Analysis Overview
SHA256
927e20509dc6fabbc269562af3f6e489e94972d14659e036b6d041fde790ebec
Threat Level: No (potentially) malicious behavior was detected
The file a15a3727c4272ca8799fd37db1f6841f_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-12 16:34
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 16:34
Reported
2024-06-12 16:37
Platform
win7-20231129-en
Max time kernel
133s
Max time network
127s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424371949" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AAF4F041-28D9-11EF-8857-46361BFF2467} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 709bfa83e6bcda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e95b71ea9279dc4383c345a5d7e1e82f00000000020000000000106600000001000020000000f3335efcce68c4bf77d4b4f9cedf27ece53d23e017e28c04782e861c28b569cb000000000e8000000002000020000000a2eb9a34f34ed53f359003bf2562b32789465c91a64fa4fe0a2db59e5118625f900000006b8d498a6274c0f1308e9771321439a63ec18c07b7fc8565a101653492192ed83395092288058da0c2da7d8703d4608266f44b1ca52b14ad9349b98d92e96c8d31b74029420536216c87c38f729d61858fab999b60db62aebe024abbf265971649819936a0ffa2bf3c165d19efea30e9a663b19b4dc6d0a153fcc5ad4d3dbc8e4e8be8101652219dd0892f6c89e023e0400000004c39da3630798d948e55287c13dfe749490ef6ac44c75e1670f902a9ea4069c300a726a61e38288bba27c9906490c7734d1dee807e9a2ae030d844f19cc783fb | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e95b71ea9279dc4383c345a5d7e1e82f00000000020000000000106600000001000020000000e63e7cc61a3d7de6bfd89fd83c8f17bb764b37dda22054b042a408a8735dc533000000000e800000000200002000000088055387c4cd3aff86449b1fecb9d2fe4c04604d5e0af7d44d54a343500c5ab8200000005262a258268e652ccca047000e4ac0f748f3593141a4810ed8e887e782de98db40000000e23e0f3c71dc212d11e986872bded9f6d3e1911c67e518df216736c58423ba8ddc08c7356140b2d7b114b891665b160b57a9d2666c77d052c5b9617877f83621 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2888 wrote to memory of 2964 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2888 wrote to memory of 2964 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2888 wrote to memory of 2964 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2888 wrote to memory of 2964 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a15a3727c4272ca8799fd37db1f6841f_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2888 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 104.21.5.174:443 | ijicrack.com | tcp |
| US | 8.8.8.8:53 | static.addtoany.com | udp |
| US | 104.22.70.197:443 | static.addtoany.com | tcp |
| US | 104.22.70.197:443 | static.addtoany.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| BE | 23.14.90.91:80 | apps.identrust.com | tcp |
| BE | 23.14.90.91:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| NL | 23.62.61.171:80 | www.bing.com | tcp |
| NL | 23.62.61.171:80 | www.bing.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 3e455215095192e1b75d379fb187298a |
| SHA1 | b1bc968bd4f49d622aa89a81f2150152a41d829c |
| SHA256 | ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99 |
| SHA512 | 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 5159a2ecb2fe1a1e8664245540af9c50 |
| SHA1 | eba5594aa0d0534007f975f204f3b501c3d0b756 |
| SHA256 | e492510cf0ab29d6b30a26fe7770ebed7950faa8ff0d8d56fe769ceccb33ba87 |
| SHA512 | 6ff7f842fbd379199d53efcb91acfab95989281ef6bbb464ad7823b07afcf454a29d4b731e3134f5e613010c167c6da77309786b6350155fb994068e1a12e85c |
C:\Users\Admin\AppData\Local\Temp\CabD59.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\TarDEB.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 59233e552f893d21c4b48944abfc60d9 |
| SHA1 | 94e0bf0041d95c361bfc408d98142906c61ebc17 |
| SHA256 | 55c42e6c371fe5c7d622b39b14def92adfa3e2fca27e140e21bf26f6d6840532 |
| SHA512 | 09687290988431b96cd01c93b7a761c5f4685d45e7ff7fda5e98375c81a938078c6de7e8e6cc8b9bf6074a8dfb17762e9bde7ec87a71fdc464bcb8e18e6f9a99 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | ddd16c4e2e2146a20e0e83ee869436d0 |
| SHA1 | 249ccd30e7dae2fa00df8fae41f8389c37062441 |
| SHA256 | 212c6f16b83765250146b41e8c5ac0b0c137cbc4618870c39dbce988a3704ded |
| SHA512 | ce54a345f1be855adac27f210b4b39c9c2e0cfa5e952abb223eb1917d8d9512f15384d596b1c5959df20935d551d221c82adac8b28b2d874036aa6dd97a2124e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0d2199c657ac2b7891e9645746af34c9 |
| SHA1 | 637686f784f33ad21417e81068503efc52a778d8 |
| SHA256 | f4af47ca777d59c02cbc655f7869679de795af8ad2866d44e9e1b94cdc165cf0 |
| SHA512 | 2e0675a6f902d05a4719779991c7a7b990723915ee55a27a2697bdb625c79cd65374e060d6fd048851ba4cf45db30b13d0a09f9b8e39d3e91afdf01a352829b7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0cae2045cc93c43f7cbbcfc21c60da1b |
| SHA1 | 91be76f1d661e98eb51766b5d89190ce15a609ef |
| SHA256 | 7521f228668ac33ca64fc8bb9efc3f62e7bbbc07a58947944422f3c88aa850c3 |
| SHA512 | 171f6efffec97f0861b8cc6727e23e9c17a41c0bdb45adbaa555d1266ac58e7f75f39c166a47b109d47ad6d48ab1ce29ac39aa589a037c12c3844b57bdffc427 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b81a32bc792b42365dd3a6c15a215a1f |
| SHA1 | b04149d4dd1c24b9dc5eda8dc45b86a4d9928df9 |
| SHA256 | 39f744fad26b044475503a6fd4ae3c27c2b55a077c0294c5bf4dec19da4dc5a6 |
| SHA512 | 1433a07ef59751b6016da6de88085a81e1f3318ccc9251ffd36fd012c9d829332a002966c3199c4c06cdcc08acdaad01242ab1b6b0e0dbe4494bf4384cd4fc9a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2c505a82ff39d857a7b750eb42025c79 |
| SHA1 | bf4da9efe9f7a44818f6a0733f73b4778c79fab7 |
| SHA256 | 6961fefe78d0ceececc4aaa5b3317fd0c7752601cfbc93d0a69cdf9e506ba3ef |
| SHA512 | 26f17e3773b24c60f6f15d048269c3790989652118b458319e179ccf7dd5d8c64bf9c377f0276501892a741c33d7a31199f0b69135107ece68d0b4023c16504d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 93a11ac981dad44451d0631731838fcf |
| SHA1 | 22faeafeedb099efc892bf4a551735e67acb1f4b |
| SHA256 | 1c585c6433725d40600615dda54a2c65d58cc74fcd3903c288bd8e6df8fa8faf |
| SHA512 | e3b8062ad36c4e9b9f6be0752a014f723fa57b7adf20c9518e9eb0cafeebd00328f361ec64e226dab7b49397e4b942f731cbe030385cc3644d0ac9982b953aed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 45be23cce1ad1fd35f9a939f915151d1 |
| SHA1 | 1cd96aaf273aab29b599ee4e3f3ba222fd931552 |
| SHA256 | 8efc88e4b77ee22563f0a722c6c36d24f9f58a3257e3328be4016cb8a0db2cc6 |
| SHA512 | d9e15a34290f5772c2c33b56212e25ea5679e0a95d2b10c97469a37dbe6f1b00b3d4983e2aa0d026cccb129f5c2408d34b1e06ece5fb05147e0acb4c7ba2f39d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4533f1af00b06e1410f09b30d8520d96 |
| SHA1 | efe6831657888d1cf0865747c17e9708869d9177 |
| SHA256 | 6c2eda32133501720702bf179053228a7856a5ea55e66244c8f1aa881a01a1a5 |
| SHA512 | 68686824e047d4eb6264f29a64823dd3c0d2c1990049aba8130205ba6964856fd69139acafa92e86932b562a16cf348b1d89fd0677953f73ca02921a8b9f873b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 535bc4c6479303d3881bf7d630e31e0e |
| SHA1 | 55c71b3c8786ccb5acabf3642d8c77620dddc0ab |
| SHA256 | e7138619e5d8d39875b0fc73a4c1f753421e5ef665c4537fdb602bf9ef5a47e1 |
| SHA512 | ecc39292a6c98d74a759a7afe94a576b15cf9f173dfbf31f359a8cb5fe5ce7f15d9cb57437a003644b152fdc92fbf8e03f459ea348defeac23a2831ade71cebb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1369f5708d55d6f8219b64a3b54246bc |
| SHA1 | d5204774c57a957013b6f62d4c60ff0e11954a7d |
| SHA256 | 710dfc32eb046b23b07c760676b1316949bbb5ad5993ebc729d6f96c7714683b |
| SHA512 | c91a48e6cadf28f8913719293ed7fa226ac38b5baee6464c718312c2b9f8f5287a9c88b823c3b99762dad3c4ff82cf3b0c57c6c3f6f8caf4fa1a23c4c359f761 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cea1cf02aa19d6e99450a6953869dd7e |
| SHA1 | e14d11708a7c21660a8b63789f56c4f1e6cf61dc |
| SHA256 | 7d54a44041b23b41a0d0a0c1ba186014a822312f747f39c3f1b0c9a99a71ba43 |
| SHA512 | eb29ee47a842793619155df8f8e101443be54a93f67695a8ac369be02fd11b6b42e373696324a0897532358911037b18ae79435aa6954e9e0cf93847f5b54772 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0d9c55b330ae8f17ecdc86abc863e70a |
| SHA1 | a2bbece2267dcaef832dd51e2a8832f1fc01287d |
| SHA256 | b76f32566a005f55f1c718626a2eba924d6db9be703765a4a1a82edeb5c6b507 |
| SHA512 | cda9eb6a97ba4bfa366b3cc5811804d203b4e1110f04aa1e8264f5053a1a6c0d80ccabc330067612f7b5722cbd45081dda285f8ac7e9f6c50a41f1c42e0835d3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e93bfc8a6bd6497c4386f39423245a8c |
| SHA1 | 363236eddc071fd6b5197edda81f77cd353f68fd |
| SHA256 | b74636ff713a71312e84a2a039e8a81bd27ff304a323a4cc4eb11fc3d1225b89 |
| SHA512 | f2b6e192dcabbe3979e4458bdcd7195e8fec3640e8dfeea6b3b754b42a62a3ca5316c6d81870026a16d009c99c5ef6f8d4b906b6fb28b7555e081ca1b3cb86fa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8b3aedb30fa1f480f2d1bddfe1960ba9 |
| SHA1 | fa45b71db7fae0318b3bcb8fa12cfd9a0e158936 |
| SHA256 | 87a7afc9afcbad37b49c7da235a9380bccef68b7332d2830364c15ee2d8cc08d |
| SHA512 | 292e07829ac5a9ca8f32feaa273478916ffa0e5394c51a4294554e82058a60330d7b946222c8e5e42a0bef1788d8b40c30fbbd000194d0a4a9a20b15b8801281 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c200a99ff7e07f4cdb7a7a373145488e |
| SHA1 | 005753d2fa4705dc32c04ee565449a45577358fa |
| SHA256 | f1bb73443ab17b555c150ac36fd475ca379bde2072557151d5d2c5721480d0e7 |
| SHA512 | 3e7ef44580727b8bc5bc7d8fee1f9ad9444ef879ca8c7fa0179700c64b444bf59c262f497bcb70ce361a79be38a237507efc2f9e36afb6582db80e9d2e1cae2f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 745107ee0e3f77c9c283ed7593c63743 |
| SHA1 | d2a91ce02074f6f78fddd79cce2f0c81acaa014f |
| SHA256 | 04dc97d2cede00ee2cf5bd02e05efff23e60dcee2a9211bad16d3891062e646e |
| SHA512 | 5d21cb5fa907be1af52131008ed209a8180afcc499200b7ebc078aaf4f221d86430513457e06b928260f41ab678b5bcca7ec939581f53cd14b2879bb9f15df2b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b820e5731a898e56f328976996592d64 |
| SHA1 | d4bd04f7092fb3d3ee8cd6428467fba16f7b3d83 |
| SHA256 | 3683de8fbc75f1ef711dc64b17d23fc59a74a9a8438917ffc663ce4c575d1d36 |
| SHA512 | 8b6aec41a0764996fdd064c3ec2ed39d6f1310c0be2581ecc87ff92d30b913ad2d72bae8dc2ee9570baae42dd289df09b33b94fe9d60a31fca9187b7dd340ed2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1488989cfb40dfd17d4085161ea95c22 |
| SHA1 | b60c48f53e156842a33d84c629ff7eca3962f02c |
| SHA256 | c620bb775e8695a7fb5c0633fdf8ea24de6598c0bca410d965a946dbc76b4b2b |
| SHA512 | e0b1aa300e8c2b8c73e214258a2448164ad41b2b6a54133497d0c3b585ccfac4eecade0f09c0ce1bbd9efb648e74c439fefe06c7383cad140eeb7f70a58b0eba |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ece2acba3ff2fb8e1ffdc629f74b9aaa |
| SHA1 | af8368ffefdc53e964a96a98c7faa28f054c5862 |
| SHA256 | ef02813020efc3e473f5e8b5410cc06c2fc3812349cf65a926d55e89c27303af |
| SHA512 | bc05369985091605fdda0ef9410f86e82a56e296fab6a10218c695a973cfcf1bfb2cf6233b4688264340a653c0c6637cf1556749ce8d588b4f842064d1fcf2c8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c2eda10336ff60cca042c84d6582a462 |
| SHA1 | 607c69f61982c3b6a36e224c9b05edfada39075e |
| SHA256 | c1ae281ef1d8d46d5e965d718d020c875f00df3046429c833a8312d5752ddcc3 |
| SHA512 | 64f727d361fc78664d3248bb73b8b35d2ad3e662c15ef3b3a5404f2937db15d0de4183f12ecfa55dbf9bccab0df2ade99c400812b4a8dcee2e80f7d56863efa0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 190ab712a0cb767f086c2e28c9b75a79 |
| SHA1 | 85e516059fd6d315d25b8484c4a0c81b05c27f93 |
| SHA256 | 85aa146875c3031cb72a37c139df8486fa59947bdb4fbfe03f77fda1f9d02127 |
| SHA512 | 5b7bfdee2f0808f2ecc6585b10b960263bd8bf8e6417f6e787eff1d9c40023e610308e3640dab91f8c12698658035eb9bd1416b8148b51c5e24c18eced7911c8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f35e6d1725c3b4df192da29d8dc27b4d |
| SHA1 | dc001d9fb753a3e51f508c333f26299b5afcc7c5 |
| SHA256 | 6df7fec601cd49e32aab20331c275a17d305c5d3f6800a01ac1d27efc2da18c9 |
| SHA512 | 950c8b99a23e6265e2a1ad64db213ae7cb8215a1558dbb012b10df4d521cb85bda354a958d2f11f161a52431bbd1da487962ed71c4cb04b4370ee8f6ac4abc49 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a58c653242b35e20c17a3ed32e195f9e |
| SHA1 | 90b42f9778f5bd7b7e12058488b5a69ee0646515 |
| SHA256 | 548373e42fcca789fbb5cc06cc2cf052580d2a1ea8ae28cb442003b002acc94d |
| SHA512 | fe7f8f68ca8b29df4da10b6489dc312f5db2f5d567a01d5ac8fe5a7e183250c6b35766a3f6dec0978fd28607e1ff443099563f279a48d58b6965ce8ce7530092 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ac1ad2ec744bf05d041646003566e544 |
| SHA1 | 392f9914fc3e60522fc984597168b67b3aecc483 |
| SHA256 | 000eb08a3a91296b965b63bc4d4b047495932c2c087fa2db578b059bd402d116 |
| SHA512 | 86c5cca8f3c3f4a35df379ceb8b96598c595e193d08941af789b7ffb11679bd7f7e2665594c83b908e6ed48eeda0e5260971ae4db77e4d9a9bc8dd796ba7e947 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7968dae4aafdc88a99c6641f670be85e |
| SHA1 | 2ddd29c71114789d4f76f4a7ece81741772dfbae |
| SHA256 | eec50defb277c4ce7eab55090763cfbaf38eb5d2ac539bfb2412e417445e4282 |
| SHA512 | b6cbf6640298f538f90cfbe1991946d5c5e1154b9ac3146f13677ac9c65dda7e3b192dfc97c667a15bccd3605238040a1d1af0be5a06d75a3716513d5613909f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 70e4a0d1d37a5da0772491f6f6f5d99d |
| SHA1 | 3b1e9d0ef88f964669e71e0a6edd9fcd4afeac17 |
| SHA256 | 9a72fe323515849858b22f8409fca340e1e8a8ec2d91dea28aef2247b85fe071 |
| SHA512 | 6c27b4acfdc9706d7a8a8543b12e23539671f8bf1846d5ec559014f538d23a32e4c9cd4ef91f54b6d1121250b7512d2d4b94a1036de4ba261e6d4f27a423de4d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6707e0161ecf43f5efab7ddd4d840b24 |
| SHA1 | d5978c1af03d5de053ba7dae0068481fe3666b6d |
| SHA256 | 9d9e7c4c9f6430b1501296003cedd6098425d754fb7a33547659eab046e5c7b6 |
| SHA512 | fdca807610b93fe55b5dfe551e9d9d128d26f0c3eadfbf3fd7ba174af609dc56dd21bef7a8955b3ab2d2f036332bf105c113decd1ad32a1aa4734537a0977c33 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 16:34
Reported
2024-06-12 16:37
Platform
win10v2004-20240508-en
Max time kernel
142s
Max time network
148s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a15a3727c4272ca8799fd37db1f6841f_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3744,i,1999448010053300448,1112699187621658374,262144 --variations-seed-version --mojo-platform-channel-handle=4524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4112,i,1999448010053300448,1112699187621658374,262144 --variations-seed-version --mojo-platform-channel-handle=5040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5296,i,1999448010053300448,1112699187621658374,262144 --variations-seed-version --mojo-platform-channel-handle=5284 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=4796,i,1999448010053300448,1112699187621658374,262144 --variations-seed-version --mojo-platform-channel-handle=5376 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5688,i,1999448010053300448,1112699187621658374,262144 --variations-seed-version --mojo-platform-channel-handle=5572 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5816,i,1999448010053300448,1112699187621658374,262144 --variations-seed-version --mojo-platform-channel-handle=4180 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | d3q33rbmdkxzj.cloudfront.net | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | static.addtoany.com | udp |
| US | 8.8.8.8:53 | static.addtoany.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | static.addtoany.com | udp |
| US | 8.8.8.8:53 | static.addtoany.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | static.addtoany.com | udp |
| US | 8.8.8.8:53 | static.addtoany.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | static.addtoany.com | udp |
| US | 8.8.8.8:53 | static.addtoany.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| US | 8.8.8.8:53 | ijicrack.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |