db174ce90000000b2a8f07f92a80c82c712a94df95ffa68170e6257eb8aab2800033cb16327840041d0296c7b6e1121e3cdea51b0e08626113163c72204927276bdcf02ab307800d88cbcc25dfef1cd54424282dc5b964b62315da92ea5cf2c471aa9d36c5b89971cf6d001ad7ad1e2a620cae8c979999e63ce821d49376869fa6a9227f73a3ce3441cb99c537e80ad3d2cff08e1534311400000005aa093c91fd81a3afcc2e452ec3db4bb5957300d51d676a560998b92b94196bad16814ffbfefd4e0ae21ae0e7248595cdc59173ed2589941efcb7400c527948f | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "17546" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8953" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "17750" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8871" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "12304" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "17658" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "17658" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "12304" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "17540" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "17546" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 10f7ff87e6bcda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "7614" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "2184" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "17658" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10335" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10417" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "2184" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10335" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10423" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10423" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8871" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "17750" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8953" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a807600000000020000000000106600000001000020000000b329429e158dfbd882a1b7a9685a93fb09901ec6e260e9492b5bc663a6c1af59000000000e80000000020000200000009e7a995c2de195f27672cf5904ce9a47b2b1ddaea476ef4ee103effa1be66f22200000009701f601f6dab0101593cedd00e089e3bb08e90236fe567c58b2326a549fd8bd40000000deaccbe33b01632cecb167296fdb99c5b0b8c8145b330b2c06d2929c15c122d40e42d3333f53fa7155ef784519d297fb09cde2efae9bd60f4db43797c4fe9064 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10335" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2996 wrote to memory of 2588 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2996 wrote to memory of 2588 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2996 wrote to memory of 2588 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2996 wrote to memory of 2588 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a15910203a77d6195eb45a5298834305_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2996 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 216.58.204.74:80 | fonts.googleapis.com | tcp |
| GB | 216.58.204.74:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 216.239.32.178:80 | www.google-analytics.com | tcp |
| US | 216.239.32.178:80 | www.google-analytics.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab2DB7.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar2E08.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1f4e43a11efbc2c7cdabd9bd1bd7d527 |
| SHA1 | c137f27e669e9ceb2e580962235ace388862cc68 |
| SHA256 | bca17cfc24efac740a2a693e9930bb03988cdd912364436043c47dd510ec9ce9 |
| SHA512 | 9c855d9a49cbe7c8bd95210c3d10761a1dfc25d914467b6f9dc8ee0b3b4c809e5070d007fe2945cdf82c7cd858936055dd8024b9d52ae03892743fe651bdc097 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 637cf420e172afd4e54a875ce1b29e34 |
| SHA1 | 664d5fe7cc9fcb167c606b2c8cff6436869c459f |
| SHA256 | 4d4796e948f6bffc7779d5603e299b28a739edaee79caeaf398e5c3d577914b4 |
| SHA512 | 16b1bab58039bfc3e237221571cb903e45efc853101f32d07e376e38a9e5bb66055b60dfb852454f9fe9b030445c9fbd86e1ad63452dce82bcc94da2b4e5dd1e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\www-player[1].css
| MD5 | 69958caec43c10f1d36a71ce83ac69e8 |
| SHA1 | d363274a0f568e4bfe98e978eae59441fc17a1fa |
| SHA256 | d24493147c49a7b5d1a21c66aa87d11a0c976cd4e9392b89add880139aa2b1ff |
| SHA512 | 8a57bb5c5a1f7a91057493bad34133f7a2da0b7322ea84638a82e4df13045a584b11a0bc5beb90c018e9d5fecd323bc73cb35e2c322804ddd74ab0e4967bb84a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\www-embed-player[1].js
| MD5 | 8940a491297381a0ce25360e21b39bb5 |
| SHA1 | 43d7a4157e78777fc024415969c3a7bd550a4322 |
| SHA256 | afc766cb1c4a339c40d24ad926f05e8b4927eed7532b876291d0bd19adc9cf3e |
| SHA512 | 5772d7e7485db888676e69cbaf4c88af01872997338bc61e8e0344d5dba208c2909e167d54d8edcb782e17d1a2b4e9dba955baeb0ad0e43ba932b3bf25ae7dde |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\base[1].js
| MD5 | cb463df0a090cdfabc77af2691141830 |
| SHA1 | e3dde6a1f5c4803e69839154013496a781137473 |
| SHA256 | e09e2e8a3cfbcc88eea12d0b17161e1f2c8c75f1bb21100829c09f9858db3f24 |
| SHA512 | 099374f7b03a4635390b94525105884fa101d93a583eed0d92def7d2de3199d2bd57fc63d885e8e9af0863db40cf521d2fb770eb09400a4c6285f7c37ad88e8c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | eace0d807936914d3ea81bb5a337ad7b |
| SHA1 | 8e28c3bf2279e74b5d3fada69a4de3a75b2d3aa8 |
| SHA256 | 3eea1ed11de1fecda32e066e422009e2f779d5a4f6528402f4cfc9f45189c23c |
| SHA512 | 396dd94bccf4fdc2d408eb4e8d56426de39e5f40c99175de4284d08fd977c1b3b61a165e4e5ba0ba5d0ffeb2ca4795f8e2b4cbfb16b58f82edb3440bbcf7c600 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWTP8BNA\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 57a2e488bcb3ceaa00bc5dece6e7b915 |
| SHA1 | e31bf947d7f85f29384b0620f1c691e201d59007 |
| SHA256 | 27a68fa6aecc21e83f2f022d805cabbad4939687550b4a0e7419614526b18fe5 |
| SHA512 | 74a6f712b3cf2d2a373c631491178b27bf860bcbd2eba2149140c71f9e96f2f1702cdf49af44000d9fdb19d150a94154e73ed91dc18df50f36a9edd6d0a03121 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWTP8BNA\embed[1].js
| MD5 | 14d69fc9da4a63c8ad5013b3d3781842 |
| SHA1 | e0272f8403d95fd27df22dff5fc014e2ab5d8a3d |
| SHA256 | e2a5632fec9da56d272ccdea5ecfa7000dc70659673c52a11966802e37a2140e |
| SHA512 | 0f85c67ae8969570f6cfa4d265013da7d4820ea11349b11b886d480d7d78df5c6aa1e7484724d6b21421db18678d22bae6d478d3d0e35506673fd609805d1976 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | e522384fad3f0408dbb76b6636e8d56c |
| SHA1 | bcbeb126eef35a9bc27ccf17e3ddfc5ff44d53f8 |
| SHA256 | 55646404cdc22bfd2be737ec757b239d8d6d443717faf4034769073a772472be |
| SHA512 | a5b51ebed7809c73d75f1d15671a622010d76519050b45e58a0120efe6bb3b1c0f4d60620ebca7f1c59aa8341e74c737dd6059f97152169b0e3196239bed490d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ec6055c9663f62d8f9ddffa8cfc906ec |
| SHA1 | 433ad104c8eeebbed0cc30590d9357109a7a3be0 |
| SHA256 | 48079ea2891d32c9e3e9b1a454393b826a1d06fd15f3574656c85fe32e074b98 |
| SHA512 | 895d2e7b1e0cf3faa3de67b524a16bf3af7e795b45ff472014899b0919af8ebc8db0b2df4d6ada5ba592896e27879ce686815c388d11083022f26929480091a8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b3a1980f683c37c3368ba76c3487490f |
| SHA1 | cb9382dc5d1bbbcbded6a90f4826b19ab6530b80 |
| SHA256 | a4454c18481db76d19abfdbea1b7f9c096aba31900c97c068eab3078ea437a6f |
| SHA512 | 2cfa7f11cad86b1d7180bfd76d4674f12d2e3fbdb7986bc9e6adfb4be58ea32a93ccdbf9a57832fd9a952c00863c294a825a4081ada67b0aac5ab335c48ff112 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 562cda9d1e323beaf40bc8a86db3e4e0 |
| SHA1 | 899cc71cd16dd9de5b5d7e072059e386f3373c36 |
| SHA256 | 6aa8cdf6aa3c7eec2818c9c2c69c6263b46e0b3fe6dcc9970041b2e5fa9b358d |
| SHA512 | 72e6cc2cf63010d60d09150207d47c843f552228b882bd162b5a34bcaba28cb6cf87c3a169c411fe69cc6b8664932f358a4b30e509591f67c81c1bbc96453c61 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5fec5d9bb50d19060684f1db01df2f3b |
| SHA1 | 28f754689ba5859e24a42eed7bc5a832ccf75fc9 |
| SHA256 | d057613eb5717c9dea8dcbadbc3e18afa7255f20d9aacadf9cc013a07f84e2d8 |
| SHA512 | 2c5919418ee6ba0e9d37af9b75f0072e1b852aa5c7733e173ea7117736da8d91016bbb2c224de0bb9c925d961a957dd36a39c6bbcdcae756bcc8e5b06618b460 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | be580035af7c71a5324d0fe3f12774f3 |
| SHA1 | 04f2c81dd77a93ffeea104c3b6664d9a80867467 |
| SHA256 | ea4396cce4d050afde6d23b714db54e513325bcea0af69025fea1045976f7b09 |
| SHA512 | 0a56153bf891b7c579e88c30f9df869d022affa642889abb065325a6c7db39425c2a30a96b3ecaa23d571da6178faa599aae6307a0bbdca43ad34e5046179c22 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8700954f623d43655d924d04b586695e |
| SHA1 | 4320df278013aa15814aabb31e731e620925da97 |
| SHA256 | 82b67cf60441d2088c04c4d1b767cd87154bfba2cde32b0b7a4b9a7c2ebee829 |
| SHA512 | fb3d67bbf6cbda69153f8c87e8f91631975a9040d969794e6e7353805b19bfb24438b7896ddc82f2249c2aed253a1074165173cce7c7448045843d94f82abc51 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e6716de00eb4f06dad7e5ce6b7d6db6c |
| SHA1 | d2d9b0bad96e888d905513e2c4e2e2a6dfbf085e |
| SHA256 | 7103b396a8bba861ecbf05e6d890c73f41f88ecde16cb2a9f78cfe10273f2fd3 |
| SHA512 | e525ebc540c9ff852dadd53371163cbbd752d104900e32f36b6c66fc86c32b27b04b7f82947af85391afb31307ec19985cb2b992db100f5525aea3a68f99204a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4fe23345df91f421585c5761848d9cef |
| SHA1 | 73c07b186a1eb522737ea618cc989579d658fa2d |
| SHA256 | 8a4349dd81d40ce31868c9bbc38de1d4af5a4f260934e2764d1dfec815fae8e1 |
| SHA512 | cb0f9b8ed5c1ac7c7db0b005f8f196d1c056ffc2d1c3bd18662b0ce293027de84f04cfa194fd20db81ab7d0813a195299cce7a328d44bdaf11bfb988e7104731 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c0d60dbb298c16f98efff4563599c3fa |
| SHA1 | 908af7624f209e577d08f936e9e63a5874f48351 |
| SHA256 | ec60e221428cf642ad3d9f19abb0c00e1c3ba324be5df90bd19433357a1549f1 |
| SHA512 | 0e51d082e02188d747b5f0fbe07e93dc7bc315cb1ab3c71cd7387c0abe8a670724cb5f20ced93e0fdb37cfb2a14335e4ad846f575df4da47abaf0ad03c227829 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWTP8BNA\j85XBmD3K-auBXRuR4gFy-YbXrRwDWE2e6ZsFqyJZWU[1].js
| MD5 | c31f785afed7c3bd94e48286a26482ad |
| SHA1 | f66156197cf74e58d6e0a327e8a1e6503fe63374 |
| SHA256 | 8fce570660f72be6ae05746e478805cbe61b5eb4700d61367ba66c16ac896565 |
| SHA512 | 8932b515493774d5587a01fe6d3fd08c404fdb694219898ee32a44ef00cd8773ceec0f46af1fb2834211a64a7eb698ed6d1ee7edbf70e80593997ce65113a6a7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 316d7c06e38f09a5ed22623bd2089a9d |
| SHA1 | 6eedc15a3ee1859d5f282a6af75964ec08111246 |
| SHA256 | c3c1c202a302cb90f924a4bd5698b236f35cf0256c0d17f723a9e4c02b3d89a3 |
| SHA512 | 1c205363554a67ede0ba350b93cb2c678e8cfd5bb9125fc9c864dbc16487445a5eee524715b5b61367d8bd9cb2e82a8cb2981c522905650a174a808659babd19 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 410cdd012dd54cdec77108314de67c68 |
| SHA1 | fabb6f64bfc3a9e58fd6507de0d43bb52a284efd |
| SHA256 | 1450bc4f886dd446fa934e94f54b46226bb211494c3604f5a1a0e4854144a463 |
| SHA512 | b8ef0178c7f1a39e0fb24043ce6822ce2c8cc2b393c08a361ee5ab2623fb96c754b75fdb3ec1ff5a036c2cc35a65ace45598d239eb31012346de654ea2e54cb2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 62036fb32a46bb118b50516c5ae0abdb |
| SHA1 | 8a75c1e69474dbbe16edd346fbf520b8d214c50f |
| SHA256 | 77eb99ebafb35c1c09963e45a0548acdb77d9431291e10b54fe35452e74ff7f8 |
| SHA512 | 339cdf994aaeb60a1686dbaa976b433f96208819aebb3d7c1e7e9a337d3200b7ee6facaa0aca4f2a1badb47307ec2f3fc10f3e80cf49488cace4fea3c3b99986 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 995a46669795071c1178fb6226e30ecc |
| SHA1 | 02542cab3d149825d2cb181fd01037b3f355d5ae |
| SHA256 | cbd6811483bb81e74fa11928071f43fc271a1383f0cdb13efa6890eab3af67a2 |
| SHA512 | 8618da4aa6ff51fd9712e7d666129d8b476f95137f3875755e275d0001c6fcb92af6155ce81614b7dfa6adffafb3fd553155aebce3762400412df5da9707a826 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | d584d773b0e3a0df1d604729dac93e3d |
| SHA1 | 90b32f518d85c059456c71707d95259c87e4e97e |
| SHA256 | a34bd54872f86a055206fde9df794fff84b7f623ee8e3160f18221615e245d57 |
| SHA512 | 0ff42711b3f0626167cf68de1205061fa30fb2d2c6f505a58d90df9bbea3f5ebbb6cb6e1547399965f9cb23937421325f1be8ffcbefc773a41cbbe3ddaa9de5c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | af5963f82a58117dec101c40782001c6 |
| SHA1 | 378501ac2fe7d712d80731afe53759f5dec1202c |
| SHA256 | d5dfbd67f40e54ed86f79a7628205d90bab1a1535534199cf293f86ec98ecd03 |
| SHA512 | bbfe484f7cde3f2e5ea0f14a6ec1f1c9dd8a876f8aae6585a59401413291b3e2381472e090eb53d9a98e150ff1cebbb697c607d0301d679687c4e3fb3ca65f94 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\remote[1].js
| MD5 | 122e83be4335ed0b6b270ff458ce45fc |
| SHA1 | 4cb88bf4d9efe3759b45d01dbdf258ab8b4147e1 |
| SHA256 | 13bace7cd8fc970632b82a7f1614ffff8f8f9f8dee7d5072d633c4ad5f7cadc5 |
| SHA512 | 188863a2f4c41b81179f8039874f989163a3c61ad4a6d766dc86aacac71f80add476682b6686f8c95f6be031ad78bf5767ca48544aa64ffd303f522888b558aa |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 9749baec9f3d6b205f068f0ca710cb7b |
| SHA1 | 9d886be69bd7dff060d97cb15ff613ab1d263300 |
| SHA256 | c2aaca258030e61e7dc521934ab5f47cdfb388b12693aad71a595d1b69a48e25 |
| SHA512 | dab3cb619b1cdb2de0ca9a189cbf0bf45df3f297714be219c831eea68f7988a4f56e460bafcba9ece10f83a5e3008e8e6847247c8bfa3b2fe25aed770c8b3afb |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 272991149dbfcc5768be5e41ab8070df |
| SHA1 | 0104a11f0dd18135c57cb2fdd983a4d83762ff5d |
| SHA256 | d35c930b8ca3a94445ff7287879dc6979f1202ca6a6846f223bc506d91547e24 |
| SHA512 | c1a32312a48a5407dc3e4143c6c6241ba080108409de769bbf3d1f5a729a956bb7b50007fc870ea1b3f0424a4f5a5137b10c7b76909061ac6845ea00f6547f1e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 48a7b41d2f9298d1011c3ca6e2cffbb9 |
| SHA1 | dcd2e9df188e8aaaebf74c4c9c8d548ca4a7ad60 |
| SHA256 | ee7b5eee2dd366d4b159a51bcfa641e271141a828e71967ce59eed2838f4951d |
| SHA512 | ff944f63ea2068b86034edb860cb236ddba1db80013581a8c25a940db32c9dea29c18cda4b2826656f84f9e2f3abfed3117fe32953b88341edddd6db20dc2cc5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 3b986cfe48e72caf088911c72f1426f5 |
| SHA1 | 8d4cc476da66a8dc06c74651543a5542ba9f155e |
| SHA256 | 420b8ee5384a8b629aa1bdaf8074896edd9bd8a8e89f58c6932a6b9f534e8dd8 |
| SHA512 | 029cce4bedfdd7f6a94229e093947039a2fdba733b65b14208d7f061626c7ab599c2602551a8849692288c4b2d438bf8294051f279aec1fef4efc24ed856d27c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 2bb1570bad24ef280d0e524261644bf6 |
| SHA1 | b38530b0315d92672887248df68dcbd9f751d7d5 |
| SHA256 | 1a4c95b96cbf91af4be67e94686637e40603a108921bc2e441c22a9d671daa43 |
| SHA512 | 8857b498bb2553af937f2758b3ebe82a64f1edcec4f490efb8d62a74faf1623a3d2b4c8da90d20bf6dd86fb9b62b219b87583bcb0fec0523f4c4f498b7796600 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | a43abf190409fe9037e98fd920f4445f |
| SHA1 | f1a2fbf838ed30e6364bb0ad3896974b610f9a6b |
| SHA256 | f38f859cf4286a038d656b65a9464d2d00d02207ecf632e291248c9929a539bc |
| SHA512 | 4e6a2083d94739e132a3c7916b98005e6adb9b88d77dbd939dc85cfce1f2147d9c4e560524459fc817a72063ae7b47cf07cecd225d242749ef6f1d8028a43d5f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 794089cc01c3827ef2902e60eb759215 |
| SHA1 | 5037458d4027279e3ed087a9088dea5bc2e0907a |
| SHA256 | affdd6b778514ca2be0f1eb9915c1b1d937452139f574d84dc2015c02798b284 |
| SHA512 | 9d4544665ce8b214469ed6c9a077376dd7e4482ce75da8fe931ff5cb4d546b880c9dd892e8f89462a46b7567027e6c3ea096de830ce3786c5cb4faec021ae264 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 41d05e5c378554bc7588a22470a20b3e |
| SHA1 | f462462e6df43f343665fd462da1621fcc7ce153 |
| SHA256 | c1d1de65033e5c2e46be3d6470a2ff54b74f79a7584e9b7bf42ea4fe397ba2d5 |
| SHA512 | acf6f8570756c82f32b7b83bebd502ba6e85fcad51e58a139b0ebbf60a14d6b065dbb009d5fd0916f9979615cbb81a987b15ad3e3119827ebbc3e9fe0b57ca44 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | a82059fb6865a7ee0b4c48dd44e09354 |
| SHA1 | 2bbbefbde0c3f1fce6eacd68e450338648a77e49 |
| SHA256 | beb25fd4c0b45ee630aa3f0b033f8af3c37303f34b4edc39bd8861da23326ecc |
| SHA512 | e5d594b042035095b8c62ed1a7671b707fed0bd9880816b5c654c35ab976fde3ae5c88fe94d1ef864bc01488e4380a1b8ef878740bb228255b342457d8f0ea6e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 1c26057a53a90ca10a310e4dd3fe3127 |
| SHA1 | f289bfcfed87a09da1428122cf613012ec409869 |
| SHA256 | 345410b49a10653e09f76595a8d464c3de262a88d0417baa17f5cdeb9ad08104 |
| SHA512 | 54475be0b1e0d0faa99a3f97ebadf04b6d52178da75d5f4c8da735f2cc99c7460031bb82a03164324e896a0a67c8bc1bc7a8930f4cf60052db523e33a03b3b71 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | 9ea48063baad8311d89cff3de2cb96bb |
| SHA1 | 656d2ee11bb6404dfd94859e21a3f131232e2618 |
| SHA256 | 9bf670667d8caf89333115ccb1878bbd861631dd38a14130ec95f0abe06567eb |
| SHA512 | 043a984c06d8727d69ebfc6b88f1c953212de531818b00492feaed08245dd61dd5179aa823f6c6f4b7f840c6675a62bea3209be7653491dcef516b67c20c2eba |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\7O7N1X9R\www.youtube[1].xml
| MD5 | d8967d8b9a779be61d4993d9d66d9b43 |
| SHA1 | 7e79bc0620828a2826ba7b59707da383391b71a6 |
| SHA256 | 3bc48156d1bcf596eaebc0c72a25de47f630db706b1d3c0a8bccaf4ca60b879f |
| SHA512 | b1bfee04df0db78b744fbc41d4a6efb97378c3e5161194c16e186d4c98e7cbd009ba4b7cdd139e9f59a22ee154618b7123649584a10a7caa40835c62bf98ff5c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 41048f125b2b3e42884be0c5e080dd15 |
| SHA1 | 6047cc96985d9c0661db46b882b54e7d814c1684 |
| SHA256 | ba49380730bf4270977fbb8eeeb1d27fe4c3b8f86652503bd7dee1237a6f9752 |
| SHA512 | f87d48d36080bf6638f0f9e340a26e02094b81e8f87d8723c733d1fc6e88a7fcb4637e4feb550154416705978f2f26057a50e22337d2bb4ed234b792568941ca |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7d302f06fa4c23c6ae53ed0bf944e749 |
| SHA1 | c634bd8efc0f83e028b53892a6444ee91c58d969 |
| SHA256 | 6139b0da7c5180679b90f659cd3c79b923a6ac5e3c0f1f0d7278a27faf7df5f0 |
| SHA512 | 8efd9ac21efed0e57845d6c4562eca0f8a52847c421087733ca6ac9ca656767488dcafafd6ae1a3e38735e19e6dca07ae31bac353108dd404db4854c2b6d586c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c85b2fc972143b1e6fb4b34ca9b1f9a7 |
| SHA1 | 35fd63972d9ad56b871a72a4196acfec0b8b3842 |
| SHA256 | 5f3661ed30a74b8d19aa82409ce1729236d210362ea75588a8bfbd6f8849b182 |
| SHA512 | 6fa9adaf8caf4ad71ec568c44636f50ef6cef53ed44533ae6da41f9639fb46efc5e976914b2555ba909b37fb847e63421e640e103bdbc16a4a27591383473a72 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c077b999a2ac9fb2b73869c8895b63fd |
| SHA1 | 8da203bc4d519d938821b0923a658b81fa5cc6d3 |
| SHA256 | f2641b019ac663bfb35c762fc4ceb8345d87e6df8350a531b1f7cac413328467 |
| SHA512 | 1e5f09ec7ce30c5b9cb6ebfd03a2d7a417a33031792fd58fa2c869c735de7fe4af3e271825339e3443a3048df8adf8bacbfe86b08bd29044b76ce189ec142118 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6fecd1626efa6cbe29871e52ccbe6ba9 |
| SHA1 | 5e4d744cb463444a20f342d4dd2abd4a9fcc348e |
| SHA256 | 764a785da3ac4059085d74691907c360cd085134357083f3fee916102fb67d3f |
| SHA512 | cbf91db598eeb0ad4fcdef1c85d03fe5bb14e203406257e47802641256f4a1a9337642e4ec3d2d4a3eb39c21ff49249df7342ad797d38f9183f5e7530731ba29 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5e340b47e18f57fb6c1d999bbecac43f |
| SHA1 | 50920652321768bbf38be71cd19c7bb780d2c857 |
| SHA256 | f54b9f743f8ac8db3a2f6aa37d027e717c9b4ca595682b2d674321471f93806c |
| SHA512 | aff35dbc9241a0ab682399b30c9e1ca2481a599c5c98d9cac1bdaf94a5b6714a5bf231c5b8471584411ed16dac54ac4487622e8f1fbb58d75c46a43405994c4d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7778e97056e2e2695a31446f3e354ae4 |
| SHA1 | e729c6003e2a3197c53574bf7c2c2559bb03ccea |
| SHA256 | 11e7524013363a1c02329435340c3d48eaf002d106583e7fb6d24910415206d7 |
| SHA512 | f17f3216b9779b01abaa0ead352d21d5fba2e9ab48e5063f667d4bde3fae81299c26492c47f06557dbb6bc04aeeee2478ab0ff79b4cf8ff3a8cce695bc5c9d89 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dce1e31163c53375dfc92017341dfba5 |
| SHA1 | 090fde5950cca4b99aa42615c34c5f59d2c0baca |
| SHA256 | 37f12cfcf239c0448d4e7eef882eb76353044999e69044e5688591b921d5765b |
| SHA512 | 565057430719254e2a421c4346a99a3938eaf9141dcb232e304226c2d53cfdcf19a325d3351f76c6f9f142d7e025e73136f68b1dbcf291bf6cf7e166207037b6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 18760b203471f117c323440994920c60 |
| SHA1 | 3ec7721c8e343c51075a7030e11b6caf76532d3f |
| SHA256 | 5ef5874cea4abe177b436e4f035a33e06ea3fa4ef58c4b5d43f929ed5345b85b |
| SHA512 | 33a9f21bcabe54c5f8151d9c1f64e571f6242495f17c16609079762939c9c1bc8c6f1ffae639f88f7cf900eb8c7876fc7affdcf55ab95950451b2c772ebc00d4 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 16:33
Reported
2024-06-12 16:36
Platform
win10v2004-20240508-en
Max time kernel
145s
Max time network
125s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a15910203a77d6195eb45a5298834305_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8f40f46f8,0x7ff8f40f4708,0x7ff8f40f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2924 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2236,2031736623048316792,1500822083368738652,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4708 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 439b5e04ca18c7fb02cf406e6eb24167 |
| SHA1 | e0c5bb6216903934726e3570b7d63295b9d28987 |
| SHA256 | 247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654 |
| SHA512 | d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2 |
\??\pipe\LOCAL\crashpad_1580_VZINPZMEWXOGJSOO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a8e767fd33edd97d306efb6905f93252 |
| SHA1 | a6f80ace2b57599f64b0ae3c7381f34e9456f9d3 |
| SHA256 | c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb |
| SHA512 | 07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1161ce26b97d2733f8ecb5a8d65d3a9d |
| SHA1 | 868258ed0f47de615c2537f3575cacd3b7e6a44f |
| SHA256 | 3e8ecba22ae8ed5d1381015daf0294523e56c17f670f11efebab8b6bcd27354c |
| SHA512 | 97e82d4e393e927f29bbe37022fedd9686107a32b223d898d90cbe00cac9d3d2c6c93450aabc951bdcfde7b877a433d5bd948684604a5ad3a77c0faa923f7c45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 549db1d7f7e1f3edd32c5e62c63ff716 |
| SHA1 | 1060a6476620737324b752e645976b30e3312916 |
| SHA256 | 3ec80015e0457ca3ce97ae3b61ace2561533eed007b4b291043aa43fab6ff1f3 |
| SHA512 | 5e19d500d89aa879a645a36d6711c2ce45394906a2e45c11deb53020d073e688ce8e3cec60597fa1f889a54aa7cb0e9dbeaeec54e11b15a545907360a631f901 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RFe57b67f.TMP
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 70c33d4d24fde7871a217859e8c5de1b |
| SHA1 | f15e4235243137ee06d91b53525e337fe9b39075 |
| SHA256 | e8c7790f3f150f55d6311b50d1b98516d6a9accaab01f73ae8eb02aeb1c647ef |
| SHA512 | 1fad3f77efebb87350a62f17cbcc8930607d1da9d13488fab0e27760fdc3b5c17373acd1d067f76dbb6f9a1a177ea07626f379aa775ed92a7e84cfce398fa6d6 |