Analysis Overview
SHA256
ada110c7f8aedf9a272a72cd4fdbe55f04ad80d25cf16dbbce6470b4cea1df36
Threat Level: No (potentially) malicious behavior was detected
The file a6a9c4892f53bdd58934624507d78861_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 21:32
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 21:32
Reported
2024-06-13 21:34
Platform
win7-20240611-en
Max time kernel
127s
Max time network
140s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424476209" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{6AC42F61-29CC-11EF-A381-7EE57A38E3C7} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006fb3d087c4ee9c4bb22550fd83a03905000000000200000000001066000000010000200000001f6dc3b34ea80530c6d8240a72120d2eef38b65af5a1e9823af1aecec17ee99d000000000e80000000020000200000004ca37facfbfd795479713d6bbe65e7bfb4e7ccb16a39c8f780dcea7ed32e950120000000dae74f6348c6d33a4561772c51acfea7694e1b9da78ae25dfbe9e3b3d8c8ba5040000000eadca081b631314b4584ba24472f4c6c8cee7036c6252e9b0e4a449c6483187f6398e03708bc61a778fd0a09e8fb85d0437c86c1c19e62837681dc38e01a0083 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006fb3d087c4ee9c4bb22550fd83a039050000000002000000000010660000000100002000000073e0d46f6e4f3b73f9e722fed3d19e7e05f3c98264b0d231c99e9cf705e07e65000000000e80000000020000200000009af6052258e039c72efd2091c2d3265177e85252417042a2b089e508bf2838a2900000009bf54f5400d6c78b43a540c9e55b906d66a216473bf778086f12bac0847e542217defc96580ebf1c2e21e4370c30216d63dab7c56ca97447475103c2839f51161242293da0918574630a0fbb8b17d6a461c310ebda9fced0cd8b83b3a21f4dd303663a1d44c0441ae9e61185f7b8a59a33860d631637a75a7f0e048fe5e259acaee4de7d31d858f71d6d60e57b1ffa8b40000000fb2ae1d08a7a1f2e94edfd637bcf236f792cbc51667f79bbc75313817590c9c46d3191a1ea069ac42ed6541c5cae8a18f1f85dee94883693ddbd233efb7fef92 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 70e7a543d9bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2788 wrote to memory of 2620 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2788 wrote to memory of 2620 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2788 wrote to memory of 2620 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2788 wrote to memory of 2620 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6a9c4892f53bdd58934624507d78861_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2788 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | w.sharethis.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | feedjit.com | udp |
| US | 8.8.8.8:53 | img2.blogblog.com | udp |
| US | 8.8.8.8:53 | bdv.bidvertiser.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| BG | 18.244.87.45:80 | w.sharethis.com | tcp |
| GB | 216.58.204.74:80 | fonts.googleapis.com | tcp |
| GB | 142.250.178.9:80 | img2.blogblog.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.178.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.178.9:443 | img2.blogblog.com | tcp |
| US | 54.241.51.109:80 | bdv.bidvertiser.com | tcp |
| BG | 18.244.87.45:80 | w.sharethis.com | tcp |
| GB | 142.250.178.9:80 | img2.blogblog.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 216.58.204.74:80 | fonts.googleapis.com | tcp |
| US | 54.241.51.109:80 | bdv.bidvertiser.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.178.9:443 | img2.blogblog.com | tcp |
| GB | 216.58.204.74:80 | fonts.googleapis.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.178.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.178.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.178.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| BG | 18.244.87.45:443 | w.sharethis.com | tcp |
| BG | 18.244.87.45:443 | w.sharethis.com | tcp |
| BG | 18.244.87.45:443 | w.sharethis.com | tcp |
| BG | 18.244.87.45:443 | w.sharethis.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| US | 8.8.8.8:53 | trendwallpaper.com | udp |
| GB | 142.250.180.1:80 | 4.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| GB | 142.250.180.1:80 | 2.bp.blogspot.com | tcp |
| GB | 142.250.180.1:80 | 2.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 157.240.221.35:80 | www.facebook.com | tcp |
| GB | 157.240.221.35:80 | www.facebook.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | divine-music.info | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 76.223.67.189:80 | divine-music.info | tcp |
| US | 76.223.67.189:80 | divine-music.info | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.213.3:443 | ssl.gstatic.com | tcp |
| GB | 216.58.213.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | bf644c90dad16a56065352f2224401fd |
| SHA1 | 9923dff056c636e7e2b2b29934fb9277b964de86 |
| SHA256 | e3b610045f59737e948b5163d5c7dad6e8df447491897a7a6a51383639d10271 |
| SHA512 | 21a8d18a949268518df7cc77e153e51cef74213fcdfb25522348b83ec0daa3a484a05f1b48dc89e405bb559fb9283faf9aef6abd288479a74732060f3c674b85 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | a08991b3b3149042115bebb75a76ccc0 |
| SHA1 | 4f1a11c57b43422713fcb9c7af450a3a547ad11d |
| SHA256 | 827224a17beecdd911e49e0f09ab9665246f781744d1241545d6aefe2e67c788 |
| SHA512 | dc3f8319b0a7ab3e3a37447cdd60b3772bbb5e73cd44e9e58c2ad979dcd68f48f675c8a0a2626e9d3af5d4c664a9dcc52b786b69946236d8f89d12371d987fac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 6558ba5114e14fc59215fb83e0f54ca0 |
| SHA1 | 9c2b7a948835b0351bcdee64f2567276ad098bc5 |
| SHA256 | 375713d122b1699d572bca50584ad6d497b0f7da13f538a8202f1d377d970a5a |
| SHA512 | fceed4068af08ab1bf816e7b8a474a7fc22a93ebbd8fc23687c9906957c625d022ad524fcf0e849b136dc7dc09404a96fe610476500859989ed57fd7041dffed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295
| MD5 | 68108c40d707f51a981c663695a6f3f1 |
| SHA1 | c9babc19feaea2578a5e78341826f1922f2d2312 |
| SHA256 | 914faab32ddeadd4bbb6431ceab83c1ab2b6c2683dc9e9f7887649544f86e042 |
| SHA512 | c5b3f1706fe7ca4e1c70145bc63168c041bdcb5ebc4c091f53a26fa49a85cef213196e383b8ada37e74d5abd855fea93805a371566444159ca1f7fba88c9e928 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295
| MD5 | 9f1eafc97d92e17b9a009b6d397734a7 |
| SHA1 | e8e803a6e7f0c7c9c5d4be71724c81f82f160a96 |
| SHA256 | 0690c5bc044e37ad93117d42e22b2c3df4006ac69924154e4ed4ad12142cf385 |
| SHA512 | ddd20b867d87754383b1ef2983b21fc1113db6134ed0acddbbbdfaa379524bf1b7a2b043737cc322dca82910e1cdb06324dc0eff2285ecb777f84cb24fe5924a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295
| MD5 | 7b1741c1b825eb84417708afe78f926a |
| SHA1 | 038bff19848caada3c89c839eb0772e666e87092 |
| SHA256 | 1e645ef6cde8e774d2958f4e2988ff3470be621f24ce874c929426fdde8a22bf |
| SHA512 | aef01e0fb5a52894b90bba998a9033e14edf4ad2dac1a329a5a13709a9157fde4e6c56cc5504bda373ee2efd1191ede0c4529072910dd8a7550ee16069094da8 |
C:\Users\Admin\AppData\Local\Temp\Tar3B51.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\Local\Temp\Cab3B4F.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 064b101fb6f503ce384d903654101eea |
| SHA1 | 500baaf88be4e088257ba9fce60638fa9dcdfffd |
| SHA256 | 46c052a8fcf0b1453af72ba591afab806fbeea46df4103830f596ca8c60e380d |
| SHA512 | a7b0ddaba34542ca186b4a0c817ce69431ba2cb918ff5e88abc501c8c95796e4a6f4e9eb06d3697ce40f47a70b21ff23063ab10c2e1dacae758417e6b7792050 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cd4165cf3502824cb303a12ef6a8fb6b |
| SHA1 | e751318c0914a2d13144e3e27618e46284430523 |
| SHA256 | af4b86a423c1a4c43a8a9e8a6483f3d8bde5c71eb5d369b9bebb1d72886c7d88 |
| SHA512 | 52eb95d9c54a152b77786904f635f3ae241ab834850ead99c6190095513d246565ac5b8b187fecd88c7f9f3aa4032082bbdae29a101dbb391f80aad44e3fc8b5 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M0DW1CQS\cb=gapi[1].js
| MD5 | 0fe383a7ddb9bbaefc3105b3297f5583 |
| SHA1 | f80c9d789f251909c7560bd91a9e1b9a10c26362 |
| SHA256 | d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683 |
| SHA512 | 31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7812bf194b75650d0918f792c2120b20 |
| SHA1 | af6a1486b1653a5508aef5cbba95552d29cf746b |
| SHA256 | f81bb91b5f42c64e43c74330b302edf7237b8f4775cdf41a35ad27dcb71431e6 |
| SHA512 | c36ae79af1b2202767fcbd3cb7e0ae9a4875afc86dc448875a222dbdc1945792fba5b23c191ebe187b2682e515a088120f304cd9d0ce9254b61c68ee0adf9412 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b7cc8430eb13fb028eff3f721d1b1111 |
| SHA1 | 30edfff488f427690ccfa7d5dcccd027ce898dd2 |
| SHA256 | 121588967cabebe114ac8e72f6fcfe3861b6f20e85eed64c9681993c9d06a2fd |
| SHA512 | 94e0e3968ee809eb18a8c248acb9daed251c6a61a73caa42645e6ff45fa14d08c7ebb44fd1da343332159c1acfb3c96a59df3f638519a013e30123de117df42e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 075b473489f20dd6c88744a5e323bd22 |
| SHA1 | 178b013ce40e793b4a8fb907bb312357d8491d9d |
| SHA256 | 67be610643abe4db283568e781d60436c2cf05f24f8189f7c4dd8632c9789c89 |
| SHA512 | f99a7dc4ee7d9ea03f886f7016de469382c177b5eaca33f2d4bfca0ac2d678e7bd70a018c6f8f22dbcaedb7090781e7e301ce02f317bda345b4f017aa1fc4274 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | af311595253f500237ca9de526d95b52 |
| SHA1 | 83de82ee37087dd1803620cfa65766e2a6254ea6 |
| SHA256 | f6acc516aba10257c51af22b1986aa98d76a3930db36efa7ebdc5a50fbaa70d7 |
| SHA512 | d9d7a213b0a59c0d370f31567b8554953d59fc7b5f3e344ab67302610f6e848c1e5c807597f0a107a14c3e1ce0da2d26c83c56f3f55d3c266c2c37f8382f1afa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8c59c45d6a495576d1be31cd84c19cdf |
| SHA1 | c514479f0a98046b64d83532bee2d80730bfff59 |
| SHA256 | fabf564dfcd5477354e60ddb98f8df4e65a564e7b7d318d7cd11f62ffc5269c5 |
| SHA512 | 4aea8a4ec66ffac1e832f9c3ebed45181edca623bc0648a746ec36fd6efd4bc25fa74c96c58422a39790648ddd9b025bdbb2499e784093de1d41da7daaadfb7d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c748ad3242fd23679b7f7d4c13e0b6a1 |
| SHA1 | cc5605bcdf4e4b4518691d26cd23c458b349c19a |
| SHA256 | dacecf2c91db12cdf55f592e6f00c396ae690093e75c14d99d855a3a5aa410aa |
| SHA512 | 6a1c0dac758cb89ff31b2f0b76d0056ee43777a55f183cd342ed1bfc4b6719dbe8a4e48b6d425cbea623184dac3640c0e0d5a7d14eab7c75d06ab8bb63ff6942 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8595983677c4b8797dddebd0bfd49876 |
| SHA1 | 57f8be279c6e8c141b78b2e9c707d4152dc6644d |
| SHA256 | b7358a89d348798f87ce3a8d7bb17742e110a29fe0427dc1bc673c8413aacf0e |
| SHA512 | daaf8ccd8665d08f258406f6307816eafbf393064aac6c9d3215945b2b53d547d70988c0c47e6894b427285f685365435154da3929f85d9dec1cba922214d6e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cf1c7b33e67ec82b416bd9a6bd5a2a00 |
| SHA1 | 2acf513c0698b78a916cfe6c4551fda01a3b588c |
| SHA256 | ad7043ddd05acc684ce63c245e8779ca375018ca3eb7785238dc413cf8797de2 |
| SHA512 | a432a55a5a7501c610db05b4a7741000fdc38c45d35d284841405561c29b8e27841c4d58ea606a7831dd27058134ea038be2c8c70aeb4012194d2b3666d3b710 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3644fe319b578a69506b5fb91e570740 |
| SHA1 | 6dedb7ae0790859cc83e217266b1c333b198e2b3 |
| SHA256 | e33eaa65a4d2e5a5652ff15d0eae1853ac6700ea0b204faf4bb1436ec4b0d737 |
| SHA512 | 658d74ca8916638c8811d933f75e50d23e1981c247e3a89825aaa373678918345e3bac63653be6545fc7e4b2c97228ddd93b476a8c8ee12229ddf654c03709ba |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e99d2ad1ac2fb6cadd5667308eab6dff |
| SHA1 | 6baac5ded4e9e397e37e2554a463d1dd9f318d79 |
| SHA256 | 93e072666f4b22cf9aa0ef080a972e7b211631cc7161243920aa2c881f4c8029 |
| SHA512 | a2844bb19c4af574dd7f79f434fef9b09edc3276e1ca82c6be84d24ca69d919a78d8253befdd70ea233545222184cec3b39633b61a87dc076044a2a3d0b5283b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a0755ae5e9d2f687b7632824e2efe502 |
| SHA1 | 3d5ad3f4fd9fc6145e1c1d5da6ad805188f1745d |
| SHA256 | 91a43a9d068e48a02850c393d3ab7bed795a38cdf0db7176529d2cdbe6b5b759 |
| SHA512 | b04cea5dca5d4445379395e5ce79711d9da6dcbdb0dea7c0d9a896e542663d981d4ee289d8e72b3fedb6e2aecefb1759551bbe21f1b3b9fbdbf4531f4873671c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5b479ca4f41aaaad45ff1e7a06a749ea |
| SHA1 | 6789da15eca91529e4d768c1cd484a0d8a940d48 |
| SHA256 | baa74c318c239df095d6284f88cdb551f55fa347ed4fea53291d962db457f82a |
| SHA512 | 96d6b39b494ff441231d10d0fa9f838aac592041f777e9d1dd5e95826e23f7a6961d087bb99419a96455e4ba4afddcb7e782b9376f9784d1502f84350fdf04e4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8183a68054c4c91f7ea969f04f669b34 |
| SHA1 | 8185f4b12659010033db2c4a0767792d82c8f697 |
| SHA256 | 47d422351ef0a5af9c30697c13e8f087c2fd556d81efe5dbe02401e452bdf2b4 |
| SHA512 | 475e1436368c835a564eff3ac35b98b77b74570cf90f03c74330ee09daa82eb096daec5b2858538eeda6ecff35d89719f8d2e57fad9189628bfaf4872c91b226 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 476b8054f40b1f539b7e548b83e1b0f5 |
| SHA1 | a1bc1f318a1173d0efcdda5e2dcc2c4c57e0679d |
| SHA256 | 2af40e15b2a408d10fe54dc60b499ae50b08e03029eaa08c7a360c34034db3bc |
| SHA512 | d44339d8708c2ed0a912379fa6303c71b3a3ac8fbf1095bd8fcb416bbfa0a75b9b7903940fc1e1b8ebe6a7db1038fd442d8ad642f4296b19d2e67dca2056b3bf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 36d90d00c6cd39cbd5dc8f004915b938 |
| SHA1 | 382761eb0fcfd1515521d574e911e62ad319facb |
| SHA256 | 8749c240fb9b71478d05a5b6758003e46aed5652306d8a2bfdfc5e755bcf65db |
| SHA512 | 6aa5983641d85a6dfa94e3dac471c7bdf1b66afe0960102313d23d537c76ee0fd30806f5503dc294ad93a5e0bfee2c97d71a70d7efc39e033de2179227fa837b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e5114000b1d0b56aca2681f1bff82893 |
| SHA1 | f0e590ddf460874227be388db63461015d714993 |
| SHA256 | 8a5f18447c97e5a1cf51a5f856ea5dd8e90659015fa64978be2358375e17afa7 |
| SHA512 | 1ec31790ab85c2d4ccbed53141a0700cca6d1a8c92cce28916cf0cfad9fca081372a8a5c609d264c72f3b1b21e456e97ac44139faa67aed2b45a021c0e809310 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 07d25bfaaed0d8578050a1eee18c5bc6 |
| SHA1 | c94f51e8bbf88397bda936dca0f700632d0dc8f7 |
| SHA256 | f56f68b8dc1faf001ba768dc0c782540878163c9a8d2e7850b5b1294623ae1c3 |
| SHA512 | 145aa1db5bac559e0b958ea85da02e1ede5dd9d4beb22770ffcb907b2b046cccb875b6bf77be6d24bf061b8ad46f19a20895922180ecde8da59b14970a1a4aa3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5bcc0c11965b1d6e03bea2538ecd1db4 |
| SHA1 | f7626f8405622a32b824a8214bab6ca33c9c55d9 |
| SHA256 | 72f71de761eb1dfb9c067d2e5ea8ad4733783098947d858f11df38d151ebba61 |
| SHA512 | 1bb106e87221025badadf45a43a612f1d591bf82145bb698c8fb35dfb5b923100fb23520e50f2bf39d8d94c1e47a9b7dc5c063184719c6c613ae671cb09e7514 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a89ce0f1d1e1b108a87cd083d8992a77 |
| SHA1 | 873cc06384e7879d4b7caf5c7eb314cfb8754d4f |
| SHA256 | e6dc2278937112b917966b319909a1c33e9beeaae3b2376bceb9e5894cbb9994 |
| SHA512 | 6d7ddb9d542273b27c28e90115524e2398a0fe2be0db4b067ea5a58a8cf179dea72bfe12200c21a0f3022861a41550296aa7c383fe5170d0323ef42324e483b0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3d83879002b30ab3e30c09e2802ee3f9 |
| SHA1 | d7a39e369a34424f032d4907d602fbc79851a147 |
| SHA256 | 118774ac2ac43ed0722d9af69a75c828c90230ef69a7db66a8d002e5ddd4328b |
| SHA512 | be05fc44cf2d4f258b1910e0baa5a7a59a67940121e4e99c2a14e5e0e314ffb559c563aebd06e69ace0039c397e239f71bc3a7546c1234553bed913d582a3ced |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DODQ7AEY\3604799710-postmessagerelay[1].js
| MD5 | 40aaadf2a7451d276b940cddefb2d0ed |
| SHA1 | b2fc8129a4f5e5a0c8cb631218f40a4230444d9e |
| SHA256 | 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2 |
| SHA512 | 6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJARS8CM\rpc_shindig_random[1].js
| MD5 | 6a90a8e611705b6e5953757cc549ce8c |
| SHA1 | 3e7416db7afe4cfdf3980daba308df560b4bede6 |
| SHA256 | 51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679 |
| SHA512 | 583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 21:32
Reported
2024-06-13 21:34
Platform
win10v2004-20240508-en
Max time kernel
147s
Max time network
151s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a6a9c4892f53bdd58934624507d78861_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3756,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=4328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3892,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=4124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5272,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5344,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5444 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5424,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5496 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5276,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=3908,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=6384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=6196,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=4760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --field-trial-handle=4580,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=6644,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=6596 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | w.sharethis.com | udp |
| US | 8.8.8.8:53 | w.sharethis.com | udp |
| US | 8.8.8.8:53 | feedjit.com | udp |
| US | 8.8.8.8:53 | feedjit.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | w.sharethis.com | udp |
| US | 8.8.8.8:53 | w.sharethis.com | udp |
| US | 8.8.8.8:53 | feedjit.com | udp |
| US | 8.8.8.8:53 | feedjit.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | w.sharethis.com | udp |
| US | 8.8.8.8:53 | feedjit.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | bdv.bidvertiser.com | udp |
| US | 8.8.8.8:53 | bdv.bidvertiser.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | bdv.bidvertiser.com | udp |
| US | 8.8.8.8:53 | bdv.bidvertiser.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | bdv.bidvertiser.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | img2.blogblog.com | udp |
| US | 8.8.8.8:53 | img2.blogblog.com | udp |
| US | 8.8.8.8:53 | trendwallpaper.com | udp |
| US | 8.8.8.8:53 | trendwallpaper.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | img2.blogblog.com | udp |
| US | 8.8.8.8:53 | img2.blogblog.com | udp |
| US | 8.8.8.8:53 | trendwallpaper.com | udp |
| US | 8.8.8.8:53 | trendwallpaper.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |