Analysis Overview
SHA256
d8b1482ee0ec8e731383ceadedf36a4b4c59e915fbbf00b4192c49fbc1331afd
Threat Level: No (potentially) malicious behavior was detected
The file a172bde20149ab165124884ef7414690_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-12 17:10
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 17:10
Reported
2024-06-12 17:12
Platform
win7-20231129-en
Max time kernel
142s
Max time network
143s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bbc5885b61224e48b4f0c2d13fb5ed8d00000000020000000000106600000001000020000000aca5b12834228c1b7352c2a05680d564f123946782f5a5364538273052a77bd1000000000e8000000002000020000000915c785c4fed991e8ba9a24231c8286a9307abbf11e29b0ed6b6e66cbe7e6db52000000091debd7fc218cbf41d1ec3161e38e40ea881706d7765f144c7838f623486da4840000000edbf63173c484e885168d8a17dfee907f49f9fbc1efd4a400859bc441776c36aa79dd6014a12884dc37467afe27f1d4dbaec8b1c08ced9c33dac6b5178234535 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bbc5885b61224e48b4f0c2d13fb5ed8d000000000200000000001066000000010000200000001bb72a9c8fad98734ba804a55c4ff007b8fc01ff4425f0b36b607b5ac073333c000000000e80000000020000200000001997e44662fdf2afadbb61c1c9121c379a8da5738c75a2a291a0d4af1290e41e9000000079ba43f116225e94323f9382c91bcb0d78e13a255425741c87ebb9d15ce74327206879df380bdfe8a33f369b085ddc6addd7de90e4431b6a3d0909b4eb4ed413274f312d4fbb7959ee8bd78dc9b7f6d3b03319fac80599e0cd0eb74372b2366ee311ff5c1153e61e009198416e33312011e859562ada203bd5f9cf76566dbee7d198a03e90b1365feaf0357d1d917ed240000000b1a455945fcb5dcb517282c9e57a5f82866e7b99b0d381d2dafd709798044705d776d2c4955baf380560f3183a96a9077e5ae3a9144b19e46d2fb8360d98b403 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424374092" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{A845E391-28DE-11EF-BEA9-FE29290FA5F9} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 2098c77debbcda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2172 wrote to memory of 2196 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2172 wrote to memory of 2196 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2172 wrote to memory of 2196 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2172 wrote to memory of 2196 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a172bde20149ab165124884ef7414690_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | dl.getdropbox.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | dl.dropbox.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | img509.imageshack.us | udp |
| US | 8.8.8.8:53 | i1083.photobucket.com | udp |
| US | 8.8.8.8:53 | i1191.photobucket.com | udp |
| US | 8.8.8.8:53 | i52.tinypic.com | udp |
| US | 8.8.8.8:53 | i56.tinypic.com | udp |
| GB | 162.125.64.21:443 | dl.getdropbox.com | tcp |
| GB | 142.250.178.9:80 | resources.blogblog.com | tcp |
| US | 38.99.77.17:80 | img509.imageshack.us | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 162.125.64.15:80 | dl.dropbox.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| US | 199.232.192.193:80 | i.imgur.com | tcp |
| US | 199.232.192.193:80 | i.imgur.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 162.125.64.15:80 | dl.dropbox.com | tcp |
| GB | 162.125.64.21:443 | dl.getdropbox.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| US | 38.99.77.17:80 | img509.imageshack.us | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| US | 3.165.113.35:80 | i1191.photobucket.com | tcp |
| GB | 172.217.16.225:443 | lh4.googleusercontent.com | tcp |
| US | 3.165.113.35:80 | i1191.photobucket.com | tcp |
| GB | 172.217.16.225:443 | lh4.googleusercontent.com | tcp |
| US | 3.165.113.116:80 | i1191.photobucket.com | tcp |
| US | 3.165.113.116:80 | i1191.photobucket.com | tcp |
| GB | 162.125.64.15:443 | dl.dropbox.com | tcp |
| GB | 162.125.64.15:443 | dl.dropbox.com | tcp |
| US | 199.232.192.193:443 | i.imgur.com | tcp |
| US | 199.232.192.193:443 | i.imgur.com | tcp |
| US | 3.165.113.35:443 | i1191.photobucket.com | tcp |
| US | 3.165.113.116:443 | i1191.photobucket.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 162.125.64.15:443 | dl.dropbox.com | tcp |
| US | 8.8.8.8:53 | www.usuarionovo.com | udp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | img24.imageshack.us | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 38.99.77.16:80 | img24.imageshack.us | tcp |
| US | 38.99.77.16:80 | img24.imageshack.us | tcp |
| GB | 142.250.200.51:80 | www.usuarionovo.com | tcp |
| GB | 142.250.200.51:80 | www.usuarionovo.com | tcp |
| NL | 23.62.61.72:80 | www.bing.com | tcp |
| NL | 23.62.61.72:80 | www.bing.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 3e455215095192e1b75d379fb187298a |
| SHA1 | b1bc968bd4f49d622aa89a81f2150152a41d829c |
| SHA256 | ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99 |
| SHA512 | 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd |
C:\Users\Admin\AppData\Local\Temp\CabA8C.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\TarB1D.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fdfdf2531e689519847a901c98a331f8 |
| SHA1 | fc458f1a9b873c1fc3387da4551a66fe3c5a3e5d |
| SHA256 | 5c014bd0dd103f5d3f4d4b2f3069f1656348300a3a35f4a4700a894ea0479faf |
| SHA512 | e54e2bbecf4e57e2a274af1791ea608f87a7394e26f6a8c8d54e9c8f3907176b82c2dbd2801563380b0f2d7caffa3b1a2df21572be1cb77fc95715dfe247db45 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | f965fc674f6a183767edc340bc041cc9 |
| SHA1 | f4dfdef1763f15202cf0a783b167e541def4ae70 |
| SHA256 | 3d10d5a6480e5d37d2d01f6b7e024b54d5d0576b12a67f1ebd661086ca43f009 |
| SHA512 | df388e7764f0dc207c2dc5ec2137d93c8c18eec5a3b56da829640e4f8a5d88abd8d57d95418779a8bcf24f22572cf8a02ec0afb5f70c1ec5a66996818d0be1a7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 820e0e295755dae09e270c73704888c5 |
| SHA1 | 31def10f8d19787fbd3575c8554ba2fe2a1ab45d |
| SHA256 | 9970f1bac92d5e541cbba1947f031807f42ea7069c1acd11d674ca7265316cf0 |
| SHA512 | 2c8135f09d8446058dc95c230f88e01f979716463f2944fcb1d910d543abb8b8ee7cf2e768dda0b2fa0ddb6f385cb7996fc07e5a9b43061f2396171e2aa94459 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a1e02635afa23fe164bcc9695177bfa5 |
| SHA1 | 79513b0bb6ed1f7cc2aacf54e8b03c19c8930854 |
| SHA256 | 7485a65baa6fb86f38315563ab3aaf82b0ee54b61f64f3451cb2709ca5f4c97d |
| SHA512 | 30f715d17d3c87929c6b548bfdda3e4b9ddf3e4023521e2fe42916b645476289f97ffbd59feb6f75adb96f72ed72350f07b8ba9057ab4d164ac52313ef36976a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e63e39e8590c08fcf22f3c992a0dda24 |
| SHA1 | 926cb49460b92fe23901ec71b460fa379d8aa640 |
| SHA256 | 809ada17bcb6584e41b71ded762d307813e46b7a29a37cf79c7b2495c46cf7e4 |
| SHA512 | 0ecae16453860d614e991d8e1c26f2e9ee898c3add75e77d41ccc5197a8b982e021088a2ded09725ccd2ecbf22f83ce9875ce03c057e3f10e5e65db4bf84127c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 70d6acdff499343d3918292e0392a163 |
| SHA1 | d0311bddcefb21be3f8bda2231c45fc5f86da44e |
| SHA256 | 880c98cd9559ae9b63364c92fd263e7ea05468a991785644dbdc1d075ce9bc1e |
| SHA512 | 1eeda0128466a9b747a1963e6e7726876e2f3236c4d87bdf1997263b97557a5bd001075ec7ba7ec017e4dd17896c12f27c2072dab642a568da03297a95f931bc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 603acf5c54e511c69c2148ed7af7b52d |
| SHA1 | 52e0331b69680e96803f0c14c7e6dbba6c1e2dfe |
| SHA256 | 058cf358911a2e8c238041bb35b40bd923d51b2123a262f37ae880d58b92d01a |
| SHA512 | 92f30d59e709f53ba2a300c9a6ac296bc858e0e151056744a844cb9663e7d2b43eca955a7abd4db62b090852db43e1600673653d83db55ba73b89ec22e1cc420 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | c1d4dfaacefdce86754ab99a33171dff |
| SHA1 | 7c8e2d02d06f6cfbaa6c7aa85bc1fe00e21f1658 |
| SHA256 | 9d5e9b304ef5970522e74166a3c653e14b860c46fd2b95845c9b0ad3198a2e13 |
| SHA512 | b5daf3c55c609a7e2d24b8802e389b2e19aa71e5b3541d26035a2c074e1407d74fb6d42951aabe3cb44eadb8a7c4b44be3782de480c6cb4e8cd43707c6329a19 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 55f91cbdd9bc5cb5d8daabbc6f6b321a |
| SHA1 | 5c851a2247989df0b6cddcb2b5d6582e1e7d0733 |
| SHA256 | 5ff0bf271cc835d8891b0c9c7568662b6044e5b0f3b601899ba3ebf869903a42 |
| SHA512 | d95673f7c14cefc4d3a7268a0ef9b9fd87b0eb429e19c75497eca9239bfb2d70c4cf865b233d7f23f49c5e5f1cc3da96d12a0cb91146996bb42882ccd1e30300 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | e56e8a78c63bf428e8186c359188db32 |
| SHA1 | 4b93123e24fd5fb6ae6cc24cd34f10edcad3c366 |
| SHA256 | 923d62615b366a5efb3ecb1eb53d50aa7639815b1d6418fd44f619d810709d59 |
| SHA512 | d4d2d26ba9ce9fa36de6f0c34ee296a557fe8ca8258a003fd8df3555f3448cb26e64ab01ed89fb7888e9cc0608d6502192052a1d52d6030f192f6096353c274e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 6b1c4de998fb64e5f2c0bf2a29c0daa8 |
| SHA1 | a1a416a5d84d1c692d240dda017934ba03b56f44 |
| SHA256 | 4acccfab8c299df9448d145bff4cecb58a353f4812076ca1f9827a9b1f7d30ff |
| SHA512 | 683b9ec3d54629085c172af868b199caff2d4536088e41a1c1c36f8571205fa6b1bf21093ceb4e1f3ecf7da1feb2bc44ee77304f887bffb2c3d8323f43b2e72e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 440649cb1ffc1e4d6abbd111dea2e460 |
| SHA1 | f415960006ef631580fe7528e0c25381d35e5a2d |
| SHA256 | f16de1919116463cab912b57be3c0358bd0b641cb69b408ce2f70049df847161 |
| SHA512 | 5fb0f79761e9762e8f0fae1fb7ccd4bd6566faeb2cd1ffacd39808345072e201acf6175c61e9d34f6d0650c7a40a5f07efb0b79d272fb4f75db992658202fdd8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 79d549a5126296502dde998184ab6f24 |
| SHA1 | 4f1e633c960c253ddb9157bf11d37e9b87a21c91 |
| SHA256 | 2c5dd3e735d8ff242393fe32b8b900a45a047f9abfce448eda78f0d34f4cef1e |
| SHA512 | 33885f4ef649b2ce088a256ae61407e1423c6c2b65c93990325346e9a86e787e47bbe8c89d1523caa807acda0e070545c831af41d92ead1ec79d76873b6827c3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4b7b91c74850a564b5bbc8f30f866a93 |
| SHA1 | 2e5fb7270a9377f472d7466782ce5184b080d036 |
| SHA256 | bca8ef4e195cfba0a546d91bd33ad5222efb3b2b10a1fa4f80a427e090701121 |
| SHA512 | 62e0f12196db1c882aee54d2dc09c3b67582e85e0cf7743bd6049bb1d45da0322bc6a0dcce73fc4bdeec311bb55d8342f69ec4da3f05f9b6b4f99f59fd7e6b11 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
| MD5 | 1496516dcfb94a4fe84b45d30a4cf6ab |
| SHA1 | 603f7c75c7381585709886016ef98e83c7d32303 |
| SHA256 | ab5c600441f593c97c516bc24bb9a0ec0d008cb70e5a373b756ec7d06a36f7ef |
| SHA512 | 6811e8179108aebb2beefb0259cd9f4d9de9dbbbc04710150826fa0fb8fa3c4ad14aad7cb7b5598c50d3be5d16a7ce311d7009574c6b2335c9117fbcac72227d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8176bef2fc3139a73f19cf818da683df |
| SHA1 | 2c34aaee39c572dec1cbde2f71ea96ea4db84d68 |
| SHA256 | 5728c3f147fe6735d32c85ea0161a5f7944379475f6912652da617290d9be160 |
| SHA512 | 59e8538b75225ed09778f4679ee6c27f530cb3e9a1c73fc0aaf0942977e1712aa4f34f63e7cf97dd391543540a865b702f9140f1a27d5972ee12c291713fedba |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f866b049536086798cabf4f33a2ad174 |
| SHA1 | 3a0ce003424a4daea7ec9489f2fece7eebff8f10 |
| SHA256 | c16a069a45576aaf5353cc06b634e4ab836f72c581102bd4c1c18d10e279fbb8 |
| SHA512 | f10ad2f7832470f3d2074d300b4903123117c937eaeb7058328632f686f6efd8326a607732e6e7c8d56c7c4954a31d2a298ef54fdacecd0cd517c77a5c1601b4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4b89c2487db7c9b97805d64707812392 |
| SHA1 | c697b5e86fc5175f5566fcadb3469d93f0da1190 |
| SHA256 | 3f60bb165ea68dcdfc8002d9c1767b2f2fcf8806b09b171f1ee1bce5dca9b45f |
| SHA512 | 3bf8a06f1eb3b812133cfe9cf7f8aa66562650b38481e920385c12f36c80b48ef7ff495e6cb76f80d31856fc08950551cf33aa5e5f7832995c61a9d50e73915d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ba432461a3528efdddf62186540d02ad |
| SHA1 | 9fd50e824fd014d25427a33db8a06ff8f3184b79 |
| SHA256 | faa013c13f66535d1331997f7de09db2cc9427f79fa4ed350ceb01c1b734335f |
| SHA512 | c3ddb739787c3ed8ca7f0442b5c1a0366d9702803980a64267539af775f4220a7da8abd777cffb6643c266910f087de901aba8b53664d950a9f296cc3d645fa8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a57e6fa14442383f180e4003ed7fffcf |
| SHA1 | a8d1bd6df52c7a05bc598e8d72f202ed7d2c5b0c |
| SHA256 | 0705ff1a7d635db97c7424c4000ac6602ded7f2a52821af30511d714496c8b31 |
| SHA512 | ecc272c56ed16817ae9eb4483422a5c4d11490c582be10ef26c7330918ff060e25ff998f1762c12437f382c28d57b416baf5e624b878a5f6ae52d4297e49e26b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3c7bc3e48799a2ad55e73027f8335746 |
| SHA1 | ecb2d67e522037d802952c2ddf34ba38dc890c37 |
| SHA256 | ed917dc00dc93444e0f1349f3a583df5a0c5f242df5ca102d4889117bba8cd1c |
| SHA512 | 6d2c9aab223ffe3aedbcc1e2ec5a4df7b2a3a76f8d7b153e98961f0999f5870856d616a578d6ccf05c7575a1878a0b88ce4af0985776cb004e941d3c37eeb6b1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 52eb92be9735bbcfa2eb93025a73d202 |
| SHA1 | cddb70c7db1b24fde7f9ad435c23630402b860c0 |
| SHA256 | de3f4d2469c01b5bcb0f8e665ae7d7a2756d48f2bb07fd2654380bfb472394b5 |
| SHA512 | 14695f4c3b6d2ae558812216652ffaaae8ddc04017e3505566dd03512fcae3f5ac66d24985c5f2a1bb874d3afdd13644bf3d67d1e3425df13fdff9dc84534964 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6c521fc75f69f2fbc9c653721169e849 |
| SHA1 | 7c599249c1088785545b4a23f98335f2f8dd5be4 |
| SHA256 | 389ec69a8829d0493f791ece75177982c1783807ec5d8c9bee117c5d16f4293e |
| SHA512 | 7addfbb1826e07aa712ff74c6815f9de5fa620dbe6e48163b459396e17c61c22054fa04710e6c44fae2697dc15460999ad733f7e5285bd237c3f6c9e94bc732f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c0e589d544ff55656243896695933ae6 |
| SHA1 | 904ac03b4f52d7b50e4da4754f0d5b18b97f1ebe |
| SHA256 | 9fd03f0e253fadd6717bdacd44cccd4e5f28cdc096dcdc9180c344c2f6720b85 |
| SHA512 | 56c293b741af61fca166bed94da843f92abe612dc0caeadb25d7fb1b77912d194c19b3c567f2d60509c07b234e75a812f316a2e5c76b850f5cf1b87e39395ee8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 094faba0efd4dbcbf45cd7efdd59996a |
| SHA1 | fc3804e20e38a96543231f2820794fe0468fec4e |
| SHA256 | 4647d2916c140eff9ec4be67f6b0e61525fc78bc95bd42861ad781c513db721b |
| SHA512 | 953830ba6e6e011dc18feb428abc81ce3f9951851e065636f9c89e1f050bd5ca44615b466edaef10bb5d2faf7077da9c3fb9c939d5a3c4d3ec11d8131dd039d5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6bd96c7709138b03869ec2eeb091249b |
| SHA1 | 4dd0f9763a4078e3bfbc3177d2652a2ad0e5fcff |
| SHA256 | 03d9d03fbfc595b46abd7088da1759177be5309837fce4310bbd849817e35a57 |
| SHA512 | a8a5c1f090673abab66cc8e2ac3012da9a1403b3603a730d39189145d3ff5d9562c21254eea4f4e5d50bfc208c4c68738d7c3f7f89418862b644cca788644594 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 49b27437828e63f15dcb5b62c84a0e94 |
| SHA1 | adc86df145efa24acaf8d801bbb7b5ca9478ff30 |
| SHA256 | ebecd82ba0fb2b8605f111bbd6e397294d50f0394afcdc40325d2320701bc271 |
| SHA512 | d37867459c9988a8530ba3044d123af07609ac12f25c7671eaa93cd34565b1e0c5728215dbce592f2879f811610e2badf9589942b755f1ea0b83c44fab90eca8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b41326d5956cee6d7d132fb77d7acde5 |
| SHA1 | 3ef1be3fa2901c937cc68383f468bc957a7db99c |
| SHA256 | 94d0957e58fe8cdec000aa3e7588f38957c052187c90d1134f212cc746baac23 |
| SHA512 | 176178bcc46e64544f43391f54a8d343516f4a28a8ceb717deb2dc248d8d8b4b3c0d6ab07386a1328b6f12d1dd85aa797bbc02d696c8ee9d0fe752564a3f0297 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | be885f348e5da8bad8ede01a94788de4 |
| SHA1 | 2bdf6e719d6293dc8b06ec51f882bf179ec0efc2 |
| SHA256 | d5e9a097d7d498734645f0501d3f01495c13574794ed48265229867f5008beeb |
| SHA512 | 5179d595bba8bc40c6ac0ce9ffa9b2432d45d58fa128062698e3c7e1efeb69e2423e60d66deade94b0ac58057c4adbd51794a8b8db3ff2d227d887ce5ccbcb1d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | aef1a5cce09cc80cac195b20d929aaf4 |
| SHA1 | 8df8e973194b9bbb69c78ce7f0a7fb17e9d493c2 |
| SHA256 | 8422c364030f16b0bec4872f613c48c14206a7d75a9f2245c633d97a8b8fffa7 |
| SHA512 | ed8b4e834dc6ff1f7b42392d39fb39b7900d2e4ce82b406a7b294bec8c2710fe3564767e7788108a97a6a5a9e4d5368a22011e81683b3e7c2b56a04bca0a2713 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 4a56ea1805958108fddd61500d214d46 |
| SHA1 | b328077f9224d46af53af51ccee17e278f2f5ea9 |
| SHA256 | f219e26dd120ad7cdb9e4a31eb7f7ddc47599465f27a75c61b1974d0f9b65a69 |
| SHA512 | 74e4e6a98ccf5941963c1e385d60bfd6a71db96dae3f1c025e5cefb3d9943acbb88ceafc138cd61fe937f70f6716eef3e6bd954a49cb4af250bad9341a2820d7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 13c7b208a3e3ed7743c7a857cb4d667c |
| SHA1 | c092bfba9378b9053c21241258af678b72ba24e1 |
| SHA256 | d56ec9834d4c03b302969d34fc6efb01cbfa8fc48629826df1ecaa90548c3de8 |
| SHA512 | f5653951df160c81de608579f2941343ceeca401b38a4e0f1207bef9089a3b6a8ce26d550d1a27f977e5945f91e59e871bd66b4f907d088dd4bf5b9390b01d19 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e3d8b15361dbd3567e460abd8cb335cf |
| SHA1 | bf52f46a8458cf3a7b89ec583919d44c77ac0072 |
| SHA256 | c6dd8faf2cee85eda564e5f18ec139d1f69c9f94cfcfb6aaa8a33cf6802f20b1 |
| SHA512 | bf1ed3fc826f0680335c3c246830bbf0a2502ddb73c812afb733553ff2d549438245e203adba7bfd8e000ef0b2a13b67c8a840f797a0e9da8b32c6f7801e6d5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0c48b2d5e9f0bdb87cab87f86230b697 |
| SHA1 | 4210f4dd83dea0cf5e27771702f613a066a2fc93 |
| SHA256 | 027b889b33e0c3f03a5d19995ab184fa4e4bbbb08b065568861878630f3b1b31 |
| SHA512 | e814291ec50d6cc20f43886562f7ad3bdbca3d05b2204a964357f356e3c1816fd769abe3f95cc7e0e61f79019af317832821c6c9246fc9980eee6a09956af890 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 99b4a13e824f9c8a17b437f256a85f61 |
| SHA1 | d28d0ce271362cc654e66e083fe97d99dda99b8b |
| SHA256 | d0afab0319a6a0eba3fba81da7ad145d6d819029e32b4acbabf270e45e00513b |
| SHA512 | 5ee347519f6225dde767a5f272d15305ab9e6f52f164686183595dad9a0a7b40096341da0f6d79983fd2176c5b9716d83ab754c61293ae0b25b134d33e14fc9c |
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b263ed3a0b60c0182ae07ad17d555fb6 |
| SHA1 | a23d653fb991f23d4ba044f0ff66c7ab6b7c2e46 |
| SHA256 | 18c8f10a8b9ea18316b6f19303b90a5b448893a2c553a95c6a9b4343d0c98cd4 |
| SHA512 | 44bacbb3b389eb350967d45b3d3c896237e1d4fea9d4cab0ef4968d4af06af5f80e1da4ddb4754ea6162c4e4117a05c9f0f9466dabea124c9f44c7d868e55d95 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fe3ef64d0dedb1fe3d37c75c89c978d3 |
| SHA1 | 28b2e30a05d292acf30991d2348448b0786e5749 |
| SHA256 | c23588c7dcaf01a8adec0d13b1c4d7a01bfe390d4945072beeccb18b74a9a5e4 |
| SHA512 | d0dc8a5120de9324a87f98843e93da16f24e80f6b2e4a758b591f96076dfe3ae9d4ecbbe8d2d5a8e8cfa0bcbfcc6dec49d5efaf4de54194b6fc474d88f26e04e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | adf26ea3d072619fa85acf9a10861b32 |
| SHA1 | 031791d58f3d7d8732020886a795be9327f7c4d2 |
| SHA256 | 13fce05748c792a966d411ec2e2cfbc2170aaecaa11619892ea4a35e442c5ce3 |
| SHA512 | cbd3956602c8f4eb0897072a1091a738fca47a8ef106f59f5232143f2888413c1d2ac55126a14ca9b20d5317d674ab9842f43a3fe57fe46e2acc190c94e080d6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 161f1733a74637acb88444fc4fae892b |
| SHA1 | 5a108c3dca06fe898e1ab38c0459f5b5078df13b |
| SHA256 | 52d6bca0e34399a75d3b47a25307df8edc666674ac6b11f320dfec10bc0844bc |
| SHA512 | 8d83d48a6d0ef70e1128a554cf5c5fc01431e00447e51352156c4aa27a448fbac9f44903c7af9b0c3d44e8bebe82207bb318c1d8b4ffcf7003131d0617cf5de7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 425fe31b4e03147e10a4d889f9feacb9 |
| SHA1 | 4f251a93e918084dd314e593dd29425a6ec6de84 |
| SHA256 | ffdcff4231eb6e717c13b82bc72c54f4cfd3d5ee8ec8125670b9f406fdc9fb0b |
| SHA512 | b6f5f0bb0bbd3b4425f4524a5e4d7f89768f65e29fd7fb85ef8b8eba96b468c7246387527f8667f0590f9f4b8f8ede310399e2059be43aaba095623939cb2149 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1be8e0cca008204cc6cf8aa6439c47b1 |
| SHA1 | c9ec58d42bd109f7d787001e9f0c0ab82da604d5 |
| SHA256 | 5914d4f30fea3e7282053d251a1e069cac4e27ddbd881ba9c1e2428f6f6f4c42 |
| SHA512 | 3b41241c77e1bf21b7a9ac61874421e41d4c7484db3b1c562966228b250fe762408714b781e900587a0f7fbe5dbf98dc3839b83e004658bf7e4fd2d109c8d109 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f01ca31ad7031ea9a476bf7c8a27a062 |
| SHA1 | e054b9b65cad80b0bf2cf0e0e335794cad86fe93 |
| SHA256 | a2b499600044569756ea3bebb904a94787a89b4badca3f7f3811f1e05ea9e363 |
| SHA512 | 02e7f4924d434afeb2b56c63ab55290033baf2974fd00383b504593c19ed8532ca0664bef1a192cd9f588460e9bf16b07d6a43eedd6f73267acfc20f0276903f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c9ce56dd560364d4637a0e76a12532e9 |
| SHA1 | 26fd51f512f8e2c2480b9d683c71454a2858c5a8 |
| SHA256 | 818e3b3f051bcf1ca9d0b0a0fa514c4cd53284583b9b1a5cb74ef04044826bd3 |
| SHA512 | fcf70f576079b2ef098faed927ab753505d6162b06d9d993126da91510f31abbab752d73ceae8afdc4b47dabe2e4a106e0500e3feaa4480a11ca03c0e3cfcfd7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7af351609eba37e7b8a039307fd0904f |
| SHA1 | 3fac6986d2fed6a712ddeff0ed207c02cc6bc193 |
| SHA256 | c25c0a4764486ed5f493d793a815c16e09d8f0050930241dba38723b5d640413 |
| SHA512 | df7ce9b46daa6be09218be1f42da60d804cd64a82dfd5d0088b51e0db336484b23cecf07cba990ab563dd642f9174c077cbcf927696113698debcedf3b60a7f6 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 17:10
Reported
2024-06-12 17:13
Platform
win10v2004-20240226-en
Max time kernel
144s
Max time network
153s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a172bde20149ab165124884ef7414690_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4016 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=1852 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=6060 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5584 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5568 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=5404 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=5316 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6188 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=5524 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=6276 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=6516 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6204 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --mojo-platform-channel-handle=2204 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --mojo-platform-channel-handle=5060 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.180.1:80 | 1.bp.blogspot.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| GB | 142.250.180.1:80 | 1.bp.blogspot.com | tcp |
| BE | 104.90.25.175:443 | www.microsoft.com | tcp |
| US | 2.17.251.21:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | dl.getdropbox.com | udp |
| US | 8.8.8.8:53 | dl.getdropbox.com | udp |
| GB | 162.125.64.21:443 | dl.getdropbox.com | tcp |
| US | 8.8.8.8:53 | www.usuarionovo.com | udp |
| US | 8.8.8.8:53 | www.usuarionovo.com | udp |
| US | 8.8.8.8:53 | www.usuarionovo.com | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.25.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.64.125.162.in-addr.arpa | udp |
| GB | 142.250.200.51:80 | www.usuarionovo.com | tcp |
| US | 8.8.8.8:53 | 51.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dl.dropbox.com | udp |
| US | 8.8.8.8:53 | dl.dropbox.com | udp |
| GB | 142.250.187.226:445 | pagead2.googlesyndication.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| GB | 142.250.180.1:80 | 1.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| GB | 172.217.16.238:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 162.125.64.15:443 | dl.dropbox.com | tcp |
| GB | 162.125.64.15:443 | dl.dropbox.com | tcp |
| GB | 142.250.178.9:80 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.usuarionovo.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 199.232.192.193:80 | i.imgur.com | tcp |
| US | 8.8.8.8:53 | img509.imageshack.us | udp |
| US | 8.8.8.8:53 | img509.imageshack.us | udp |
| US | 8.8.8.8:53 | www.usuarionovo.com | udp |
| US | 8.8.8.8:53 | www.usuarionovo.com | udp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | img24.imageshack.us | udp |
| US | 8.8.8.8:53 | img24.imageshack.us | udp |
| GB | 172.217.16.225:443 | lh4.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 38.99.77.16:80 | img24.imageshack.us | tcp |
| US | 8.8.8.8:53 | 15.64.125.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i1083.photobucket.com | udp |
| US | 8.8.8.8:53 | i1083.photobucket.com | udp |
| US | 8.8.8.8:53 | i1191.photobucket.com | udp |
| US | 8.8.8.8:53 | i1191.photobucket.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| US | 8.8.8.8:53 | i52.tinypic.com | udp |
| US | 8.8.8.8:53 | i52.tinypic.com | udp |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 3.165.113.31:80 | i1191.photobucket.com | tcp |
| US | 3.165.113.35:80 | i1191.photobucket.com | tcp |
| US | 38.99.77.17:80 | img24.imageshack.us | tcp |
| US | 38.99.77.17:80 | img24.imageshack.us | tcp |
| US | 199.232.192.193:443 | i.imgur.com | tcp |
| US | 8.8.8.8:53 | i52.tinypic.com | udp |
| GB | 142.250.200.51:443 | www.usuarionovo.com | tcp |
| US | 199.232.192.193:80 | i.imgur.com | tcp |
| US | 8.8.8.8:53 | i56.tinypic.com | udp |
| US | 8.8.8.8:53 | i56.tinypic.com | udp |
| US | 8.8.8.8:53 | i56.tinypic.com | udp |
| US | 8.8.8.8:53 | i1191.photobucket.com | udp |
| US | 8.8.8.8:53 | i1191.photobucket.com | udp |
| US | 8.8.8.8:53 | i1083.photobucket.com | udp |
| US | 8.8.8.8:53 | i1083.photobucket.com | udp |
| US | 3.165.113.31:443 | i1083.photobucket.com | tcp |
| US | 3.165.113.12:443 | i1083.photobucket.com | tcp |
| GB | 142.250.180.2:139 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| GB | 142.250.178.9:443 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | themes.googleusercontent.com | udp |
| US | 8.8.8.8:53 | themes.googleusercontent.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.77.99.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.77.99.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| GB | 172.217.16.238:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.42.73.29:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 29.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | telem-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | telem-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| GB | 172.165.69.228:443 | telem-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 142.250.200.42:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| BE | 88.221.83.202:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 202.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | www.supercine3d.com | udp |
| US | 8.8.8.8:53 | 13.179.89.13.in-addr.arpa | udp |