Analysis Overview
SHA256
c4a5011419179d17e3ea879f4f8c0afb398d134e38744484de7e034fc3e6f395
Threat Level: No (potentially) malicious behavior was detected
The file a1d027ccb2ab05e7d670e41eb040e078_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-12 18:46
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 18:46
Reported
2024-06-12 18:48
Platform
win7-20240221-en
Max time kernel
143s
Max time network
141s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0eb41dcf8bcda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424379830" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a0aa79c9dce5f548ad9c3c71c71ea21800000000020000000000106600000001000020000000e62ed613cb9dbfe20fd1b5db1df643656220dc69f03a5ae349fcbe12386163af000000000e8000000002000020000000bcddcf348392374423b0ddeb49d9f4849ad7aea05f97a293f01db669b9b809ef90000000fde87283e6e6e96a71736657456a0868c0d6d5cca0a8cc704de9ad9fa1fc475052aa09bd7aa3d6e4b946e9bb7f85c41de2585006b4ae3ba3dd562d92485dc2e0c37d32da43832f4224ed30365803414a8bc9f3bcf693dd5539629f96fb389d9b2d74b833b4483a28d8b79575995ac11405752f424a6232e9ed559f29828a937f7859ee1de9a75c22eee7df6f2963f1e7400000002076cbe600ac0e3904a02cb97dec493e204a849ae51389df6fbe4695cd5c0966a4d5e20b98ae778d3ddd4e102b0d3ce385141d42df42872eb0431a367db83a87 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{04684D41-28EC-11EF-9891-EEF45767FDFF} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a0aa79c9dce5f548ad9c3c71c71ea21800000000020000000000106600000001000020000000308c02e2fb3470ada4a69c6888f0edc5d3d8eb3055e8afea280163ba3a0b3a26000000000e800000000200002000000075a7287c3f60f9594e81cdcba7bc83d814277771bd06065d20fc6d057c92056f200000005cfe080e85d96965540ce7f33810fb61a822682ba206cd98b76e707ab1554c81400000003c0a5cced5291bba90882cd7274dfb0f12c5cb3602a1bb85b7d0fcf237a475bb4612204a14481780e67fb3c92d3b1b68e9e1c0297dbeec6741157106450085b0 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2080 wrote to memory of 2884 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2080 wrote to memory of 2884 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2080 wrote to memory of 2884 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2080 wrote to memory of 2884 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1d027ccb2ab05e7d670e41eb040e078_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2080 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | img1.blogblog.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| GB | 142.250.200.10:80 | ajax.googleapis.com | tcp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| GB | 142.250.178.9:443 | img1.blogblog.com | tcp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| BE | 104.68.81.91:80 | s7.addthis.com | tcp |
| BE | 104.68.81.91:80 | s7.addthis.com | tcp |
| GB | 142.250.178.9:443 | img1.blogblog.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.178.9:443 | img1.blogblog.com | tcp |
| GB | 142.250.200.10:80 | ajax.googleapis.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| US | 151.101.2.137:80 | code.jquery.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| US | 151.101.2.137:80 | code.jquery.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.178.9:443 | img1.blogblog.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.178.9:443 | img1.blogblog.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | player.tnaflix.com | udp |
| NL | 77.247.179.166:80 | player.tnaflix.com | tcp |
| NL | 77.247.179.166:80 | player.tnaflix.com | tcp |
| NL | 77.247.179.166:443 | player.tnaflix.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | www.cebr.info | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.213.3:443 | ssl.gstatic.com | tcp |
| GB | 216.58.213.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| NL | 77.247.179.166:443 | player.tnaflix.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| NL | 77.247.179.166:443 | player.tnaflix.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| NL | 77.247.179.166:443 | player.tnaflix.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| NL | 77.247.179.166:443 | player.tnaflix.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| NL | 77.247.179.166:443 | player.tnaflix.com | tcp |
| NL | 77.247.179.166:443 | player.tnaflix.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| NL | 77.247.179.166:443 | player.tnaflix.com | tcp |
| NL | 77.247.179.166:443 | player.tnaflix.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| NL | 77.247.179.166:443 | player.tnaflix.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 34eef3c9cfd264ab7a5cffdc3d4c6088 |
| SHA1 | 722e61aa2a50118b8060a0a5bb662ae3fa912d35 |
| SHA256 | 2409f0b85c740544aebc2d5e2dd1e21eb153a9514c88812a24221d7fee718a02 |
| SHA512 | 43fec42825775f6902dde69af302c62e82f0e2eeb3e9ed5f638f55e52a84848b1215b4f5d0167e9e171e497be8bf00a190f1f0312a9110f987bd8a984de867f7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 660b6e28b38ebe7e521064e60113fffc |
| SHA1 | f2c25e9f931876bf6834191ec5b409f47f869129 |
| SHA256 | 3e203426c4aa1403e940966905320c612ce4006cc87e03eb64058eaf6d402433 |
| SHA512 | 96868e652d5e0c25b4d0f0ada20d345115f0c6fda26d3cab724c0c1867386d2dcedc408c51f776b7e019ce2e22755017d99bf663cdd9fd0d88b26182c6434bcc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\Local\Temp\Cab2ADA.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar2C09.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\platform_gapi.iframes.style.common[1].js
| MD5 | 682c26af19b240f98d2cb951721fa54d |
| SHA1 | 18e58b652c7f82a55ab4b1910693686049e25d62 |
| SHA256 | 96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980 |
| SHA512 | 078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\cb=gapi[1].js
| MD5 | f9255a0dec7524a9a3e867a9f878a68b |
| SHA1 | 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b |
| SHA256 | d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d |
| SHA512 | d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6310e550c388bb879487c552eb15496d |
| SHA1 | abb617035a9cf96f6bc32193e461a651e2c77a76 |
| SHA256 | 5ade9ec93625129f2897856f75ca52565755cc1e6c7752ee1f2cefe3de9d3cc1 |
| SHA512 | b147356f53b238e97cdab5134dd5adc9cfb24397c3a8e4dd15e230025380932e6d2f517fac7d5f7043f6b9d6057292dca35f6582451ee2eec67edd4135303e54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 50abc02c57161d70603165926e7817a6 |
| SHA1 | 6d74faaf77e97cf98195958a25449b6c63840011 |
| SHA256 | 4d598e424d146dec5a2b274c8381666063d397495ce15847e3483bd5fc58ec0d |
| SHA512 | a2488251147c96b314d7ea5603c702de2a999cc75aea9dabcc690d279172fca1da6f43b5fd4be2b92396046e569b738445aa9957b932a1f4eb741e4be9585e04 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 15751cf97a0a1a7a94fe77923bbcc539 |
| SHA1 | eb9b7849090f687af64bfe7df89d6c4f8e2ecd10 |
| SHA256 | 287b600798be6a52e42d373104d1910002fdfcbd054f246286d561300198196d |
| SHA512 | d6155e87fbfb248043f868e6eb8b41fa97c42b685015444bd7b7dd9120d58dd543cf00a403e9c276461a8282f72147b049bb1420048a5b3a3534f0c4eef1a26e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c8128e4c6856262960d8b64d139f2ffc |
| SHA1 | 7cda286845eeaa4bdeac6a39b3810a47c430f262 |
| SHA256 | a8a3438f8590ce251b22905b7c9b185fd33e33c07116a8dfc4b52c30e118f60f |
| SHA512 | a6563c32048dd7894090372ca61997e6c981d89c471157f088cc2a087f288b480fa583b35f675290a1fb62d001a3080a2dff528d262a68ef5be5157d48bd7098 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6d6df6283dbb86804894b5dc33ade073 |
| SHA1 | 0c97d78efba7e9dd85a7176e6e8a5d5bcccb68fd |
| SHA256 | 10bf61db43c845c8b9a49991e3f8a40eb4568998cd2780d67a45f84e1e98a68f |
| SHA512 | 563330173616fda7030df9ef79fcdc94ba3d50e4a127cad4a7620f6fd90efa9b0642b5636aa9b26fadcc9dd1e34d64eebd5c423e699e9f80b440dce97ee0ac39 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ca350f7052ff2cdfe09c52e22494e295 |
| SHA1 | 360eff01f56d08ffa017ef079f5402ec68ac85a1 |
| SHA256 | fdf4dedbd4b47d0c668c6758a776dcd4033fe4ef89f726351d2bbf338bef7cc1 |
| SHA512 | 1a131f9725da28d4887995c365139af2ab13fa023826414b9065a3f3c7eed9b5f7ce35f696563ba6b430a7be870b02a9861f586cbad30668130a2ccc5e92c67f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4ae2b05cc84af098b578508ec0e5ab12 |
| SHA1 | 79ba13d07bdb19ea447c4a2a146d7f159b2f1d2a |
| SHA256 | f1103c73b33fb3d38100548b3bd29905e251adb251db51d03cac0a7ae3446e62 |
| SHA512 | 261f36b90b2c9df68046f4f8d440d1711582123b4b0d8c37466bc933795cad13c5a7bc01993dea738a2f9674529cda931bb6d541759670c7768572ec2f5c87af |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6dc638ce8840f725f5dd129e1c638d12 |
| SHA1 | d5527317ae7bc5fb071f294a8090526dc105629e |
| SHA256 | c125e0602216bea5c8d64be38f38f1bc7973f751db19a8457635e7e44ffd0e36 |
| SHA512 | 81ef38dd6f7ae8b09ac12442b0e8854cfedb2900c3b2a4b543a41ed7996fc74d7e2dc171b7b67ff334ca6f771113e593dcc156b61df4b9de5c76ef265263d08e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\jquery-ui.min[1].js
| MD5 | e436a692a06f26c45eca6061e44095ea |
| SHA1 | f9a30c981cb03c5bfa2ecad82bd2e450e8b9491b |
| SHA256 | 7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040 |
| SHA512 | 1b09a98336cbc0c8ff0f535a457a3db3cd3902e4a724bb2e56563648ed1a36201dd84e63f45dcea80bb6edfe80a17db388379417386dec76341fb9eadbafa88c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\2049701504-widget_css_bundle[1].css
| MD5 | 4cd480424dfd14a2f1e65536603ce132 |
| SHA1 | b0413dffd38285af1fa71863ab959df2c034e4ba |
| SHA256 | a5159b95466b34f608aec831b8b44a03f9a006411f38ae8627e8454af145ac5f |
| SHA512 | 8d61971006fe8926d3eef491a2d8d7c9523c99e35c54034859f3a7b83b367c116e254296166446bf907e8f313dc63a23c60cb822ca325994729fd493ac0aa4b2 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\relatedimg[1].htm
| MD5 | e89f75f918dbdcee28604d4e09dd71d7 |
| SHA1 | f9d9055e9878723a12063b47d4a1a5f58c3eb1e9 |
| SHA256 | 6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023 |
| SHA512 | 8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\jquery-2.1.1[1].js
| MD5 | 7403060950f4a13be3b3dfde0490ee05 |
| SHA1 | 8d55aabf2b76486cc311fdc553a3613cad46aa3f |
| SHA256 | 140ff438eaaede046f1ceba27579d16dc980595709391873fa9bf74d7dbe53ac |
| SHA512 | ee8d83b5a07a12e0308ceca7f3abf84041d014d0572748ec967e64af79af6f123b6c2335cf5a68b5551cc28042b7828d010870ed54a69c80e9e843a1c4d233cf |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\592886021-comment_from_post_iframe[1].js
| MD5 | 5e4e10b9cb689b8f010f580a348f46fb |
| SHA1 | 222efd92a3217d33036aa242dc080dde397ef88e |
| SHA256 | 482814859d6573f7ff8c20c7faad5139568d116df1ee9558cdd094db2535b15c |
| SHA512 | ae117950571186ec560ad581af1118371c1bf4a756fae1e76bc088ae9df8fa76d085e60995388f60a68870ae5d3c9fd99847f53c4fa5e02de15a97b326f982a7 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\cb=gapi[2].js
| MD5 | 59e7715983f1a5c4cdde2c76b015e21e |
| SHA1 | 0c9035da67e550e458c053e562f3781e0520e182 |
| SHA256 | 85454302a9280ba5160a95772914c07adda5b464d74a354f13540f9ad5127aec |
| SHA512 | 449d9ea80695a0c96d501b7d5a98328eabca18576770572b472fac7553723bcc4d55561f980f6bd4abb7d173a8d5525ea1abce92fd794c92ae36edd2aa12e522 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\cb=gapi[1].js
| MD5 | ff1291a6a1697c1c00613cb070706bc7 |
| SHA1 | b09c47ccd1f16f3fb38885d3ebf53f67125a582d |
| SHA256 | 261a426757dd5ad87132211a65acdfdf30d9512f3f65fba35b6ef849b9126cfe |
| SHA512 | 201bdd3b8189f4c9a5640c3e183e4e70c030c55005eea552524da535721fd77f91193a07c0e86fc9412d051508c18a2352e2532aeb30b9fa44c249decb628b22 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\3604799710-postmessagerelay[1].js
| MD5 | 40aaadf2a7451d276b940cddefb2d0ed |
| SHA1 | b2fc8129a4f5e5a0c8cb631218f40a4230444d9e |
| SHA256 | 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2 |
| SHA512 | 6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\rpc_shindig_random[1].js
| MD5 | 6a90a8e611705b6e5953757cc549ce8c |
| SHA1 | 3e7416db7afe4cfdf3980daba308df560b4bede6 |
| SHA256 | 51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679 |
| SHA512 | 583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ce8a59791e94fec9ce0639d53aad26a0 |
| SHA1 | 3d89c80d73585cd735e2af54fb134e7cbaf013bf |
| SHA256 | fdb89ccfd0dbe2cc196675e1288970df9e7bd5ff8f69c079db36b2385e59dfc4 |
| SHA512 | abfe59f1a5b7bc7a590da8591cbae6f7d588b5682aec92e8ebf4fe8b11d006a235b9b31c24bf95897de629cef3442f1a948b55a757ac7bdd46ad0cdd23710ab7 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\2621646369-cmtfp[1].css
| MD5 | 9f212334462c2e699353dc8988690a19 |
| SHA1 | 2e25d1abe33ec5ebf10e0a6b055e38c9671802a2 |
| SHA256 | 2529a8451bea93302e41dc0fad03f7550094f4ef5ec4f3800f28c2639d5e2789 |
| SHA512 | 58e906a50f8b654e79b242f1323dcb08773937f723d01caca4f675ce2091eb20caf2fce23a7a15443fa4a6643716662304d83b95ac7b7b64d588168b47ce9407 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\1697667608-cmt[1].js
| MD5 | d4d9a872c9031d789fc9951419cba3a9 |
| SHA1 | 9a236e6c92b592176aa891bab0ed122d11aa377d |
| SHA256 | 98379f53e644e9556207599ef2cca7a36b6cfdb9fb6420ee49c421fabf5b8db9 |
| SHA512 | 1007a7f59c0cd8324fa3cda10983a97886abd7c343b3d284d89af64ec5bf62f9d0e514d2f673c71af5500401574a73a54661b77814b44d6504637092c50cc792 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\uzLmB-hD-fj2VMQZKsG8SEy_6Kb5a8vndyfTSmYVJek[1].js
| MD5 | 4f672a598d5c99cbac05add32e1539c3 |
| SHA1 | b04c7d9a7a77f688571600c24af05e2ea9db924a |
| SHA256 | bb32e607e843f9f8f654c4192ac1bc484cbfe8a6f96bcbe77727d34a661525e9 |
| SHA512 | a3136e7f49fa2ce1bfbd18a405866806c09e7b412dcec5c82d0e3cf532633cf41137b9db9c755363cc617e782afe45dc338c80773519a6b06ea2fa98d56ccdea |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 5e1db718821c185d8d8d1757a34acf0b |
| SHA1 | 144e1a3329c5b1b07d931dd7e06dd126f22c5979 |
| SHA256 | 55d7ea323648bea4b0aa79e18c1fe0d11be024b469570ba28c2e4f4dc8e481db |
| SHA512 | 7156fe4cc8efbd8972cb2fa4dac5f79d2465382acdaefa2ea2198bda492bd3ddb1c907597b61631c3def189ffc038053e0160b8a7b01a241084322a3ff0cc551 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 75ea0f798504d6b2621e7e9d14eac88b |
| SHA1 | d353d67319e2aa4a89a5aa4ef07ef27c15aaf592 |
| SHA256 | db7e1a5d7c222adb52f6b3e9909f81fa07af70766e3006d835de9f33051410cd |
| SHA512 | 484bfc52d3a04d470d9a33d1ee4ab93006679c1df94e8b3657d0a0d7baf881d172ffbb9e201803eef1f38cd8ac0ed676ab7892bf148324d9b91baec6d5f7626c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dc7d888942907979aaeb26bacda60656 |
| SHA1 | 01fd3aff2ada077c8f53c795e6fbb660c4658ef8 |
| SHA256 | 7ebb0b202c64aa49427206565680f390d7ff749a39b5178cb979f0247b18f5e3 |
| SHA512 | e8bc4af46a92e4e58f946b48c652e47a4dc09ac15fd8c4126bc1b181622f01165e83d67b16ae78c10c6db619f70d120fd21c11c9fc9d4305f6f4f6087ff9b76b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 522f177891edbe5744cd9f574cc941c6 |
| SHA1 | 25bc30e4ce4c029f311eef20bf79484f49e90c50 |
| SHA256 | 0c7baf73c2b1fb99e63ec4c3ea56373e104fb5e1adc536d5b658cb61f285d6d5 |
| SHA512 | b1311bd3c4d7bc1b3f2b4263efdf8439661d60d59c4ee2a35781175f51d63217edc79921b74c7808b17f98dd6191684ea234b06542bda2a90eb6a2b7d71ef9f8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7c3e3dc7354f6a21dc60247cd39c4e46 |
| SHA1 | 475989843ea9155a12e7a3d3e88122886d46b48b |
| SHA256 | 36135c579a74f8f5d939c506cb6b38afcec793ee1503c7ed13ffdfd907c537ff |
| SHA512 | 42d09c540df2f5a69207772b9225bb385a6ff012cfb5b875ae673c40756986d802f9ad10cfde7490d1e2fc68ad4168c32e8ebb36cee2131e9bbd715afb407363 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 28ec0ebb79f39b62251a844c6085ed29 |
| SHA1 | 5bc40508ef2481acc31fb9b9e882087d4b4e962a |
| SHA256 | dbb4e67281f5b04a6606ed45942cfd0134a837aaa7f8d2fae97d0793467990e3 |
| SHA512 | ac693e591dc80c13ddd19854c652644b96de62ccc5c29bb1e0dc07ea64f848601fee69e214515e5b6f41b4cfbabcca75f075cd9312075b0cac9f024644b14184 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 51b6599b36f349b0719e9a9fbdbb0c31 |
| SHA1 | 73c4ed64807a9686bb531de0b572d908f082396d |
| SHA256 | 6fbe916720dd0cb78b39cda76b1075fb093650df6e29cabf8706c47f77179f0e |
| SHA512 | 2b9d552f20fbc890814a718b8d64c1e7a15ebeb5a09e2cfea3863f0485295ebe30a1104f703f4c8ed3a9005a5480aba227a35bba4173701e8d23ad7d2e3735ba |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eb0976426a41c0cd2458b5c0cec83e17 |
| SHA1 | 1af3a84e7293b30eb6c2eb377b7ef032d811cbf2 |
| SHA256 | 0fa5a72c024f4456729e06db6dabf1cdecb21fdcdc9dfa250d5ba17ce4c5aa6e |
| SHA512 | 7caaa3bef952d62d2edf73e49d6c0b5f0b58a41859184ee12ac89cc4ad3cdd51224da5b8dd1f414c156a2ec0e9475b30954ea6586738b8601f26f9bf38cdd75e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 3a149888a4625991d12dd3abe53b417f |
| SHA1 | f7eac5e316658917fac3ad70f8ab813d950c24d6 |
| SHA256 | 14e959a1ff612616f8340176af13de413bcf7a743943475388e495947a9d0599 |
| SHA512 | 72d982b82c576dbfc9cc706a2728adc459c7522339dfc4d445931e1fc6a174d0492ff59a8c8f9cf9da886a0e098ff74d217a9288b5129dc73241c70a77b03adc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d44f5483fcc2790ccdb227a12955e061 |
| SHA1 | 9c14921a8e0d3142983cc3c456baadb4c25abda0 |
| SHA256 | 387e8b65f90c4078f6aef7da936def40f24278af76e5db2b6119fb92717ceef7 |
| SHA512 | ba79066374fd81d106068b39a504287ac9c31121b0ea01817c49e430e2cb868ea8e5b0611cb40b890cc4a066689f5c08b17d5a400a7417f85e4877cd4ebaf4b4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8d005177aeed9fc0e490199c19c673ec |
| SHA1 | 0ce51b56f7955eda452bd22edf004d1211c19437 |
| SHA256 | 32c1b3bf6a54e05543fa8a07b498e48b3334e90ed03cbe808007f037acd44f4d |
| SHA512 | e8d6a1158b36c644ecf8c71de97bf6273544af01049cc6ee3cf50783cb860a685615b416b897baf6f11e188c613897cbe361a4f773f1b071b6b43e29fd2ede04 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3e08493a8bdac0417eb4be4cd9e13249 |
| SHA1 | db56eba549c8aac2be73e16788c113b5b557a9fd |
| SHA256 | 7326d2a6100d28fec2566c7ea842d3e3ffb7690db03b01786974c17fc2f04b13 |
| SHA512 | eaeae4ff8fb46b3dcc71233b1411de2a4795d71004fd539fff4d9371c33fa4def958c111c79affb57462129a4785103173bed83e246486f82b1571fb6e2bd76f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\62159[1].htm
| MD5 | 84855c13836b389d5ec7cfd4c9266173 |
| SHA1 | 1cf3056ff23c4176fd7ca9816a000ed461d6d323 |
| SHA256 | 502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae |
| SHA512 | 2479112004884d42d4ffe1174dc358c5d1b0fa2b41641d32f2fb67539c4f834d63cfbbf7e98c63b9a64e49b26390c410bb7e50f1ad4a755f32d081367af05fcb |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\fastbutton[1].htm
| MD5 | 4df07581948280a6e769a24c5d99d775 |
| SHA1 | 843a2c95362347eb8894a6acb607f139be65ded4 |
| SHA256 | 3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73 |
| SHA512 | bfe455150379d9ec4303659ac16a5082e093ed248fa9d75276bda05287d8bd51c43aab5896826ca55ffee88dce281df359fed6d38395ac3e7cdb7b68c2d35e4a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7a429901f80bb3c4395f3f109adb3982 |
| SHA1 | 1aef4fb93cc6588e3fb1120ca6a5470c374006a7 |
| SHA256 | dfe372603a5d8fe8291760a3d8a74638e2ed9acb42a3ccb7dfbeea36070b5c69 |
| SHA512 | c6984cafee43ed0fb66c22b57195d9646aba52be762b4950e775824ffb5a4811b7d44d5f1fd0e2e70c2ffc88318115f95482c6458fb70d93841d457c32034c9a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\navbar[1].htm
| MD5 | 50e63e91eb56953075228cbf934c6ba4 |
| SHA1 | ea8ceb5ac0c236a9ae8dc3d4f6ed258a93477abe |
| SHA256 | ef4912a3e9403178cd488394c36224b55659fdad30ce4ba6c870247ae7a201fd |
| SHA512 | 6cadbed78b1726102033a1fae1e6a46fc5f91598410b533baa0a32ea76d7f473fff718437c0ec5775793e0db2597fdcbe7edbb4e219dc4c29d031dd1b018f863 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\DKG63DI2.htm
| MD5 | 211a6b2e4e6cd50f5035ee8fd9763172 |
| SHA1 | 62e7007ed4adb7b805966661f1c3065fc0c473d1 |
| SHA256 | a7f9f10190b948cbe9d630eb092768834c322899fe26859c55aaeb1e5aa04773 |
| SHA512 | a1494755cad357640ab05cd1d0c0278e7af3b22e5ebdabf711f1e01104c8465a3eaffb570913064cbeb891be274cad65f35e36682cd91c35ba229b464370b5fe |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\errorPageStrings[1]
| MD5 | e3e4a98353f119b80b323302f26b78fa |
| SHA1 | 20ee35a370cdd3a8a7d04b506410300fd0a6a864 |
| SHA256 | 9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66 |
| SHA512 | d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\httpErrorPagesScripts[2]
| MD5 | 3f57b781cb3ef114dd0b665151571b7b |
| SHA1 | ce6a63f996df3a1cccb81720e21204b825e0238c |
| SHA256 | 46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad |
| SHA512 | 8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\1[1].JPG
| MD5 | 70ec9195053c7e3cf8ec98b78c4e0c78 |
| SHA1 | 6e7e3c86b6f94704944f9c1b21658127d8aa73ca |
| SHA256 | c629b2bee39a4532c353935d516e0138252ffe54a7b1c7cd7e27bfb36781d74b |
| SHA512 | 133c86b59a4b2cc28da45ccd7c6268d043aa8d950a089eeb4922a132a89eb06894bae3cb31524f32f730c24680bcbc0c538e01bc76fe12af5a4a5d8d08f4793d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\Idool[1].jpg
| MD5 | e57924d189e7747924e2ececadf5d91f |
| SHA1 | 9304d20b2381bfaf974b1712a58aa03ee76b4816 |
| SHA256 | ff99bb4813e541fa6b09c95e1a99ef8da29ae4fb16b0eec50299f53455026063 |
| SHA512 | 84a8fee1de19cbf36895a4b55b7c4e56a655be4f42bb276135316c49af30f363dedbefdfa50a3e2f3ede1899e1c4aa9049b7da3b84046b222b9246cba80ebcdb |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\icon18_wrench_allbkg[1].png
| MD5 | f617effe6d96c15acfea8b2e8aae551f |
| SHA1 | 6d676af11ad2e84b620cce4d5992b657cb2d8ab6 |
| SHA256 | d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b |
| SHA512 | 3189a6281ad065848afc700a47bea885cd3905dae11ccb28b88c81d3b28f73f4dfa2d5d1883bb9325dc7729a32aa29b7d1181ae5752df00f6931624b50571986 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\batas[1].gif
| MD5 | 5b5bc61d7b5c90d91dd6a9e681481e2f |
| SHA1 | 773779311ddb80233f5700f60e4b675f96c9c0f3 |
| SHA256 | dbe40fa96687ac16e7d79ce7d0cada9b5fbda6a3021a79c0681e8396211c04a0 |
| SHA512 | e3d8144000a16673bd6f2a7bf9c2385047aae4f1aecaeacb32a505c6964a701b7dacfeb91f5e446f2630e2e670b66eaff98fa7de53132f6156487f640b8e896b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\share_buttons_20_3[1].png
| MD5 | ad9999106d5f550920b586e8e1704e5a |
| SHA1 | 93fd02c51166402a41f96509cd0ca3fb917877dd |
| SHA256 | 3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3 |
| SHA512 | de6552632f76a64c26fc0f27cce741fbb383d60c62a4999a79023d3207b0fab754cc975b4988b3f65ce481791c434d18d427ce3d98d7838ad0ed05a1d8125519 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\arrow_right[1].gif
| MD5 | 4f97031eaa2c107d45635065b8105dbb |
| SHA1 | 42bda037423c40045f7852bdace0e657dd94ecbf |
| SHA256 | fb57165d255438328c270b4fd85a6873c65f61a6ba64eedcd2dbade61386edf4 |
| SHA512 | cee33327bc5f5f34aa392ab2ba3df755348f1279ec10cf18da4119f3a5884b5a4304228b8c0fa2d35b81ed166874efebaba1503d5685cd089ba5a4e86898b99d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\arrow_down[1].gif
| MD5 | 3b2441ef107848e00feb754f18dfe880 |
| SHA1 | 8098172ecdec9b8554172f028e91c7a30352bfde |
| SHA256 | ebe34389aa08d8f4494fc8c0c7e8a90029e7092d9b857ca635fa493999716675 |
| SHA512 | 6bd089121f9d60150ce194805e48ddca7e05337eda40413f0f7a9a4a7eb51ffb69ad04d1045b3a8bf9704c7e7bf6606703f1ccc431ad2f734fa4b3eff0072e54 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\mas-icons[1].png
| MD5 | f1d1d5333a3a267d6f8a93391b8a59cf |
| SHA1 | de8e10b4ed6e79ac6af6048e0ffd2b1578a6cb0e |
| SHA256 | d45b8c80dabfbb5bf5d14bfd232b35231dacc7ba6e93631557812eb99d852886 |
| SHA512 | f4bc7130406520e996796187c85d02bc05d52f7e66a85ebc0dfe03deb0c2ab176be791108c0f88d6cd19a305ca4714de53e2d3501556c8a952a056231f5466aa |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\blank[1].gif
| MD5 | 325472601571f31e1bf00674c368d335 |
| SHA1 | 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a |
| SHA256 | b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b |
| SHA512 | 717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\forbidframing[1]
| MD5 | 5cd4ca3d0f819a2f671983a0692c6ddd |
| SHA1 | bbd2807010e5ba10f26da2bfa0123944d9521c53 |
| SHA256 | 916e48d15e96253e73408f0c85925463f3ee6da0c5600cb42dba50545c50133b |
| SHA512 | 4420b522cbe8931bba82b4b6f7e78737f3bb98fc61496826acb69cfff266d1ac911b84cb0aeeadd05bd893a5d85d52d51777ed3f62512c4786593689bf2df7f0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\ErrorPageTemplate[1]
| MD5 | f4fe1cb77e758e1ba56b8a8ec20417c5 |
| SHA1 | f4eda06901edb98633a686b11d02f4925f827bf0 |
| SHA256 | 8d018639281b33da8eb3ce0b21d11e1d414e59024c3689f92be8904eb5779b5f |
| SHA512 | 62514ab345b6648c5442200a8e9530dfb88a0355e262069e0a694289c39a4a1c06c6143e5961074bfac219949102a416c09733f24e8468984b96843dc222b436 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\red_x[1]
| MD5 | 5f3c13a459a72438e42b2289c7af2034 |
| SHA1 | f43551be102cd1eb0b2e87dc24f980720194a56b |
| SHA256 | a7a63ca1370cd6fc3470fa81bb1dcb21bce31b0048a36e5bce8914eeb88daab1 |
| SHA512 | 14e82e281dc91ed57eab780279d167413185db3fa7be49fbdb4942888e7f4e30b1a0536b269258fb8c3975bcf2bc189b51aac4f70bf44887bc17506df6ecb507 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\bullet[1]
| MD5 | 26f971d87ca00e23bd2d064524aef838 |
| SHA1 | 7440beff2f4f8fabc9315608a13bf26cabad27d9 |
| SHA256 | 1d8e5fd3c1fd384c0a7507e7283c7fe8f65015e521b84569132a7eabedc9d41d |
| SHA512 | c62eb51be301bb96c80539d66a73cd17ca2021d5d816233853a37db72e04050271e581cc99652f3d8469b390003ca6c62dad2a9d57164c620b7777ae99aa1b15 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\background_gradient[1]
| MD5 | 20f0110ed5e4e0d5384a496e4880139b |
| SHA1 | 51f5fc61d8bf19100df0f8aadaa57fcd9c086255 |
| SHA256 | 1471693be91e53c2640fe7baeecbc624530b088444222d93f2815dfce1865d5b |
| SHA512 | 5f52c117e346111d99d3b642926139178a80b9ec03147c00e27f07aab47fe38e9319fe983444f3e0e36def1e86dd7c56c25e44b14efdc3f13b45ededa064db5a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\sslnavcancel[1]
| MD5 | 7045df0a1c24e7aa975fbdea55f3efb6 |
| SHA1 | 3e32770173913f12a4a5e808af8db02594ab63ab |
| SHA256 | 7791b6b3a3fdd539fd7730ae0c64843a657b30ffda9a00b9de8c36d28fc65135 |
| SHA512 | 3e551d32ecc095c6fdbcfa6000981193a20949c9da0306ab0127aaf4bbb8a07643c96058ef5919ee5940630812abec80a9501d36550ebb72475ff0adbfd70bf7 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\dnserrordiagoff[1]
| MD5 | 47f581b112d58eda23ea8b2e08cf0ff0 |
| SHA1 | 6ec1df5eaec1439573aef0fb96dabfc953305e5b |
| SHA256 | b1c947d00db5fce43314c56c663dbeae0ffa13407c9c16225c17ccefc3afa928 |
| SHA512 | 187383eef3d646091e9f68eff680a11c7947b3d9b54a78cc6de4a04629d7037e9c97673ac054a6f1cf591235c110ca181a6b69ecba0e5032168f56f4486fff92 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\NewErrorPageTemplate[1]
| MD5 | cdf81e591d9cbfb47a7f97a2bcdb70b9 |
| SHA1 | 8f12010dfaacdecad77b70a3e781c707cf328496 |
| SHA256 | 204d95c6fb161368c795bb63e538fe0b11f9e406494bb5758b3b0d60c5f651bd |
| SHA512 | 977dcc2c6488acaf0e5970cef1a7a72c9f9dc6bb82da54f057e0853c8e939e4ab01b163eb7a5058e093a8bc44ecad9d06880fdc883e67e28ac67fee4d070a4cc |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 18:46
Reported
2024-06-12 18:48
Platform
win10v2004-20240226-en
Max time kernel
145s
Max time network
153s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a1d027ccb2ab05e7d670e41eb040e078_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3260 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=3280 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4860 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5500 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5928 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=4564 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=6076 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6168 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=6308 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6864 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=6788 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 51.11.108.188:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| GB | 51.11.108.188:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 2.20.12.87:443 | bzib.nelreports.net | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 2.21.189.233:443 | www.microsoft.com | tcp |
| US | 151.101.194.137:80 | code.jquery.com | tcp |
| GB | 142.250.178.10:80 | ajax.googleapis.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| BE | 104.68.81.91:80 | s7.addthis.com | tcp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | 87.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| BE | 104.68.81.91:443 | s7.addthis.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | player.tnaflix.com | udp |
| US | 8.8.8.8:53 | player.tnaflix.com | udp |
| US | 8.8.8.8:53 | player.tnaflix.com | udp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 3.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| NL | 77.247.179.166:80 | player.tnaflix.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | player.tnaflix.com | udp |
| US | 8.8.8.8:53 | player.tnaflix.com | udp |
| US | 8.8.8.8:53 | player.tnaflix.com | udp |
| NL | 77.247.179.166:443 | player.tnaflix.com | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | img1.blogblog.com | udp |
| US | 8.8.8.8:53 | img1.blogblog.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| GB | 142.250.178.9:443 | img1.blogblog.com | tcp |
| GB | 142.250.178.9:443 | img1.blogblog.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.178.9:443 | img1.blogblog.com | tcp |
| US | 8.8.8.8:53 | www.cebr.info | udp |
| US | 8.8.8.8:53 | www.cebr.info | udp |
| US | 8.8.8.8:53 | www.cebr.info | udp |
| GB | 172.217.16.238:443 | apis.google.com | udp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | www.cebr.info | udp |
| GB | 142.250.200.2:445 | pagead2.googlesyndication.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 233.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.81.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.169.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.179.247.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.16.238:443 | apis.google.com | udp |
| GB | 216.58.213.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | img.tnastatic.com | udp |
| US | 8.8.8.8:53 | img.tnastatic.com | udp |
| NL | 185.59.222.20:443 | img.tnastatic.com | tcp |
| NL | 185.59.222.20:443 | img.tnastatic.com | tcp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.222.59.185.in-addr.arpa | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | twinrdsrv.com | udp |
| US | 8.8.8.8:53 | cdn-fck.tnaflix.com | udp |
| US | 8.8.8.8:53 | cdn-fck.tnaflix.com | udp |
| US | 172.66.43.59:443 | twinrdsrv.com | udp |
| NL | 77.247.183.69:443 | cdn-fck.tnaflix.com | tcp |
| US | 8.8.8.8:53 | cacerts.geotrust.com | udp |
| US | 8.8.8.8:53 | cacerts.geotrust.com | udp |
| SE | 192.229.221.95:80 | cacerts.geotrust.com | tcp |
| US | 8.8.8.8:53 | m3.twinredads.com | udp |
| US | 8.8.8.8:53 | m3.twinredads.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 195.181.164.21:443 | m3.twinredads.com | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | img.tnaflix.com | udp |
| US | 8.8.8.8:53 | img.tnaflix.com | udp |
| NL | 185.59.222.20:443 | img.tnaflix.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| US | 8.8.8.8:53 | 59.43.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.183.247.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.164.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| GB | 216.58.204.66:139 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| GB | 96.16.110.114:80 | tcp | |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.42.65.92:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 92.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:445 | www.google.com | tcp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 13.107.253.64:443 | tcp | |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 23.62.61.89:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 89.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 219.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | player.tnaflix.com | udp |
| US | 8.8.8.8:53 | img1.blogblog.com | udp |
| US | 8.8.8.8:53 | img1.blogblog.com | udp |
| US | 8.8.8.8:53 | player.tnaflix.com | udp |
| GB | 142.250.178.9:443 | img1.blogblog.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | www.cebr.info | udp |
| US | 8.8.8.8:53 | www.cebr.info | udp |
| US | 8.8.8.8:53 | www.cebr.info | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | www.cebr.info | udp |
| GB | 142.250.200.2:445 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | img.tnastatic.com | udp |
| US | 8.8.8.8:53 | img.tnastatic.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| NL | 77.247.183.69:443 | cdn-fck.tnaflix.com | tcp |
| US | 172.66.43.59:443 | twinrdsrv.com | udp |
| US | 172.66.43.59:443 | twinrdsrv.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | wmptpr.com | udp |
| US | 8.8.8.8:53 | wmptpr.com | udp |
| LU | 93.93.51.189:443 | wmptpr.com | tcp |
| US | 8.8.8.8:53 | galleryn2.vcmdiawe.com | udp |
| US | 8.8.8.8:53 | galleryn2.vcmdiawe.com | udp |
| LU | 93.93.51.190:443 | galleryn2.vcmdiawe.com | tcp |
| US | 8.8.8.8:53 | 189.51.93.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.51.93.93.in-addr.arpa | udp |
| GB | 142.250.200.2:139 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| GB | 142.250.187.196:445 | www.google.com | tcp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 142.250.200.42:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| NL | 23.62.61.72:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 72.61.62.23.in-addr.arpa | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 205.201.50.20.in-addr.arpa | udp |