Malware Analysis Report

2025-04-14 03:47

Sample ID 240612-xekyxazarr
Target a1d027ccb2ab05e7d670e41eb040e078_JaffaCakes118
SHA256 c4a5011419179d17e3ea879f4f8c0afb398d134e38744484de7e034fc3e6f395
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

c4a5011419179d17e3ea879f4f8c0afb398d134e38744484de7e034fc3e6f395

Threat Level: No (potentially) malicious behavior was detected

The file a1d027ccb2ab05e7d670e41eb040e078_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-12 18:46

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-12 18:46

Reported

2024-06-12 18:48

Platform

win7-20240221-en

Max time kernel

143s

Max time network

141s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1d027ccb2ab05e7d670e41eb040e078_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0eb41dcf8bcda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424379830" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a0aa79c9dce5f548ad9c3c71c71ea21800000000020000000000106600000001000020000000e62ed613cb9dbfe20fd1b5db1df643656220dc69f03a5ae349fcbe12386163af000000000e8000000002000020000000bcddcf348392374423b0ddeb49d9f4849ad7aea05f97a293f01db669b9b809ef90000000fde87283e6e6e96a71736657456a0868c0d6d5cca0a8cc704de9ad9fa1fc475052aa09bd7aa3d6e4b946e9bb7f85c41de2585006b4ae3ba3dd562d92485dc2e0c37d32da43832f4224ed30365803414a8bc9f3bcf693dd5539629f96fb389d9b2d74b833b4483a28d8b79575995ac11405752f424a6232e9ed559f29828a937f7859ee1de9a75c22eee7df6f2963f1e7400000002076cbe600ac0e3904a02cb97dec493e204a849ae51389df6fbe4695cd5c0966a4d5e20b98ae778d3ddd4e102b0d3ce385141d42df42872eb0431a367db83a87 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{04684D41-28EC-11EF-9891-EEF45767FDFF} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a0aa79c9dce5f548ad9c3c71c71ea21800000000020000000000106600000001000020000000308c02e2fb3470ada4a69c6888f0edc5d3d8eb3055e8afea280163ba3a0b3a26000000000e800000000200002000000075a7287c3f60f9594e81cdcba7bc83d814277771bd06065d20fc6d057c92056f200000005cfe080e85d96965540ce7f33810fb61a822682ba206cd98b76e707ab1554c81400000003c0a5cced5291bba90882cd7274dfb0f12c5cb3602a1bb85b7d0fcf237a475bb4612204a14481780e67fb3c92d3b1b68e9e1c0297dbeec6741157106450085b0 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1d027ccb2ab05e7d670e41eb040e078_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2080 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 s7.addthis.com udp
US 8.8.8.8:53 yourjavascript.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 img1.blogblog.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
GB 142.250.200.10:80 ajax.googleapis.com tcp
US 13.248.169.48:80 yourjavascript.com tcp
GB 142.250.178.9:443 img1.blogblog.com tcp
US 13.248.169.48:80 yourjavascript.com tcp
BE 104.68.81.91:80 s7.addthis.com tcp
BE 104.68.81.91:80 s7.addthis.com tcp
GB 142.250.178.9:443 img1.blogblog.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.178.9:443 img1.blogblog.com tcp
GB 142.250.200.10:80 ajax.googleapis.com tcp
GB 172.217.16.238:443 apis.google.com tcp
GB 172.217.16.238:443 apis.google.com tcp
US 151.101.2.137:80 code.jquery.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 151.101.2.137:80 code.jquery.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.178.9:443 img1.blogblog.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.178.9:443 img1.blogblog.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 8.8.8.8:53 player.tnaflix.com udp
NL 77.247.179.166:80 player.tnaflix.com tcp
NL 77.247.179.166:80 player.tnaflix.com tcp
NL 77.247.179.166:443 player.tnaflix.com tcp
GB 172.217.16.238:443 apis.google.com tcp
GB 172.217.16.238:443 apis.google.com tcp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 developers.google.com udp
GB 216.58.201.110:80 developers.google.com tcp
GB 216.58.201.110:80 developers.google.com tcp
GB 216.58.201.110:443 developers.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 216.58.213.3:443 ssl.gstatic.com tcp
GB 216.58.213.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
NL 77.247.179.166:443 player.tnaflix.com tcp
GB 216.58.201.110:443 developers.google.com tcp
NL 77.247.179.166:443 player.tnaflix.com tcp
GB 216.58.201.110:443 developers.google.com tcp
NL 77.247.179.166:443 player.tnaflix.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
NL 77.247.179.166:443 player.tnaflix.com tcp
GB 216.58.201.110:443 developers.google.com tcp
NL 77.247.179.166:443 player.tnaflix.com tcp
NL 77.247.179.166:443 player.tnaflix.com tcp
GB 216.58.201.110:443 developers.google.com tcp
NL 77.247.179.166:443 player.tnaflix.com tcp
NL 77.247.179.166:443 player.tnaflix.com tcp
GB 216.58.201.110:443 developers.google.com tcp
NL 77.247.179.166:443 player.tnaflix.com tcp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 34eef3c9cfd264ab7a5cffdc3d4c6088
SHA1 722e61aa2a50118b8060a0a5bb662ae3fa912d35
SHA256 2409f0b85c740544aebc2d5e2dd1e21eb153a9514c88812a24221d7fee718a02
SHA512 43fec42825775f6902dde69af302c62e82f0e2eeb3e9ed5f638f55e52a84848b1215b4f5d0167e9e171e497be8bf00a190f1f0312a9110f987bd8a984de867f7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 660b6e28b38ebe7e521064e60113fffc
SHA1 f2c25e9f931876bf6834191ec5b409f47f869129
SHA256 3e203426c4aa1403e940966905320c612ce4006cc87e03eb64058eaf6d402433
SHA512 96868e652d5e0c25b4d0f0ada20d345115f0c6fda26d3cab724c0c1867386d2dcedc408c51f776b7e019ce2e22755017d99bf663cdd9fd0d88b26182c6434bcc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\Local\Temp\Cab2ADA.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar2C09.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\platform_gapi.iframes.style.common[1].js

MD5 682c26af19b240f98d2cb951721fa54d
SHA1 18e58b652c7f82a55ab4b1910693686049e25d62
SHA256 96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980
SHA512 078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\cb=gapi[1].js

MD5 f9255a0dec7524a9a3e867a9f878a68b
SHA1 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b
SHA256 d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d
SHA512 d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6310e550c388bb879487c552eb15496d
SHA1 abb617035a9cf96f6bc32193e461a651e2c77a76
SHA256 5ade9ec93625129f2897856f75ca52565755cc1e6c7752ee1f2cefe3de9d3cc1
SHA512 b147356f53b238e97cdab5134dd5adc9cfb24397c3a8e4dd15e230025380932e6d2f517fac7d5f7043f6b9d6057292dca35f6582451ee2eec67edd4135303e54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 50abc02c57161d70603165926e7817a6
SHA1 6d74faaf77e97cf98195958a25449b6c63840011
SHA256 4d598e424d146dec5a2b274c8381666063d397495ce15847e3483bd5fc58ec0d
SHA512 a2488251147c96b314d7ea5603c702de2a999cc75aea9dabcc690d279172fca1da6f43b5fd4be2b92396046e569b738445aa9957b932a1f4eb741e4be9585e04

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 15751cf97a0a1a7a94fe77923bbcc539
SHA1 eb9b7849090f687af64bfe7df89d6c4f8e2ecd10
SHA256 287b600798be6a52e42d373104d1910002fdfcbd054f246286d561300198196d
SHA512 d6155e87fbfb248043f868e6eb8b41fa97c42b685015444bd7b7dd9120d58dd543cf00a403e9c276461a8282f72147b049bb1420048a5b3a3534f0c4eef1a26e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c8128e4c6856262960d8b64d139f2ffc
SHA1 7cda286845eeaa4bdeac6a39b3810a47c430f262
SHA256 a8a3438f8590ce251b22905b7c9b185fd33e33c07116a8dfc4b52c30e118f60f
SHA512 a6563c32048dd7894090372ca61997e6c981d89c471157f088cc2a087f288b480fa583b35f675290a1fb62d001a3080a2dff528d262a68ef5be5157d48bd7098

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6d6df6283dbb86804894b5dc33ade073
SHA1 0c97d78efba7e9dd85a7176e6e8a5d5bcccb68fd
SHA256 10bf61db43c845c8b9a49991e3f8a40eb4568998cd2780d67a45f84e1e98a68f
SHA512 563330173616fda7030df9ef79fcdc94ba3d50e4a127cad4a7620f6fd90efa9b0642b5636aa9b26fadcc9dd1e34d64eebd5c423e699e9f80b440dce97ee0ac39

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ca350f7052ff2cdfe09c52e22494e295
SHA1 360eff01f56d08ffa017ef079f5402ec68ac85a1
SHA256 fdf4dedbd4b47d0c668c6758a776dcd4033fe4ef89f726351d2bbf338bef7cc1
SHA512 1a131f9725da28d4887995c365139af2ab13fa023826414b9065a3f3c7eed9b5f7ce35f696563ba6b430a7be870b02a9861f586cbad30668130a2ccc5e92c67f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4ae2b05cc84af098b578508ec0e5ab12
SHA1 79ba13d07bdb19ea447c4a2a146d7f159b2f1d2a
SHA256 f1103c73b33fb3d38100548b3bd29905e251adb251db51d03cac0a7ae3446e62
SHA512 261f36b90b2c9df68046f4f8d440d1711582123b4b0d8c37466bc933795cad13c5a7bc01993dea738a2f9674529cda931bb6d541759670c7768572ec2f5c87af

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6dc638ce8840f725f5dd129e1c638d12
SHA1 d5527317ae7bc5fb071f294a8090526dc105629e
SHA256 c125e0602216bea5c8d64be38f38f1bc7973f751db19a8457635e7e44ffd0e36
SHA512 81ef38dd6f7ae8b09ac12442b0e8854cfedb2900c3b2a4b543a41ed7996fc74d7e2dc171b7b67ff334ca6f771113e593dcc156b61df4b9de5c76ef265263d08e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\jquery-ui.min[1].js

MD5 e436a692a06f26c45eca6061e44095ea
SHA1 f9a30c981cb03c5bfa2ecad82bd2e450e8b9491b
SHA256 7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040
SHA512 1b09a98336cbc0c8ff0f535a457a3db3cd3902e4a724bb2e56563648ed1a36201dd84e63f45dcea80bb6edfe80a17db388379417386dec76341fb9eadbafa88c

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\2049701504-widget_css_bundle[1].css

MD5 4cd480424dfd14a2f1e65536603ce132
SHA1 b0413dffd38285af1fa71863ab959df2c034e4ba
SHA256 a5159b95466b34f608aec831b8b44a03f9a006411f38ae8627e8454af145ac5f
SHA512 8d61971006fe8926d3eef491a2d8d7c9523c99e35c54034859f3a7b83b367c116e254296166446bf907e8f313dc63a23c60cb822ca325994729fd493ac0aa4b2

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\relatedimg[1].htm

MD5 e89f75f918dbdcee28604d4e09dd71d7
SHA1 f9d9055e9878723a12063b47d4a1a5f58c3eb1e9
SHA256 6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023
SHA512 8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\jquery-2.1.1[1].js

MD5 7403060950f4a13be3b3dfde0490ee05
SHA1 8d55aabf2b76486cc311fdc553a3613cad46aa3f
SHA256 140ff438eaaede046f1ceba27579d16dc980595709391873fa9bf74d7dbe53ac
SHA512 ee8d83b5a07a12e0308ceca7f3abf84041d014d0572748ec967e64af79af6f123b6c2335cf5a68b5551cc28042b7828d010870ed54a69c80e9e843a1c4d233cf

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\592886021-comment_from_post_iframe[1].js

MD5 5e4e10b9cb689b8f010f580a348f46fb
SHA1 222efd92a3217d33036aa242dc080dde397ef88e
SHA256 482814859d6573f7ff8c20c7faad5139568d116df1ee9558cdd094db2535b15c
SHA512 ae117950571186ec560ad581af1118371c1bf4a756fae1e76bc088ae9df8fa76d085e60995388f60a68870ae5d3c9fd99847f53c4fa5e02de15a97b326f982a7

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\cb=gapi[2].js

MD5 59e7715983f1a5c4cdde2c76b015e21e
SHA1 0c9035da67e550e458c053e562f3781e0520e182
SHA256 85454302a9280ba5160a95772914c07adda5b464d74a354f13540f9ad5127aec
SHA512 449d9ea80695a0c96d501b7d5a98328eabca18576770572b472fac7553723bcc4d55561f980f6bd4abb7d173a8d5525ea1abce92fd794c92ae36edd2aa12e522

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\cb=gapi[1].js

MD5 ff1291a6a1697c1c00613cb070706bc7
SHA1 b09c47ccd1f16f3fb38885d3ebf53f67125a582d
SHA256 261a426757dd5ad87132211a65acdfdf30d9512f3f65fba35b6ef849b9126cfe
SHA512 201bdd3b8189f4c9a5640c3e183e4e70c030c55005eea552524da535721fd77f91193a07c0e86fc9412d051508c18a2352e2532aeb30b9fa44c249decb628b22

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\3604799710-postmessagerelay[1].js

MD5 40aaadf2a7451d276b940cddefb2d0ed
SHA1 b2fc8129a4f5e5a0c8cb631218f40a4230444d9e
SHA256 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2
SHA512 6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\rpc_shindig_random[1].js

MD5 6a90a8e611705b6e5953757cc549ce8c
SHA1 3e7416db7afe4cfdf3980daba308df560b4bede6
SHA256 51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679
SHA512 583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ce8a59791e94fec9ce0639d53aad26a0
SHA1 3d89c80d73585cd735e2af54fb134e7cbaf013bf
SHA256 fdb89ccfd0dbe2cc196675e1288970df9e7bd5ff8f69c079db36b2385e59dfc4
SHA512 abfe59f1a5b7bc7a590da8591cbae6f7d588b5682aec92e8ebf4fe8b11d006a235b9b31c24bf95897de629cef3442f1a948b55a757ac7bdd46ad0cdd23710ab7

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\2621646369-cmtfp[1].css

MD5 9f212334462c2e699353dc8988690a19
SHA1 2e25d1abe33ec5ebf10e0a6b055e38c9671802a2
SHA256 2529a8451bea93302e41dc0fad03f7550094f4ef5ec4f3800f28c2639d5e2789
SHA512 58e906a50f8b654e79b242f1323dcb08773937f723d01caca4f675ce2091eb20caf2fce23a7a15443fa4a6643716662304d83b95ac7b7b64d588168b47ce9407

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\1697667608-cmt[1].js

MD5 d4d9a872c9031d789fc9951419cba3a9
SHA1 9a236e6c92b592176aa891bab0ed122d11aa377d
SHA256 98379f53e644e9556207599ef2cca7a36b6cfdb9fb6420ee49c421fabf5b8db9
SHA512 1007a7f59c0cd8324fa3cda10983a97886abd7c343b3d284d89af64ec5bf62f9d0e514d2f673c71af5500401574a73a54661b77814b44d6504637092c50cc792

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\uzLmB-hD-fj2VMQZKsG8SEy_6Kb5a8vndyfTSmYVJek[1].js

MD5 4f672a598d5c99cbac05add32e1539c3
SHA1 b04c7d9a7a77f688571600c24af05e2ea9db924a
SHA256 bb32e607e843f9f8f654c4192ac1bc484cbfe8a6f96bcbe77727d34a661525e9
SHA512 a3136e7f49fa2ce1bfbd18a405866806c09e7b412dcec5c82d0e3cf532633cf41137b9db9c755363cc617e782afe45dc338c80773519a6b06ea2fa98d56ccdea

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 5e1db718821c185d8d8d1757a34acf0b
SHA1 144e1a3329c5b1b07d931dd7e06dd126f22c5979
SHA256 55d7ea323648bea4b0aa79e18c1fe0d11be024b469570ba28c2e4f4dc8e481db
SHA512 7156fe4cc8efbd8972cb2fa4dac5f79d2465382acdaefa2ea2198bda492bd3ddb1c907597b61631c3def189ffc038053e0160b8a7b01a241084322a3ff0cc551

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 75ea0f798504d6b2621e7e9d14eac88b
SHA1 d353d67319e2aa4a89a5aa4ef07ef27c15aaf592
SHA256 db7e1a5d7c222adb52f6b3e9909f81fa07af70766e3006d835de9f33051410cd
SHA512 484bfc52d3a04d470d9a33d1ee4ab93006679c1df94e8b3657d0a0d7baf881d172ffbb9e201803eef1f38cd8ac0ed676ab7892bf148324d9b91baec6d5f7626c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dc7d888942907979aaeb26bacda60656
SHA1 01fd3aff2ada077c8f53c795e6fbb660c4658ef8
SHA256 7ebb0b202c64aa49427206565680f390d7ff749a39b5178cb979f0247b18f5e3
SHA512 e8bc4af46a92e4e58f946b48c652e47a4dc09ac15fd8c4126bc1b181622f01165e83d67b16ae78c10c6db619f70d120fd21c11c9fc9d4305f6f4f6087ff9b76b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 522f177891edbe5744cd9f574cc941c6
SHA1 25bc30e4ce4c029f311eef20bf79484f49e90c50
SHA256 0c7baf73c2b1fb99e63ec4c3ea56373e104fb5e1adc536d5b658cb61f285d6d5
SHA512 b1311bd3c4d7bc1b3f2b4263efdf8439661d60d59c4ee2a35781175f51d63217edc79921b74c7808b17f98dd6191684ea234b06542bda2a90eb6a2b7d71ef9f8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7c3e3dc7354f6a21dc60247cd39c4e46
SHA1 475989843ea9155a12e7a3d3e88122886d46b48b
SHA256 36135c579a74f8f5d939c506cb6b38afcec793ee1503c7ed13ffdfd907c537ff
SHA512 42d09c540df2f5a69207772b9225bb385a6ff012cfb5b875ae673c40756986d802f9ad10cfde7490d1e2fc68ad4168c32e8ebb36cee2131e9bbd715afb407363

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 28ec0ebb79f39b62251a844c6085ed29
SHA1 5bc40508ef2481acc31fb9b9e882087d4b4e962a
SHA256 dbb4e67281f5b04a6606ed45942cfd0134a837aaa7f8d2fae97d0793467990e3
SHA512 ac693e591dc80c13ddd19854c652644b96de62ccc5c29bb1e0dc07ea64f848601fee69e214515e5b6f41b4cfbabcca75f075cd9312075b0cac9f024644b14184

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 51b6599b36f349b0719e9a9fbdbb0c31
SHA1 73c4ed64807a9686bb531de0b572d908f082396d
SHA256 6fbe916720dd0cb78b39cda76b1075fb093650df6e29cabf8706c47f77179f0e
SHA512 2b9d552f20fbc890814a718b8d64c1e7a15ebeb5a09e2cfea3863f0485295ebe30a1104f703f4c8ed3a9005a5480aba227a35bba4173701e8d23ad7d2e3735ba

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 eb0976426a41c0cd2458b5c0cec83e17
SHA1 1af3a84e7293b30eb6c2eb377b7ef032d811cbf2
SHA256 0fa5a72c024f4456729e06db6dabf1cdecb21fdcdc9dfa250d5ba17ce4c5aa6e
SHA512 7caaa3bef952d62d2edf73e49d6c0b5f0b58a41859184ee12ac89cc4ad3cdd51224da5b8dd1f414c156a2ec0e9475b30954ea6586738b8601f26f9bf38cdd75e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 3a149888a4625991d12dd3abe53b417f
SHA1 f7eac5e316658917fac3ad70f8ab813d950c24d6
SHA256 14e959a1ff612616f8340176af13de413bcf7a743943475388e495947a9d0599
SHA512 72d982b82c576dbfc9cc706a2728adc459c7522339dfc4d445931e1fc6a174d0492ff59a8c8f9cf9da886a0e098ff74d217a9288b5129dc73241c70a77b03adc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d44f5483fcc2790ccdb227a12955e061
SHA1 9c14921a8e0d3142983cc3c456baadb4c25abda0
SHA256 387e8b65f90c4078f6aef7da936def40f24278af76e5db2b6119fb92717ceef7
SHA512 ba79066374fd81d106068b39a504287ac9c31121b0ea01817c49e430e2cb868ea8e5b0611cb40b890cc4a066689f5c08b17d5a400a7417f85e4877cd4ebaf4b4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8d005177aeed9fc0e490199c19c673ec
SHA1 0ce51b56f7955eda452bd22edf004d1211c19437
SHA256 32c1b3bf6a54e05543fa8a07b498e48b3334e90ed03cbe808007f037acd44f4d
SHA512 e8d6a1158b36c644ecf8c71de97bf6273544af01049cc6ee3cf50783cb860a685615b416b897baf6f11e188c613897cbe361a4f773f1b071b6b43e29fd2ede04

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3e08493a8bdac0417eb4be4cd9e13249
SHA1 db56eba549c8aac2be73e16788c113b5b557a9fd
SHA256 7326d2a6100d28fec2566c7ea842d3e3ffb7690db03b01786974c17fc2f04b13
SHA512 eaeae4ff8fb46b3dcc71233b1411de2a4795d71004fd539fff4d9371c33fa4def958c111c79affb57462129a4785103173bed83e246486f82b1571fb6e2bd76f

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\62159[1].htm

MD5 84855c13836b389d5ec7cfd4c9266173
SHA1 1cf3056ff23c4176fd7ca9816a000ed461d6d323
SHA256 502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae
SHA512 2479112004884d42d4ffe1174dc358c5d1b0fa2b41641d32f2fb67539c4f834d63cfbbf7e98c63b9a64e49b26390c410bb7e50f1ad4a755f32d081367af05fcb

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\fastbutton[1].htm

MD5 4df07581948280a6e769a24c5d99d775
SHA1 843a2c95362347eb8894a6acb607f139be65ded4
SHA256 3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73
SHA512 bfe455150379d9ec4303659ac16a5082e093ed248fa9d75276bda05287d8bd51c43aab5896826ca55ffee88dce281df359fed6d38395ac3e7cdb7b68c2d35e4a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7a429901f80bb3c4395f3f109adb3982
SHA1 1aef4fb93cc6588e3fb1120ca6a5470c374006a7
SHA256 dfe372603a5d8fe8291760a3d8a74638e2ed9acb42a3ccb7dfbeea36070b5c69
SHA512 c6984cafee43ed0fb66c22b57195d9646aba52be762b4950e775824ffb5a4811b7d44d5f1fd0e2e70c2ffc88318115f95482c6458fb70d93841d457c32034c9a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\navbar[1].htm

MD5 50e63e91eb56953075228cbf934c6ba4
SHA1 ea8ceb5ac0c236a9ae8dc3d4f6ed258a93477abe
SHA256 ef4912a3e9403178cd488394c36224b55659fdad30ce4ba6c870247ae7a201fd
SHA512 6cadbed78b1726102033a1fae1e6a46fc5f91598410b533baa0a32ea76d7f473fff718437c0ec5775793e0db2597fdcbe7edbb4e219dc4c29d031dd1b018f863

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\DKG63DI2.htm

MD5 211a6b2e4e6cd50f5035ee8fd9763172
SHA1 62e7007ed4adb7b805966661f1c3065fc0c473d1
SHA256 a7f9f10190b948cbe9d630eb092768834c322899fe26859c55aaeb1e5aa04773
SHA512 a1494755cad357640ab05cd1d0c0278e7af3b22e5ebdabf711f1e01104c8465a3eaffb570913064cbeb891be274cad65f35e36682cd91c35ba229b464370b5fe

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\errorPageStrings[1]

MD5 e3e4a98353f119b80b323302f26b78fa
SHA1 20ee35a370cdd3a8a7d04b506410300fd0a6a864
SHA256 9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66
SHA512 d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\httpErrorPagesScripts[2]

MD5 3f57b781cb3ef114dd0b665151571b7b
SHA1 ce6a63f996df3a1cccb81720e21204b825e0238c
SHA256 46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad
SHA512 8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\1[1].JPG

MD5 70ec9195053c7e3cf8ec98b78c4e0c78
SHA1 6e7e3c86b6f94704944f9c1b21658127d8aa73ca
SHA256 c629b2bee39a4532c353935d516e0138252ffe54a7b1c7cd7e27bfb36781d74b
SHA512 133c86b59a4b2cc28da45ccd7c6268d043aa8d950a089eeb4922a132a89eb06894bae3cb31524f32f730c24680bcbc0c538e01bc76fe12af5a4a5d8d08f4793d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\Idool[1].jpg

MD5 e57924d189e7747924e2ececadf5d91f
SHA1 9304d20b2381bfaf974b1712a58aa03ee76b4816
SHA256 ff99bb4813e541fa6b09c95e1a99ef8da29ae4fb16b0eec50299f53455026063
SHA512 84a8fee1de19cbf36895a4b55b7c4e56a655be4f42bb276135316c49af30f363dedbefdfa50a3e2f3ede1899e1c4aa9049b7da3b84046b222b9246cba80ebcdb

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\icon18_wrench_allbkg[1].png

MD5 f617effe6d96c15acfea8b2e8aae551f
SHA1 6d676af11ad2e84b620cce4d5992b657cb2d8ab6
SHA256 d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
SHA512 3189a6281ad065848afc700a47bea885cd3905dae11ccb28b88c81d3b28f73f4dfa2d5d1883bb9325dc7729a32aa29b7d1181ae5752df00f6931624b50571986

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\batas[1].gif

MD5 5b5bc61d7b5c90d91dd6a9e681481e2f
SHA1 773779311ddb80233f5700f60e4b675f96c9c0f3
SHA256 dbe40fa96687ac16e7d79ce7d0cada9b5fbda6a3021a79c0681e8396211c04a0
SHA512 e3d8144000a16673bd6f2a7bf9c2385047aae4f1aecaeacb32a505c6964a701b7dacfeb91f5e446f2630e2e670b66eaff98fa7de53132f6156487f640b8e896b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\share_buttons_20_3[1].png

MD5 ad9999106d5f550920b586e8e1704e5a
SHA1 93fd02c51166402a41f96509cd0ca3fb917877dd
SHA256 3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
SHA512 de6552632f76a64c26fc0f27cce741fbb383d60c62a4999a79023d3207b0fab754cc975b4988b3f65ce481791c434d18d427ce3d98d7838ad0ed05a1d8125519

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\arrow_right[1].gif

MD5 4f97031eaa2c107d45635065b8105dbb
SHA1 42bda037423c40045f7852bdace0e657dd94ecbf
SHA256 fb57165d255438328c270b4fd85a6873c65f61a6ba64eedcd2dbade61386edf4
SHA512 cee33327bc5f5f34aa392ab2ba3df755348f1279ec10cf18da4119f3a5884b5a4304228b8c0fa2d35b81ed166874efebaba1503d5685cd089ba5a4e86898b99d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\arrow_down[1].gif

MD5 3b2441ef107848e00feb754f18dfe880
SHA1 8098172ecdec9b8554172f028e91c7a30352bfde
SHA256 ebe34389aa08d8f4494fc8c0c7e8a90029e7092d9b857ca635fa493999716675
SHA512 6bd089121f9d60150ce194805e48ddca7e05337eda40413f0f7a9a4a7eb51ffb69ad04d1045b3a8bf9704c7e7bf6606703f1ccc431ad2f734fa4b3eff0072e54

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\mas-icons[1].png

MD5 f1d1d5333a3a267d6f8a93391b8a59cf
SHA1 de8e10b4ed6e79ac6af6048e0ffd2b1578a6cb0e
SHA256 d45b8c80dabfbb5bf5d14bfd232b35231dacc7ba6e93631557812eb99d852886
SHA512 f4bc7130406520e996796187c85d02bc05d52f7e66a85ebc0dfe03deb0c2ab176be791108c0f88d6cd19a305ca4714de53e2d3501556c8a952a056231f5466aa

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\blank[1].gif

MD5 325472601571f31e1bf00674c368d335
SHA1 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
SHA256 b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
SHA512 717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\forbidframing[1]

MD5 5cd4ca3d0f819a2f671983a0692c6ddd
SHA1 bbd2807010e5ba10f26da2bfa0123944d9521c53
SHA256 916e48d15e96253e73408f0c85925463f3ee6da0c5600cb42dba50545c50133b
SHA512 4420b522cbe8931bba82b4b6f7e78737f3bb98fc61496826acb69cfff266d1ac911b84cb0aeeadd05bd893a5d85d52d51777ed3f62512c4786593689bf2df7f0

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\ErrorPageTemplate[1]

MD5 f4fe1cb77e758e1ba56b8a8ec20417c5
SHA1 f4eda06901edb98633a686b11d02f4925f827bf0
SHA256 8d018639281b33da8eb3ce0b21d11e1d414e59024c3689f92be8904eb5779b5f
SHA512 62514ab345b6648c5442200a8e9530dfb88a0355e262069e0a694289c39a4a1c06c6143e5961074bfac219949102a416c09733f24e8468984b96843dc222b436

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\red_x[1]

MD5 5f3c13a459a72438e42b2289c7af2034
SHA1 f43551be102cd1eb0b2e87dc24f980720194a56b
SHA256 a7a63ca1370cd6fc3470fa81bb1dcb21bce31b0048a36e5bce8914eeb88daab1
SHA512 14e82e281dc91ed57eab780279d167413185db3fa7be49fbdb4942888e7f4e30b1a0536b269258fb8c3975bcf2bc189b51aac4f70bf44887bc17506df6ecb507

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\bullet[1]

MD5 26f971d87ca00e23bd2d064524aef838
SHA1 7440beff2f4f8fabc9315608a13bf26cabad27d9
SHA256 1d8e5fd3c1fd384c0a7507e7283c7fe8f65015e521b84569132a7eabedc9d41d
SHA512 c62eb51be301bb96c80539d66a73cd17ca2021d5d816233853a37db72e04050271e581cc99652f3d8469b390003ca6c62dad2a9d57164c620b7777ae99aa1b15

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\background_gradient[1]

MD5 20f0110ed5e4e0d5384a496e4880139b
SHA1 51f5fc61d8bf19100df0f8aadaa57fcd9c086255
SHA256 1471693be91e53c2640fe7baeecbc624530b088444222d93f2815dfce1865d5b
SHA512 5f52c117e346111d99d3b642926139178a80b9ec03147c00e27f07aab47fe38e9319fe983444f3e0e36def1e86dd7c56c25e44b14efdc3f13b45ededa064db5a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\sslnavcancel[1]

MD5 7045df0a1c24e7aa975fbdea55f3efb6
SHA1 3e32770173913f12a4a5e808af8db02594ab63ab
SHA256 7791b6b3a3fdd539fd7730ae0c64843a657b30ffda9a00b9de8c36d28fc65135
SHA512 3e551d32ecc095c6fdbcfa6000981193a20949c9da0306ab0127aaf4bbb8a07643c96058ef5919ee5940630812abec80a9501d36550ebb72475ff0adbfd70bf7

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\dnserrordiagoff[1]

MD5 47f581b112d58eda23ea8b2e08cf0ff0
SHA1 6ec1df5eaec1439573aef0fb96dabfc953305e5b
SHA256 b1c947d00db5fce43314c56c663dbeae0ffa13407c9c16225c17ccefc3afa928
SHA512 187383eef3d646091e9f68eff680a11c7947b3d9b54a78cc6de4a04629d7037e9c97673ac054a6f1cf591235c110ca181a6b69ecba0e5032168f56f4486fff92

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\NewErrorPageTemplate[1]

MD5 cdf81e591d9cbfb47a7f97a2bcdb70b9
SHA1 8f12010dfaacdecad77b70a3e781c707cf328496
SHA256 204d95c6fb161368c795bb63e538fe0b11f9e406494bb5758b3b0d60c5f651bd
SHA512 977dcc2c6488acaf0e5970cef1a7a72c9f9dc6bb82da54f057e0853c8e939e4ab01b163eb7a5058e093a8bc44ecad9d06880fdc883e67e28ac67fee4d070a4cc

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-12 18:46

Reported

2024-06-12 18:48

Platform

win10v2004-20240226-en

Max time kernel

145s

Max time network

153s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a1d027ccb2ab05e7d670e41eb040e078_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a1d027ccb2ab05e7d670e41eb040e078_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3260 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=3280 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4860 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5500 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5928 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=4564 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=6076 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6168 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=6308 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6864 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=6788 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 51.11.108.188:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
GB 51.11.108.188:443 nav-edge.smartscreen.microsoft.com tcp
US 2.20.12.87:443 bzib.nelreports.net tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 2.21.189.233:443 www.microsoft.com tcp
US 151.101.194.137:80 code.jquery.com tcp
GB 142.250.178.10:80 ajax.googleapis.com tcp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
US 8.8.8.8:53 s7.addthis.com udp
US 8.8.8.8:53 s7.addthis.com udp
US 8.8.8.8:53 yourjavascript.com udp
US 8.8.8.8:53 yourjavascript.com udp
BE 104.68.81.91:80 s7.addthis.com tcp
US 13.248.169.48:80 yourjavascript.com tcp
US 8.8.8.8:53 188.108.11.51.in-addr.arpa udp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 9.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 137.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 s7.addthis.com udp
US 8.8.8.8:53 87.12.20.2.in-addr.arpa udp
US 8.8.8.8:53 s7.addthis.com udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
BE 104.68.81.91:443 s7.addthis.com tcp
US 8.8.8.8:53 www.microsoft.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 player.tnaflix.com udp
US 8.8.8.8:53 player.tnaflix.com udp
US 8.8.8.8:53 player.tnaflix.com udp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
NL 77.247.179.166:80 player.tnaflix.com tcp
GB 172.217.16.238:443 apis.google.com tcp
US 8.8.8.8:53 player.tnaflix.com udp
US 8.8.8.8:53 player.tnaflix.com udp
US 8.8.8.8:53 player.tnaflix.com udp
NL 77.247.179.166:443 player.tnaflix.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 img1.blogblog.com udp
US 8.8.8.8:53 img1.blogblog.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
GB 142.250.178.9:443 img1.blogblog.com tcp
GB 142.250.178.9:443 img1.blogblog.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.178.9:443 img1.blogblog.com tcp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
GB 172.217.16.238:443 apis.google.com udp
GB 172.217.16.238:443 apis.google.com tcp
GB 172.217.16.238:443 apis.google.com tcp
US 8.8.8.8:53 www.cebr.info udp
GB 142.250.200.2:445 pagead2.googlesyndication.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 233.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 91.81.68.104.in-addr.arpa udp
US 8.8.8.8:53 48.169.248.13.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 166.179.247.77.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 216.58.201.110:80 developers.google.com tcp
GB 216.58.201.110:80 developers.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.16.238:443 apis.google.com udp
GB 216.58.213.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 img.tnastatic.com udp
US 8.8.8.8:53 img.tnastatic.com udp
NL 185.59.222.20:443 img.tnastatic.com tcp
NL 185.59.222.20:443 img.tnastatic.com tcp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 217.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 20.222.59.185.in-addr.arpa udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 twinrdsrv.com udp
US 8.8.8.8:53 cdn-fck.tnaflix.com udp
US 8.8.8.8:53 cdn-fck.tnaflix.com udp
US 172.66.43.59:443 twinrdsrv.com udp
NL 77.247.183.69:443 cdn-fck.tnaflix.com tcp
US 8.8.8.8:53 cacerts.geotrust.com udp
US 8.8.8.8:53 cacerts.geotrust.com udp
SE 192.229.221.95:80 cacerts.geotrust.com tcp
US 8.8.8.8:53 m3.twinredads.com udp
US 8.8.8.8:53 m3.twinredads.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 195.181.164.21:443 m3.twinredads.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 img.tnaflix.com udp
US 8.8.8.8:53 img.tnaflix.com udp
NL 185.59.222.20:443 img.tnaflix.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 8.8.8.8:53 59.43.66.172.in-addr.arpa udp
US 8.8.8.8:53 69.183.247.77.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 21.164.181.195.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
GB 216.58.204.66:139 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 developers.google.com udp
GB 216.58.201.110:443 developers.google.com tcp
US 8.8.8.8:53 23.159.190.20.in-addr.arpa udp
GB 96.16.110.114:80 tcp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.42.65.92:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 92.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:445 www.google.com tcp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 13.107.253.64:443 tcp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
NL 23.62.61.89:443 www.bing.com tcp
US 8.8.8.8:53 89.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 219.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 211.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 s7.addthis.com udp
US 8.8.8.8:53 s7.addthis.com udp
US 13.248.169.48:80 yourjavascript.com tcp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 player.tnaflix.com udp
US 8.8.8.8:53 img1.blogblog.com udp
US 8.8.8.8:53 img1.blogblog.com udp
US 8.8.8.8:53 player.tnaflix.com udp
GB 142.250.178.9:443 img1.blogblog.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.178.9:443 www.blogger.com tcp
GB 172.217.16.238:443 apis.google.com tcp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 www.cebr.info udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 www.cebr.info udp
GB 142.250.200.2:445 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 img.tnastatic.com udp
US 8.8.8.8:53 img.tnastatic.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 216.58.201.110:443 developers.google.com tcp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com udp
NL 77.247.183.69:443 cdn-fck.tnaflix.com tcp
US 172.66.43.59:443 twinrdsrv.com udp
US 172.66.43.59:443 twinrdsrv.com tcp
GB 172.217.16.238:443 apis.google.com udp
US 8.8.8.8:53 wmptpr.com udp
US 8.8.8.8:53 wmptpr.com udp
LU 93.93.51.189:443 wmptpr.com tcp
US 8.8.8.8:53 galleryn2.vcmdiawe.com udp
US 8.8.8.8:53 galleryn2.vcmdiawe.com udp
LU 93.93.51.190:443 galleryn2.vcmdiawe.com tcp
US 8.8.8.8:53 189.51.93.93.in-addr.arpa udp
US 8.8.8.8:53 190.51.93.93.in-addr.arpa udp
GB 142.250.200.2:139 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 31.243.111.52.in-addr.arpa udp
GB 142.250.187.196:445 www.google.com tcp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 142.250.200.42:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
NL 23.62.61.72:443 www.bing.com tcp
US 8.8.8.8:53 72.61.62.23.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 205.201.50.20.in-addr.arpa udp

Files

N/A