Analysis Overview
SHA256
8bca2ebf798c6119722b329b03f066d40c08c7cdb774e811b946a665b24f2223
Threat Level: No (potentially) malicious behavior was detected
The file a6ab4ee8638135d371774d000c4f52da_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 21:33
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 21:33
Reported
2024-06-13 21:36
Platform
win7-20240611-en
Max time kernel
117s
Max time network
143s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "4839" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "288" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9805" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9799" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9717" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9799" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a807600000000020000000000106600000001000020000000ccf365082b7edd9aceb2226299110a66a086cb1a0e6e55386d7b4c60e8f9e135000000000e80000000020000200000001f951ae1f1b0fc494c60dffa30ab032efafcb562fed9af23150b30f577f713a720000000c315b57d6ca526aa0e8256ea2ff1ff0f44811d0ab95cab511b4089f0a6c52f8c40000000450fcb4bf89a15da86e34ac0df1b563b7f7978d02f6060c592f21fbb7e02bb43b10ce68ebf29cb7d552ec3d4234e620e927dbedb8be44c138e43ce91308f2b53 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "4757" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "288" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "17617" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "2707" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "2625" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 207b5497d9bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "17617" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "2707" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424476289" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "4757" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "400" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9717" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "11417" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "400" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9684" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "17623" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "17617" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "2625" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9684" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "4839" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "13549" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "11417" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "17623" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2200 wrote to memory of 2388 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2200 wrote to memory of 2388 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2200 wrote to memory of 2388 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2200 wrote to memory of 2388 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6ab4ee8638135d371774d000c4f52da_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2200 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| GB | 216.58.204.74:80 | fonts.googleapis.com | tcp |
| GB | 216.58.204.74:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 216.58.201.110:80 | www.youtube.com | tcp |
| GB | 216.58.201.110:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.110:80 | www.youtube.com | tcp |
| GB | 216.58.201.110:80 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.86:443 | i.ytimg.com | tcp |
| GB | 172.217.169.86:443 | i.ytimg.com | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab2B37.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar2B88.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 81917431eb485b27c32cb76aff5bcace |
| SHA1 | c10d07b609fcf04e674f18f02af0a9fa096e8981 |
| SHA256 | a7bb89ac59320cd122e024a8e08a2dca4a9228667505efe1aef71463bc6cac67 |
| SHA512 | c1619a40ab0eddd6c2ecfe6409ca3f89b29da84a79c42b2cbcb03b920f9d084b12a5270de2dbd5971227c95b64a85d05c531ab0e2d2aa0de9424c8c2e112016a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 4131e0fcc6be2065cceeb254d8c1a3d3 |
| SHA1 | 843d4a936da3e1945978c028e1c0cf838b2def81 |
| SHA256 | 22c289a9c4e97f2a24281005dc200ff4a1fa3cc4e9381ef6c384668d79596a77 |
| SHA512 | 4e53f2e8f2663e56034979575ca60720ece1af73a5f648190e3c67f8886f012bd1b2d3bfc1df541c6e486700c6e965e9849bd4d88c41a50244d08a8013b8780c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\www-embed-player[1].js
| MD5 | 96d68f40492ec6dc50850df320a57f6b |
| SHA1 | 58a61845be050e4250834de3b0910753b49c93f4 |
| SHA256 | 144c131cd9805a29c1b3b4f0e2007cc26de65bd6ffc7e33748edae0031c903f1 |
| SHA512 | 6c0fbfd787ea532eccd85d278adfcac4016db7e1bae459e1794767a6d015f4fec3e2939a9bf51e1d62bbececf0fc0eab25aa950d716ec3c352b1861cb3ad6ab4 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\www-player[1].css
| MD5 | d32700adacd5d982244c69736b87bedf |
| SHA1 | 813dfe8ce4ee3608ed3580113e3b82730ff03c85 |
| SHA256 | 2c7426a5c6bf00c328c96fb01c89c3e23ba7791e87455cab5aa3b546942f1fc8 |
| SHA512 | bbe35704822e0a82de2da2890da6c06138514070fe93978823601079a9371386915431f98e613adaa9566112d728f5f0274b3864e8a0c7da538833383ea5d342 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\base[1].js
| MD5 | d0ce66befdade82bb7d0897bbeb3c7b3 |
| SHA1 | a8b4f3197bf359cafad7d360681a6273670fb905 |
| SHA256 | 32b638cf9466cf241be0d7137c07ff73d864bfbbb338fc495eac64a59f39d984 |
| SHA512 | f1a033dde6b3fe6d8597a589b7e3fc5635793eaa60b741b9c2415055e5ac76856b26a90dd3efcefbe980b15e341afd28a466589686bdfabc4fccde43d13a9bc4 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 644a8ab01cdc0fa9fa4fea6f2ed3bee9 |
| SHA1 | 5754ce0dbddf58b93a3e4ec55f49f2bf89d67be5 |
| SHA256 | 8e8e9e894b4a4263553defd2270f21212cbf1e42493b9771b2e991b434998592 |
| SHA512 | 8a44a13f2fe9942b07df70f7a96ae650ecd61fbe32d0713f7977e3c93148898e68f1b0008d49421007ce187a96eba813058196e926b24020f775b8c1d5226363 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 8f8045cda1e8b5794cef627f2ad45044 |
| SHA1 | 8c468ae885c8fdb25a486b054628bb6e89932bbb |
| SHA256 | a0aa4dbba0afe24122ae72f501bfa85bb8f21e3de7f12112e159f56ca7e752c3 |
| SHA512 | ea16fc35f2f94435730d37f98258e5db8188ed15645d960693b43318be5a3de419cd79c77ff93ae17c05998ad2f17483b81a364f58ce6c466dc82d013dbc654b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 309170c57764ee2be288a0b9df728ead |
| SHA1 | 011da53a27380f852824e8e8276390bff407b422 |
| SHA256 | 8c2365a5e5c30e31c38db692c16b7437afe3ae2d00578a85e49b0219da5dd079 |
| SHA512 | 753e74715a28b5e052e0e4712256690122cdc7237d983e3da52ded174d2a77f09ed21f7f6154d94dfdc138f524f0fe7470832574bd4224b0c56d83ed9e32938f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\embed[2].js
| MD5 | fe1a5011c3a3220f32b6365240503241 |
| SHA1 | e4f78b28f19652327b60d07c154c57cb727579fc |
| SHA256 | 00ab3bc15602e04d00ac5de6b553c6914b10c62a9a6492e6c0239523d2d40964 |
| SHA512 | 80282e77dd310060bd5e8add02a63cf3bd9b9f629dc4fc1cc0cbac801ba33f7601c1cdf1e62549b898de2fdaca24004f01061519ff39cf6360594f02576528fc |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 6f1096f4485620c4a5c5fee4ec82d131 |
| SHA1 | 126b7d71dc678cbf146678b1283f3bd529a02938 |
| SHA256 | e91e4ee67d15da07eea08f8913e489433a317dd89a4a865cca468f83b6e4bb83 |
| SHA512 | ae26056243ba3cc252c2a6bef727234b0c881adc1e1c0c71f856c3eda4e98f529dae32e0c86c690b8f6d85724637cbc412ea936ffe13a1e3a758844add0daf7a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 92260411fcb2a54c922eecca0cd42980 |
| SHA1 | 99032e5e251396c265129d88da275775486159be |
| SHA256 | 6c6bf94ceddbd6bf8549cf720b5f863325dcab451b599898920710dfb9a8e083 |
| SHA512 | d91efedb503d06c5b82223c455292a1a8edaf16bf6f6d3638335b234791cff058a78567029e0949ec6e6ba6d3d27429e77bd87ffc592269c568c16bd42adbe49 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ee6fe12818739a7b97831e351ea8a2fe |
| SHA1 | 86173102637c088718343aa5a7327a9c049a207d |
| SHA256 | db7b40c264b16b17cd5a60772df8c0644ff619c370a9e1f8cf5988dbd517bb6f |
| SHA512 | 2f3fb25fe623863966971529adc34899fb49c28c5a2adb1930c54f0d669a67c5bbc61379b7dd7f68461a0bf4449b4dbd700d7120b4a279a0576c40e3266cb217 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2bb297cd1a8a69795f830728e2484801 |
| SHA1 | bc129ba7ce8c252706382535086b535780356edc |
| SHA256 | 70a2baa2bf14697f84dfafeced2ac5ecc377226508c54b3133b9375dbf33ab2f |
| SHA512 | ab7fc85693595a1047a0bf1b7ffdd5db9f60411550abc7daed33cfbfab58c697ff0b034f51a0ef2d056bb2d96d056216493370b552f2d1a16044a8975424ebfa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3b3dee645f57e42107dcdf188b43ddae |
| SHA1 | 8ce53be416ffbf8dca01b5e312a3b0b1be7373e4 |
| SHA256 | a12cdc68505cf5206f36d9cd497b1ca2786c4870d740f387dee9ebf498253867 |
| SHA512 | 7434d974b7072600ac56d8fcf88a2bbeaca027711bf66bf39cd01e36463230db93f85ec5d2363494c9702e05c5212e2dde4eb27ecc354089b18346530eeeed12 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1c22f339922fa0fe9ceb722aa4962001 |
| SHA1 | 99a96a99388614816c00bfb4c217d98e898fcf49 |
| SHA256 | eeb4a3f803746411e77217677ad82290e420349bb5e1daddbce92e242cbd4a9b |
| SHA512 | cd7e946b6deda1b0b4b277df8897614be8901a03d8875f9448ccf5301d8af2a1a7de65699ee19959a182bf2f4cab9e3edfa8559bd214a14b67be6194050da3da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cd93fc1471a5d70cecaae394c33f1041 |
| SHA1 | 5f26a68740fc43f79702ef3c2817dff63073714b |
| SHA256 | 439bbd462aa5d0252ece6ef61ce6e3958f5a350b7a0d5084f7e644f4be37c959 |
| SHA512 | 1aeffc3dee8fcfc07454c25d651a620fccd32e6cc99af4d9bc3007f79b4cf902a6b11764f373faedee202efbef7ddcc6a58ae53d7b13fea428e5f573f4013df2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 11609b397aa8dbeef519c51afcce89bd |
| SHA1 | 70d3f71b15b4b3a561ed40f48bee288d3715ef43 |
| SHA256 | 679fe71a177322462024a412b92fffb4b185e07e96333fc142e0961d0cc49c8a |
| SHA512 | cf3b7d6f82beabe382490a29cb612c67438546d3e8e797aeb601a680fdeb1a955831e0d4ae30e273762b4bc6a56280a7c6ccf1b14496fb21e545fb776881962c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a8e520dfc0670e350d973a4fe3901d58 |
| SHA1 | f56387883fcc58ca1ecb123d43def1a3d5a80192 |
| SHA256 | 1d14e998565e3ebfc64807872c3fa82d9d5f217b622b184f53c195faca8955e6 |
| SHA512 | 63a14d4ecdb2bfbbc55d0ce2a81ac29c01c61eaaec5086c0964bcb7afc4628ded11f3730e4e037e5a8284519e2b7087e8d4b4dfa12ed47e2957204f7f9925f1f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2b32ca4bef8a9813bc9705bd88f8579b |
| SHA1 | 1b5e1853dd72082be20f6c2b81d336baa1e44d18 |
| SHA256 | d3bf8a117acb746524b7c4e7b4048e903e8a8985161c49ddc988b21d2e90d1df |
| SHA512 | df1b947ebb7cd4458547ec4750dbf64a41bc703fe85af7574395fb2c4bfde5d597bc32100feacc8caa64a127139f7814d79635ab97d6bd70d6c8699bc09edc7b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6e04c77ec48afcec66c90ed2ce96ed6a |
| SHA1 | 42a67def2787a2957f35b94b7815549a4ca78a97 |
| SHA256 | d08b77c62886096b1b64b98fe0feb2bbeed0a4f38c36eed3ff3ff12840564f63 |
| SHA512 | 5e00f1e6951a6af9949be8101e6b90c4da9b40e905cb7dd579f5d98b42768878a8fb63398551b101ee0d61e5a419cef5564389847b5db0c41ba2c9926b90f0a7 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\57wTYcgCL9-06Mjz4he5vP6_4afBPjLl2lxgmn3azys[1].js
| MD5 | 856cbc9239ad5b22e09262a0772086b7 |
| SHA1 | f85c8823e31ee0445b52eaff81a312bf30a9de0a |
| SHA256 | e7bc1361c8022fdfb4e8c8f3e217b9bcfebfe1a7c13e32e5da5c609a7ddacf2b |
| SHA512 | 9a57544fc353802c2e7b209a025b39a79ee646393fd89ac7d0325940853033fa661a252da81a0e4ef391d0c3b6365fe9f77a6c3f5f73bb41ddc14459c627b745 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 87d2e557c7c808919c8bcc18aa4b6ee8 |
| SHA1 | 59b7bca27d54311b6d3328b390383832ee1c7ba8 |
| SHA256 | f28c0687a923bddc3fe78a80de13e3fb5b53894039532aaa76452ffffbeb1bf0 |
| SHA512 | f4faa16e11b701b0d29d450ff5ef8d152c3441e0b005e39f2dac06bdfe8bb6f06d8822c2d0b0e222e9a0fa18cea74ad6695e20dc71b4e047a68e77082e5b6906 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 2e007b3585d5d18f7fc769d0f0b76ef0 |
| SHA1 | 23aff075a12b018754a4fbc41c0f690e4bf52feb |
| SHA256 | 8868587f74dd6f6451f8a0adad77f131a0824193c34714a7624baf9aba84d4fb |
| SHA512 | bf0e5d1d11c6b8614b957fa9f33402ab104a4ff9d396bff69e29947adf3f7d1af40eef04d9eb4ddb28fadaaf2882d666f34e120ac921cbfb3e1b14de62dfa2f3 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 6c25d6724b7f9f742786335d64a11d81 |
| SHA1 | 9c55ca5c67a1690dc71cf8c419f461d2f4f1c6a0 |
| SHA256 | b69c78c53acaedff3a9afdb8ae514d7b6e4837646d6476039fa4db587649d285 |
| SHA512 | 77e8404e9754cfe669f4c21f0540e12c865816c0b85633714d01626bcf4cd2855d7cac53a8580878b9e66946ec3f8e43f4576833c6fb7ac66e579315605f63a7 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\remote[2].js
| MD5 | 9b832e4f52570a03fd392e2e6e5560d3 |
| SHA1 | 5880c784b13d9442bbbb982cd947d3b0b620edf2 |
| SHA256 | 4e64709401fb087d4b79f50434b4076913210cdbf343e0ffcc5012645563da07 |
| SHA512 | 35e2e89b8bd20ec5ca8d29dc367f5b5293109bbcc77fd436efbfab96f15aceeb17acaa820cae2d23c7b4018dcf4cd759d4bfaea622a5fbc5917700d053a0cd65 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | e09cf6bf7106ea8f82b63304c7f002d9 |
| SHA1 | f9ad77f56b29e6f7e0b9073bb3438d1b6af17384 |
| SHA256 | 128c1617976bab85cb9601f21d6b30adfb3427aa015a0deee5b933cd5f162580 |
| SHA512 | 205f7765c6cfe5a7ccab80633748ea399c1a6107f05f6b7ab309867d63d7fa2e4edd99c69d3bea8b44b3735255ab1935f50227b7c76f9ba56bee91f22d488cec |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | a92ecbbed309a617d9b7ac84fd604273 |
| SHA1 | ac7cda5fa5d229a04608d6b7f627a3142383399a |
| SHA256 | 79cd01fc648a55f344fe14d3eb426c245797032b1762ee7821e8e9a3ed925b29 |
| SHA512 | e7cd4d8cdbb0869d7cebd93d6a3811697f241d113c6b647afb9435a1dc3742c53c905d961c17f06b75ed6a211220ce9ec1f8352aa194a13e4f2e153624372055 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | eeab174a90f4ed20afe6c30c24c7c010 |
| SHA1 | 7e3660ca0df42a09b3db88acd13f4637440e216f |
| SHA256 | 434cb0334ec67b5bf4d12f4a3f2a86a7732c1eeaa5fdf8450584035ac7e2b50b |
| SHA512 | 1a7bff0ad60cafe2efeddbde2d24c7ed8468cd9b8ae9e933aa4bb3b14c8d58e20afecc8e5649a2c2043b7935e499696fa25d47e812e412d3c6e5bd3ef244f4da |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | f30a2b2e3e51fccbe1fbca4d1fdd2c27 |
| SHA1 | eed2c6c06f6d182b904788dbc1f1686e979bee44 |
| SHA256 | 47d29ea2374915cf8f925c84dfc967b547fe92bb7125010f7c377377a4db0674 |
| SHA512 | 5686063feff6decf1be547c8aee12cdbb2215c282d2050103e9063c2eab81d1872eb0d8fc4ab025db0f7272f4af249a35592f0fa4b6ae151ffbe08571624b8e9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 3f82575b122617eac3575dafb2b92847 |
| SHA1 | d61743e324cb275e4a83ae07813ff1a27ee11b56 |
| SHA256 | c8dff54bd576c2098c1497020f1ae9d43c647438263b01bd137958b93bc725b9 |
| SHA512 | fd51e2303a89794ff6cc338ef2331415501c7c088529199d972ae36595f93b4c696e743c7680afbebde64518f25f23ae2ed69c7042dfaf299c1fa07087227ef1 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | d567255972611a06c2c92031ea7714a2 |
| SHA1 | 30fd4aff6870d8a2abc3092a6eed5f099f1a7bce |
| SHA256 | d7c413329ec8c1b0fa43e5d2c08eea096c33494fb06e0fedccb4cad887dfdd89 |
| SHA512 | 9bcb26f1b381a7488815877c87b3b12b5ffe87eeee16eadfa9304f0b97be5cf59fcc14246603b0c2744b4804575271706664f790fae93d9107c1a17ef82fc5ab |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 574363899eda588c4428dc9b68f1811e |
| SHA1 | 66920693d2ca538d64d2b0a8a93407a9db5cb18c |
| SHA256 | 4c2f4decbf86a723d37e1bcda02461c8175dff460050b84c4cfdfbb57b725933 |
| SHA512 | 1a00f5383189ddbee7bf60c0fab8f08fef2bc33441ab8c9c9e7c18a3710a8434f51702f446b3ad76755cb4579b096f44a12622f22807488d4f4b776fbda91575 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 61074859c16b0b318ec621968b73dde1 |
| SHA1 | cf6ae0a388291baf27ee30af3fd1d666bc6d92f8 |
| SHA256 | 7155e9346bbaf5556c41000a7ad47d42fa93a0ac0a0a2409e8996b0fee29d121 |
| SHA512 | f548f73c6eed8d9f9d0a237826f2a2a0fe97bb38c9d9d08cc9b4a25bd446fdf0cdaf1ecf533038295e8c8cb04c7164f5f64dc272f30798464ec9dac70ca58ce9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 2e5c322b8cfb84f33d9e064596566da6 |
| SHA1 | d6a3126712b5333fc4dde4065d79a6f397cdb16c |
| SHA256 | 54f3d3a547771875947d0270e9a7924cda4b9a32a70fd13cef83e67ec6b09e74 |
| SHA512 | bc320a394ed4a8a443cfbbd65085c80913c6906789e401b2ff83b24c9fd953e1abc74b587d384aaf098adf5d157b6f5af0f33ec16e00496a2de1b8fa3b6d939f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 7c97756c2c035ebcfe9208dd86591df7 |
| SHA1 | 57e29d637804dff916a207896274157342cf68ab |
| SHA256 | b7fbec450a4da215d0f778737445d0d3ad164d12e33b31e982eb75b64b4585e0 |
| SHA512 | 5b44f363277a9902132cdaba7b84e2cab60592d37c39fca6c64074e62fc6189f72f6ad4d3d98f65562ab435de1b213b42824f8319b678e845314d68445733208 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 248ffb9ff67be580d703ec818e5c09da |
| SHA1 | fc76cf02638149405471a0349efac1b1d2000907 |
| SHA256 | f4c513fb38c067ff71009b14385ac3a356ed3f3157a0e7b7df4448c9686e42a0 |
| SHA512 | 94f2808c84ba2bfb5d2e61b7fb94b40122db56ee821236d4e5385b721aa683aabc84f674dc964016acd62437f214c73a4d0ab9a2595035045d96224dcc65ac90 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 172a0367880e88f8c201ab402f47d098 |
| SHA1 | a2d7e986e81fea7c44df549e30314d01ca50c939 |
| SHA256 | ece43bb4ab68eb0c7ef057df5d86eac1d447a7cf748c512ff38a1e3e6cb7d958 |
| SHA512 | 2b6c03e46fa4a35e9be4030f3b32a26cb9697828e0e7fd4e5110f43460bb338103b1c5547ff1c40cd1023d1927bba49308b75422fcc891ef77809b7caa52c7e9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | 15975e353a68c53f693fc3e3a19fe4f0 |
| SHA1 | 80fc452ae4b19047499374dcbd41b60d122130d5 |
| SHA256 | d343e43393078d95c5b6975a138c3003a58d6ca683d4d29543a6b4905aedfb57 |
| SHA512 | d07285af8fc0c3659d59d48cec31bc7dfc35397c2be5ec22c9276077506d203a7e462d279012c686082d04beb8201d4e57c6171885efe10d70f47d712587a3be |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | d3637b8367b9295e430be41a8b9f7bd6 |
| SHA1 | dc03c870274ddaad807ff4fc083f593381d46351 |
| SHA256 | 61a032afbf90b04c8307ec1e9d5ba1207493029db18e6eba1704d903180c5361 |
| SHA512 | b87a0306a3fb0d57afc5347bd608d32f7776957b6872d557381b6d2223b59c1a8dac30bb67d0aa8fd15e0b85df155ccc61da3c0d953d6e7a0b480ef6e922c44a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e4c63f50009d1a157b95d7dbd56eab05 |
| SHA1 | e9cec1e5d6a7118f1c0d47a65562f136036ec38d |
| SHA256 | f12da491a141129bce04311100112631994a34c8453ed5a9e249aecda995285b |
| SHA512 | a47afe7b5c8608b30c712887d4a2945b68b62518e3812f963091225f1ee23e18bc9c058f18c034ec31e553998c08f4d35ecf9ca501221f3a886492669cbd5cac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 28cd9961798dd04846fc589114a933d7 |
| SHA1 | 20bbd68a774c15162f9a78d604a81143a2fdcee5 |
| SHA256 | 366b23d8aa497d69e81b69bfaa2b5ad7e09f81909d95711c89b8a074ebc4076c |
| SHA512 | 3f03b4f6ec78ccc9f76fc2c32d7b329ed2705dfb563fbfad429e1697832e3e3950548d1587a779b5d20cccdaaeddbf794fd5419f990cd6a6846d11c0e862281b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8dc53264ca8148faccb7b7a5f13720c5 |
| SHA1 | 3a56c60da03e76648fe85518a55eb0bb67843edd |
| SHA256 | b086fe8ce9569dd72ac1a3597e2e0e403b54e8c4914e0039d2c35f2af22dc99d |
| SHA512 | 69a189fbfb90d3751d903009e00243d773073a11dd1542e41ee0adc63356c3daa3b710c9578e7130e0b567f7907c76d0a1af4b19ff65e76074acff199c6a56bc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7b7e2199c99cb16db0d1973849dc2b33 |
| SHA1 | e683d553b6cc804f8f8e932854853cda4fd80d59 |
| SHA256 | 48a1774171521a6a65d765b58307aa9c54aa97bf672437c4fa4ed2aba9aefc80 |
| SHA512 | 286a23d22baf801f74f6831f10ecc0363d4aef321e86901687ba1406b40e8f608404a863ec077894305fe8a50b5e053cbbf3aebd918e930b4309ed876e498cdc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f797f2c06f9a96c9e7b1c64ea61c0ce2 |
| SHA1 | 4a2e3f91546ce96064001c8fbfb48910b0468260 |
| SHA256 | 6aa268afbf8c3a7a864dfb736577336effb2f8c5a24e2bbf8e84400935c70558 |
| SHA512 | afaf0d5a4ccd9f577fb0dde6ee2f6d38b44c1596c71ea8c081ceb72e3eadc149c3380915d7d885efbbc42c0abfec2c2b22c663f93735a5ee29ec8494c2645ccb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 27145841367bffc00d76bbf5c55e6e61 |
| SHA1 | d517c8483cdc80be39e24f02170064cfb25c9e3e |
| SHA256 | e581537f507a647c4161e3b7a946ab2650c77f6a16f655a751ae9c94f47b5712 |
| SHA512 | 0e1ac7d5c1f9f54f668b27b2ca5a3cacf5880898236ced16e55153cddd2f43795c0af7d27e30b7d53412a10d05f4c2f0f0e516221c2c0b0831cfb781825f105a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bdd4ed86beb0dc575409670c61321c93 |
| SHA1 | 2ecd49d0648100834f4a9324c9fc9dbf6eb422ea |
| SHA256 | fd5ec9dd5efd910fe66fa52cbde9d4f323800942ccb4e89095b6dcf0a69cc9ef |
| SHA512 | 6bb82fff99883e20af9f14d1f76364706fee1683f571e6a5676a8b43c9cf88826da6c1d14eb6e7d06e6fdc8c2ff6705118b369c90dc87d399a7ea4acc6d4d91c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1b330f133baa502c3df0c916ec5decf8 |
| SHA1 | 783d5ec6cc76ad974866c31168f2f2add468fbb0 |
| SHA256 | 7d6a2ce8d1257cc31c178e99f6891693cf446af4fc560dbe7eddc75e83fa98a7 |
| SHA512 | a217bbb07683221ca0ae18c9c1f0bb041306599d828292e30daf53c2af7d6bb5e6810a023a596d7198b1bded34b12a9aa27c8dec2cfc8b2473f2726e52849c5f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ba391cf0be6135592975b25d87c1ce06 |
| SHA1 | 96dd20e693f6d7bfb57ca55be062d849c39482d9 |
| SHA256 | 5b88a3132ec0514036f5257971afb1cdd7a3dff9125167e0be9afeb179c48155 |
| SHA512 | ce16c3f53d027abea2f2de4ff04da45c45ca645a447803c676d273ebaae302a93ac961312b86324fda4f3f3d746a57939395073de155c4bcfee20d3c13759e9b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5e4f6cd38d79ffb5c103048db9271d6e |
| SHA1 | 5192e91c33e8b04e42ae2b223fe4b3a7cb3c58d7 |
| SHA256 | fbf1caebaab5165e6ea7c65f4a6417e54215b75063ec3a18985cfb9d2f6d14bd |
| SHA512 | 4a2845fbf7e95db1e70044308031617bada371c9d140836819feac77f1500bf715111869ec9e161143ce0f06339f6bf213f3e115c73a22ed6726907c0d58afc9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 580ffd42d9001e346d2628a54ab6ca1f |
| SHA1 | d4360fc7139333ad67f5e942b3af48b72e544ad2 |
| SHA256 | f91689d0e64bdfacd12bfb825a44ae4b602186a53b2c2e9dc345b86b1f25108f |
| SHA512 | 272345f9438f3a4dcd29df7872384da81278ff56b49c0dd630eb1757184233b8f0ce75399f6e16585246828fab88ef29db1df8a40eb93e6be2a2406903679cc2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1HD7U4XW\www.youtube[1].xml
| MD5 | b2cbf15db6005e88ff0d497d21b22508 |
| SHA1 | 8665b6d58d987f4a74f4e65e0670f10501b3dcae |
| SHA256 | 6701aacbb629ae482cc8a5984126b53b9898001d458d908c3b11809b63fc4278 |
| SHA512 | 786dab2ba3631d6b964d901ef56eac2f97126ebcf4637a287d14b8555adae21f8a4cb3f74ca771038a4f1c55329b486a90125b3387cf050aa2550474ace74889 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 21:33
Reported
2024-06-13 21:36
Platform
win10v2004-20240508-en
Max time kernel
145s
Max time network
125s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a6ab4ee8638135d371774d000c4f52da_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbf8c646f8,0x7ffbf8c64708,0x7ffbf8c64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,16472701486450065903,4382136217754253608,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 52.111.227.11:443 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 439b5e04ca18c7fb02cf406e6eb24167 |
| SHA1 | e0c5bb6216903934726e3570b7d63295b9d28987 |
| SHA256 | 247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654 |
| SHA512 | d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2 |
\??\pipe\LOCAL\crashpad_452_WELCCXHARRMPTTLK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a8e767fd33edd97d306efb6905f93252 |
| SHA1 | a6f80ace2b57599f64b0ae3c7381f34e9456f9d3 |
| SHA256 | c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb |
| SHA512 | 07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ee3e8f38e723d37e21ebe785f5e7e543 |
| SHA1 | 3a8f3e85667412c2c2f71e375eee016808a73a0b |
| SHA256 | f65f1058cbdc325aeaf815dcbaa1bb207c15e0b74ef8235f0c5e45d87d764c07 |
| SHA512 | 7caa0de6cc0e80f996de0028bb8db62b881362a5d23c8edf5c7b4c369feb0154c7c93f226dc370229dbaf67c27c1c1e9e08f7ca7017a400ae1c0ce86d005b0f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ee61065f36b1cfc5613303132e4b7784 |
| SHA1 | 4123eb0fdae4ba1fbc3b303968202923d2bcc78f |
| SHA256 | d8d931d5932d2f29564a9fce4da87a7572cf7740343b4b7446cce81218aa3750 |
| SHA512 | cc9ff4246152a1bc8f802fa4142c84f4b191a80a269d67a6e7e419ed2df66cee41f799fa4ecdf9683c3dedd08fd7c1cbc7a420d5867dd7ed829056640ff16236 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d3f203eaf85fd3a27747e78fd5478b1c |
| SHA1 | 75f7eb60b2050e08bc9df09b44f8feee90a7aa10 |
| SHA256 | 13027801a838eabdb37527323eede136e1e86fe714404180d5e42b08f03ebf79 |
| SHA512 | 96165a5490ca6ee8e6974d29a082b86d51ef0faa7cdb5a75bacd7135cfa8d155347e086512fddf94480fbaf99cb570145fbe82d4856356018695cd909a6ec268 |