Analysis Overview
SHA256
f2fece6fa09c6a18d34ec20159e0f7db551b2fd485c280eb0299e28498c2eed0
Threat Level: No (potentially) malicious behavior was detected
The file a6c509b7f8749cfa8fe0c81d902e9fc9_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 21:58
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 21:58
Reported
2024-06-13 22:01
Platform
win7-20240220-en
Max time kernel
147s
Max time network
148s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50ae72eadcbdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{13C32FF1-29D0-11EF-831B-46E11F8BECEB} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000094e36bed7dc96645b7108d9834c97dd800000000020000000000106600000001000020000000482035bd298a3257ff02b3d292a7a835324bbc4f01cff54625378cb33fb698a8000000000e800000000200002000000070e8aa2a7442013155468f8661871167f5f66a9acca7171ebe2fb62c6fa5405c900000005b9f9c2db1d86d7f711a97ff1019c99630457fda626f6f5c60487b7ffa4669819cbfaac2054070614db3a76d449f07ca15497a3fca9b5a4c5dafae92f1d60b8dd0f9ed792da05ee4df4a3e79522307258477d12df67e85568a9291fa08dc99076d8d0d72f6cc3b5201f703ffea3330f003ac20bca5b4b857b5328d36c35144a869af46f261e8b8bc1a6e34cf6ac130eb400000006fff1c7c8675d3234179d09bf6bb860931b246c5ea0d4ee8fc11a85f7cfacb25e58aa5ac07d6d3b395de9034e084206898b9556f7d01d2840691612e47e99d47 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424477781" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000094e36bed7dc96645b7108d9834c97dd800000000020000000000106600000001000020000000b3fe2b3b20cd75bc4c9a1cb93a1cf8abbcd7262cefff73e03367cb177417ab99000000000e8000000002000020000000b9e3fc59e6c336ebb85a216d00302811cb7ef7bb86474c642b752766185e9928200000009effaeb9e141a14616f6b8d60e024381a09aa40df1cc54df79fcfab300efaaf64000000041405486627c060e55394f817dc2f018dfedb2272a9a22f37929923cb72e6c4dede44813cdeb8b53f0c5be5d13cca9393157079b2ec2ce4353d1ac269cd62c02 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 3036 wrote to memory of 2884 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3036 wrote to memory of 2884 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3036 wrote to memory of 2884 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3036 wrote to memory of 2884 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6c509b7f8749cfa8fe0c81d902e9fc9_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3036 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | platform.linkedin.com | udp |
| US | 8.8.8.8:53 | stats.wordpress.com | udp |
| US | 8.8.8.8:53 | womensgymnasticsfirsts.info | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | s.gravatar.com | udp |
| GB | 142.250.200.14:80 | apis.google.com | tcp |
| US | 192.0.78.26:80 | stats.wordpress.com | tcp |
| GB | 142.250.200.14:80 | apis.google.com | tcp |
| US | 192.0.78.26:80 | stats.wordpress.com | tcp |
| US | 192.0.73.2:80 | s.gravatar.com | tcp |
| US | 192.0.73.2:80 | s.gravatar.com | tcp |
| US | 152.199.22.144:80 | platform.linkedin.com | tcp |
| US | 152.199.22.144:80 | platform.linkedin.com | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 192.0.73.2:443 | s.gravatar.com | tcp |
| US | 192.0.78.26:443 | stats.wordpress.com | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 8.8.8.8:53 | ww1.womensgymnasticsfirsts.info | udp |
| DE | 64.190.63.136:80 | ww1.womensgymnasticsfirsts.info | tcp |
| DE | 64.190.63.136:80 | ww1.womensgymnasticsfirsts.info | tcp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| PL | 93.184.220.66:80 | platform.twitter.com | tcp |
| PL | 93.184.220.66:80 | platform.twitter.com | tcp |
| PL | 93.184.220.66:80 | platform.twitter.com | tcp |
| PL | 93.184.220.66:80 | platform.twitter.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.213.3:443 | ssl.gstatic.com | tcp |
| GB | 216.58.213.3:443 | ssl.gstatic.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab2222.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar2343.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3b097b37fd4fff6eb2045de4e0eb2dd9 |
| SHA1 | ace77cb507d5ad7b78fc15f508143ff6b8e750ed |
| SHA256 | 176ddf553f7312f55c048e3fbdf58b43f24f81ea2004cafcea276bf7dc477508 |
| SHA512 | adf2537c7298471581a2dd7901a12043beb70597937872424782fa6426a5b7bbf6f71a30b4e849b25b5c9eb2f6d18eb96fd5444d90fbf471a20a52832356cbb2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 81d86ae5c4ea86513b51ef6b9a3cc995 |
| SHA1 | 4340eaf1b0030654ef216011528d9ff6f269de6c |
| SHA256 | e7e93edfb5c61caa0a49606f74890c41bcfbdcd560b68c9fa75acb7dce80bfb5 |
| SHA512 | 968d07233eff7bc25045b1adf148ff67f3c86cef17a1da8f7512f6be1355b5e00ae8ca1920a2b21e94e431fcf299f839bab630e4bcb8c23d2d184e8f5a140874 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | f6f2cdd41d19a3346af3af3345932d44 |
| SHA1 | ce7ac17916d19571bd8449d54fa00b5429ce64a9 |
| SHA256 | a6d7a17536d638c6659c19330fe64ec20ca6aae173883788af7540ed109c0bf3 |
| SHA512 | 5657cd8e664675aa4aa15415d69ce53938ed03a93d9fa3e185e0dcbb1dc8210492cf378c1da4c7ecfd57aa2cd0e30bdd99ff301c2026e86f45e5d1ca9dcf68da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | a08991b3b3149042115bebb75a76ccc0 |
| SHA1 | 4f1a11c57b43422713fcb9c7af450a3a547ad11d |
| SHA256 | 827224a17beecdd911e49e0f09ab9665246f781744d1241545d6aefe2e67c788 |
| SHA512 | dc3f8319b0a7ab3e3a37447cdd60b3772bbb5e73cd44e9e58c2ad979dcd68f48f675c8a0a2626e9d3af5d4c664a9dcc52b786b69946236d8f89d12371d987fac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 32c9edee3156c696efdbfea1c10fe20f |
| SHA1 | 9b0fbaa31c9d5daf256d8b7dff016f88c0ab34db |
| SHA256 | cff5e240a759e38a313a1b05fb83497d85d1be17c6d3b5bc6d7ba2cea405fec5 |
| SHA512 | ccc10567bfe5e7f0a059e5000937c1f9d11528f435728c695d55226e33f00b8e712dca71b89af3ff277e8985b8424bdcf882f1851ce376a5a145c32a99a1ac8d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_B1CFBA12A41AC8D422F96322D7435D7F
| MD5 | f56923f3800946751ef5ecf784343750 |
| SHA1 | d3b9af773bd7b46ef9445dbf7815684eeeacda5f |
| SHA256 | 02a497e385cca2d5576c8fb93a50034d27a2528086a57d17615bd27c81ab135d |
| SHA512 | 95133465c49cd26e5c9a0ba1ef18e9a3c30f5a3ed571542b5952720f6485b7100ddfbaff74742c39e16027285e26f5ecba0880e382f7e97b4bb410137965ec9e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_B1CFBA12A41AC8D422F96322D7435D7F
| MD5 | ac833f4d6971d502eb757e753de86e0f |
| SHA1 | 9e0763f4ffa9441be633047e6625ca09cce85dad |
| SHA256 | 878ff812a34c65f541da3306ef3f990492e21bc75a830e87adc42f8907dd7a32 |
| SHA512 | 1908dc5515b3ed34574e20b14100ef91d4b928f7d155205328eb57f75a16dced2e89c21fe38a4735adcd0d44ab9854b966023ff69fcec79e652ff1facd3c046b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\cb=gapi[1].js
| MD5 | 0fe383a7ddb9bbaefc3105b3297f5583 |
| SHA1 | f80c9d789f251909c7560bd91a9e1b9a10c26362 |
| SHA256 | d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683 |
| SHA512 | 31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\GKDXWLQO.htm
| MD5 | cac04a11acb55f6473c2cb240fd2779a |
| SHA1 | 6bf61ef247e9464835db0c4e8b1870110e15a469 |
| SHA256 | 17e26526356bd5ab5292cfd16ef9f7b0fc39d435797b08aa06b161086557dd6e |
| SHA512 | 8e88988df14be680405149e2d7b4ba5a539dd830583eed57fe2d0fe41d068391d547445aca1f6febf473f0e612ae9f7a9de3f47838b7944bec2d94aba5721a0f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7518dccc07f6cb59e66ff6ba2de68ce6 |
| SHA1 | a38e7f54f75b9053291e674b4e118da9f10dd2d0 |
| SHA256 | 937132579a0172fee69cab49da26e00309cb67d78aba618d67ce7a352f5a4d38 |
| SHA512 | dd0d5055ee2ad8ecf3114352449194ead5aaff2e3195ea70e93c93b8d6b847446ec17ba3d2251cb92fe1d175907ddbba25bcb355bbd83d683a74b9f9f542ab57 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d9f31726fd6a801e8c4801761416e165 |
| SHA1 | a216cefd327fdff52084b5052c9847edba38c05b |
| SHA256 | c3cdb8044476f61f7a82197a2fb582cc939b0d724e39bc8614beb6cf0585a299 |
| SHA512 | eec9d2fd89f851d2eecd4823ce2eb6c499fc8351c7b0fdd9c37a1650ad9c6451b7fa0c94952ca023a2d5da8e92c9b74910a0b966f084f9d6a574da33ca8eed7d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9571b63a7cf327446c378087d060a808 |
| SHA1 | bbf00d4be66768232a190b043b3f67101ac6b643 |
| SHA256 | bd53b493b1f08ef335dd09f53e30baba946ddda6e4947acfd3f1d1d038b8b6d3 |
| SHA512 | 7d21cb0622a240eb798b29010fd2292eed3c364fbf5ad98d431f5ce37666047353fe40755151e4ea593213cf97b5f06c4910fcd7fc31bc6eb7e1efe75c8bf206 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 12ad120b9dda5a1eda6a01b2347f6891 |
| SHA1 | 203a22bccba8144283f30d216f2f056c65f4ceea |
| SHA256 | af2438b1562937d0e2f21f391eb5879da1ee8d75356a5494a87f4e131f130cff |
| SHA512 | 79e7e43df2ccc695f34c3ffefd6c6b251eb7ef8ad5b0bc2e710ec199f201adbdfe9e8120ec71dedfe2fcdf9f90bc06928d43e227f96db34f36ba6fc8d6175bf2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5e16186ff99d5785344c88b03d556dad |
| SHA1 | 3b6e0565ebc90cf01d8931b63b9dd6cf6ff029e9 |
| SHA256 | 993349144de68983fbd01b66339dc67ac97f0a2903919420edfffe45cb89a50d |
| SHA512 | 15cfdbf802a934a63dd4a3188bd2b6ba60f72327b120671b3fc271deef6b27b5a00b8fc1cbdcd406170703b4eed7500ec433313130ff175354710dd27a19ddf2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eb03cf83da3efecf6970355cf2224c95 |
| SHA1 | d60e6a6f38fa6046ec319eb585fa7c5e175589c7 |
| SHA256 | 53a815c1d14a2a25c3d5f28339cbdc8ddf12aca3c0517a32127ba74a168fb32e |
| SHA512 | 56be12df7e69b6aaea820d540c4b39418998eeba76837b9930cd71e68d56435d47f070bee49c6b617e41b08cd5d1f433a19fb189de3f638c33d7369b50e8faff |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 185bc2a7a9cf1aea87599171d49dbaa1 |
| SHA1 | 926ce2f31a6a211e28ab6b281137742fde91a178 |
| SHA256 | b24c789941b44330822cf883af9131da2162dc9e46ec4e660cd95ac6b8f454b4 |
| SHA512 | c1d921fa41477a3c30a1f5116de5daeeb14a956c00be05f07257363ae17a8582c62a02bca701600c0a41c1920ccc95be525776245d49b1bae190dfa624e6d3d0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9e7b3fd965e248657bc3c51804f375c6 |
| SHA1 | cdf7beb9881716eccd690d6a2e26214b9c080152 |
| SHA256 | 09dd4654da4d1487ce0114d14445b0eb0ae5865f43b1cc3ecc391ba56e1bcdcb |
| SHA512 | 3cc1c21a88ddedb6bcc0774d68e6f5813db29aa646b48681edd6e330fa07aff758a64b83ec1310e1b53de02f74cebacdf4b1fc1b387769ef9dcfc36ffb9cebce |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6cb6cdbe99ede7a289cd0e64c1cbce41 |
| SHA1 | 0af36ed0172832b03b02a504908ae0d2de1c2c90 |
| SHA256 | 5eb66cb607ecd24d2f7e0e6e774ee84da0c54a8135a15d547d61c1d5b33aa628 |
| SHA512 | 697ea2b608d6ef9e81b2233338952c1b0cfcada8e688d01f646062bcf3554096f5c067bcfd6db513d0a9ad0ea2241da0216a79b38e5345248beef512426967ce |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f07b090ee18c147221143d366a89081e |
| SHA1 | 1c2309763032bc6e418645d37f9e7756b55858c9 |
| SHA256 | 41212d2a1fb7c72c32170c058b370267159bc02a25d7f890027c896bb9d56105 |
| SHA512 | 3a2b69a0658da3b64e6eab253f2da394082b38d2361a736761d3309ebc02591b98c2c9cc252f36183ccb9104b6c047b6a43b5c184aacb6655ef0e18b86670d43 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\3604799710-postmessagerelay[1].js
| MD5 | 40aaadf2a7451d276b940cddefb2d0ed |
| SHA1 | b2fc8129a4f5e5a0c8cb631218f40a4230444d9e |
| SHA256 | 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2 |
| SHA512 | 6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAB58HZ\rpc_shindig_random[1].js
| MD5 | 6a90a8e611705b6e5953757cc549ce8c |
| SHA1 | 3e7416db7afe4cfdf3980daba308df560b4bede6 |
| SHA256 | 51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679 |
| SHA512 | 583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2ab620be1eb8b046ccf21b4309f4ed4f |
| SHA1 | e38a3a56555798f063157845dd5e60cdc1e21913 |
| SHA256 | 5d3cffba58a8f5d12745454be425c5a1d70df9ff46bcca398a34cb0d786c05e7 |
| SHA512 | e95a03292a05a4d1e4f0f08477a2266d5e909c04dce19099df52503aa65add9481904149fb77b1b22cdf51dff5f136e5c2446bc88044a496693e3ca3b3ff3367 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 73e83c09b92b498242ff05bae7201acd |
| SHA1 | 175d99f41631328525131762a64b9fe9fa15561e |
| SHA256 | 3edbba072351e0ee81b0d4a3c2b1f94a9cc7f4c91615551e5cd7d68d83fdd1fb |
| SHA512 | bbc381e10a528b023bf74576bd5b6d90de312ef43fa389aabb4f20a5f848518bcfe7cbc66bc1bcc78630e897d5baffea3ba73836061cba175d0fb5b912bca8cf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 72f1d47263f2f4f61da1c83998c40f0a |
| SHA1 | 02554a4cffa597aa2ab7cd59fddf23b150c25fe5 |
| SHA256 | 9138a216d45ee939c7cffba61b04d1031ac5b5433b7a37a0ea404291d24818c8 |
| SHA512 | 11847ab380a3cd511e3843124c0cb296286e46a12d68b3f3c4b5e2847a47afbd2cca21791e4f829899f678defa47f45a7d2b40e1195366ee2da22a754b59d5ca |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 678de14da98cd021bf6d503ffbe87343 |
| SHA1 | e5ed184a1844c272b397ae60613c9aeb68dd7607 |
| SHA256 | 5f10f1275ccde6b9064daac01d9416a9a768867b8fd7869d686798e7aaeaf95a |
| SHA512 | 2d8e56af7bd6f5de77a301832cf137cb96a615129a8e37e6544db7c456578dff7a0978445eda3dba56c1186fca9f11bb7e9c3e5256ef29bc54f62d8dd8a7a71e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2768e7dfe709106c3a8ec6119501d44f |
| SHA1 | 0eca134f448da7bfefa0f86e5596bbf507f1e9d6 |
| SHA256 | 68e82b268a956964a26c1fcedeeb6f577afb39f8c8a06f52371ddf9fb60a8e48 |
| SHA512 | 19b395cdeed9451d22f1dede54b4ff1ccef6d538fa53f6d9355e881df73a1847cfb819c658a838741d90fbece8affe965471600c06836c623f9fca149e91c422 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 09c10b05da05fcf7ed46468e4205c39c |
| SHA1 | 3a3be4ca01ff44bbca925071dfd44c8c2e00928a |
| SHA256 | d9bbf6dc840052ba0204e92340fb50e855e5fab06b54abbe05eae43b2b0e447b |
| SHA512 | 8038c72c82cfdb05c049c12833e4dfcf17e0de75da7d3de3fc310e8844f650f32e357305d7934afdb0253aefba9765d61d0802e3a7e0e1a0d9e5ffe19a852eab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7cc68ab216988ea04af0527f5c762ed2 |
| SHA1 | 3c5ed44c38ffe37dccb94a48d7514f32a35b1ce5 |
| SHA256 | 3163a0096044d353c8367995ddda8dac1e1e3adb48da0fb8d8e64f3a4afb7693 |
| SHA512 | fd406569f9ed5208cfb34671e1b948fd118eb94282c189fb19395308e28f4e87bf7414fbbddd431e8c898b31862c4b23a3e36688ecdc6f90364a498da9c3524a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d4e3b97b855f36c464e20c294f1c1631 |
| SHA1 | 32eb61fe033be7d507dfc04ae6d11516b354cefc |
| SHA256 | 3579f7ace043f8a169eb69827656470fda5c3f82fc4cf6f5d47401d475c4f032 |
| SHA512 | 9ae62d9378724ec9576f0ccbfe27e09b30beb081663e550262fd8ba4e19da9203d471caf6d82bfdbb7865de20732c30e1a9273618ef8559709dd1b63718ae6cd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bd17544fc46e9198085ce5b02195279d |
| SHA1 | c00f1f91510ccc5ec1c56e36f0ae37812779174a |
| SHA256 | 4339243fcde7fcbfead1acd443893b22ac88fb757051293762dbb572b67a51d6 |
| SHA512 | d2ace3088318bd932072b59a3c937ff05e372dcef44ba603b268bdf5cbe642f1e3da9a3a5b578f5a5ccbdbc0e88a67969a22ba753b86328133fe04b1d6df1ee0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | a65c9f20ab90562677c6d3ce6ed119a0 |
| SHA1 | ed53f2876fb3af9b190ecea0572493e4d9f38c05 |
| SHA256 | 4fb820241474d65d902d1902815ba790e9c3d4efba1d41faaf6ef539bff9de27 |
| SHA512 | 0da09b54ff0f56861f5210b10945f4bba4d3fedf178ebc63da24944ed21c10d5e727246d916efcb54731afad37f2ae7910db96a160d5dfac71f8a609f27f2fcc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f9d470c412b1ab71f3d34ddc436f5839 |
| SHA1 | 2c43f1b3d7c3be74ae3911b613445f2ec2046047 |
| SHA256 | cd1e9bb5481f39d0287a9f11d048c3a2c1abdca109594f188148788108a28ce3 |
| SHA512 | 29a04bf11f94aa767bae348d8a1ccf73b9226a6c3286c36d7de65c7dc826695760658bd4ca3978dba27fb1d13782b505f7e9fbc06a9d23876f945fba5308f4d1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0c20874e9bf2332307616f7f175ea782 |
| SHA1 | c34250ce270ab4a8debdd51d173887bdead88cae |
| SHA256 | 75d63ff2ba73846d00c7eeaedd001263596475a5fcc6f7a1432e1fb4e4d1c0fb |
| SHA512 | 1f6a0db573b8fb59ede7f83eaf6d2196d5ff5b6a002c67afd9185d058275bac4f34248bdba47b941c0f4a20819d449551f829d1d61b6f41b7a06d592f81974d3 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 21:58
Reported
2024-06-13 22:01
Platform
win10v2004-20240611-en
Max time kernel
148s
Max time network
151s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a6c509b7f8749cfa8fe0c81d902e9fc9_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa70eb46f8,0x7ffa70eb4708,0x7ffa70eb4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5812 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5812 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,14262238579786464896,16368385651083641144,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5128 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | womensgymnasticsfirsts.info | udp |
| US | 8.8.8.8:53 | platform.linkedin.com | udp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 152.199.22.144:80 | platform.linkedin.com | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 8.8.8.8:53 | ww12.womensgymnasticsfirsts.info | udp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.22.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.249.91.64.in-addr.arpa | udp |
| US | 75.2.81.221:80 | ww12.womensgymnasticsfirsts.info | tcp |
| US | 8.8.8.8:53 | s.gravatar.com | udp |
| US | 192.0.73.2:80 | s.gravatar.com | tcp |
| US | 192.0.73.2:443 | s.gravatar.com | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 221.81.2.75.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.73.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| GB | 142.250.200.14:80 | apis.google.com | tcp |
| US | 8.8.8.8:53 | stats.wordpress.com | udp |
| US | 192.0.78.26:80 | stats.wordpress.com | tcp |
| US | 192.0.78.26:443 | stats.wordpress.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 8.8.8.8:53 | 26.78.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.15.31.184.in-addr.arpa | udp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| PL | 93.184.220.66:80 | platform.twitter.com | tcp |
| PL | 93.184.220.66:80 | platform.twitter.com | tcp |
| PL | 93.184.220.66:80 | platform.twitter.com | tcp |
| PL | 93.184.220.66:80 | platform.twitter.com | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 104.244.42.136:443 | syndication.twitter.com | tcp |
| US | 104.244.42.136:443 | syndication.twitter.com | tcp |
| US | 104.244.42.136:443 | syndication.twitter.com | tcp |
| US | 104.244.42.136:443 | syndication.twitter.com | tcp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| US | 8.8.8.8:53 | 98.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.220.184.93.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 192.0.76.3:445 | pixel.wp.com | tcp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| GB | 216.58.213.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 136.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | developers.google.com | udp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 64.91.249.20:80 | womensgymnasticsfirsts.info | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3a09f853479af373691d131247040276 |
| SHA1 | 1b6f098e04da87e9cf2d3284943ec2144f36ac04 |
| SHA256 | a358de2c0eba30c70a56022c44a3775aa99ffa819cd7f42f7c45ac358b5e739f |
| SHA512 | 341cf0f363621ee02525cd398ae0d462319c6a80e05fd25d9aca44234c42a3071b51991d4cf102ac9d89561a1567cbe76dfeaad786a304bec33821ca77080016 |
\??\pipe\LOCAL\crashpad_2876_PLFKMFJNOXZXFYHV
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | db9081c34e133c32d02f593df88f047a |
| SHA1 | a0da007c14fd0591091924edc44bee90456700c6 |
| SHA256 | c9cd202ebb55fe8dd3e5563948bab458e947d7ba33bc0f38c6b37ce5d0bd7c3e |
| SHA512 | 12f9809958b024571891fae646208a76f3823ae333716a5cec303e15c38281db042b7acf95bc6523b6328ac9c8644794d39a0e03d9db196f156a6ee1fb4f2744 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\39fb527d-35ad-413c-9e8e-011a7d960158.tmp
| MD5 | 6ea99a67c9620330abf930442f9deea9 |
| SHA1 | f47d5f0dcab0bc0e1de1d6a74ffe9ebf1ec94430 |
| SHA256 | 544b96612cc659c2e93b771c0d9ad62a4b0b139cffbec02cd5120391d7aaf50b |
| SHA512 | 70512f798a1742ec6d403be2fae73200d37c7fed4670f9b9e8b9f922bb6a76258777df80c9794c2582742d4442fcc3acfc31cb3fdaea5b7f44b67ce346f8edd5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 13416db12cbd5d086c23bafe2e00774c |
| SHA1 | 9f4ce1379eaae342d4de0d80a24b92aa26f26923 |
| SHA256 | 0d1f58af0d4cfdc3dfc33970278c1f46cd6afe6e697460866ad0644f4befe7ac |
| SHA512 | 753196961ee4e4ddc4cae5e8e3d7b23f9e6eaf2c3914a0caf3f100ff44bb6ff129df7c3834ef33490eb9049aed20385a5ccfb6c2762944b323e42e417b19585c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6e67c345244847ab958068d43b2046d5 |
| SHA1 | fb65a756cddadf319fb93d3219d822f775d33ffa |
| SHA256 | e1b648ef768bf6cb681c2c8f3a39fbf8af09395c840397b63e73d8bf638630c0 |
| SHA512 | 6e0cc4decd45b4550536dc2c452bb959ba5b23c5d5a44854ef61b9f8a2ff2e68060b7273c947df8fa9d20922d8d5253cb39410291e07e7ab7a07da97df9a4ad8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 3d5a5b766329682283bd80b1cc8b9ad0 |
| SHA1 | c6cc213e6aeab3b3cdb8cd1637f282f05cce284e |
| SHA256 | c5de9edf9efcea0b23d041681036adf157af670304281d900e3c24c74737daec |
| SHA512 | dc37de93fce3578aa05bd37c874d770209f98c4de9242776a03d71f89117d8b6d1d9d0b203d197a6717b5c37a3de820007449cee04c24af1ce6602fdf7f2398f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 134ffccd11aa3917df8644169360d8c0 |
| SHA1 | 08d5978d18c786518e3631b6088f42f5911f7cad |
| SHA256 | d8b40d93a13aca94abe094947a82d25bd5e8bf17c23a6e67c69734cca7d71f23 |
| SHA512 | f82e8c08cc2bcbda40cb71deaccdf5b61c87bcfe9ea2ed2553d91baf2ec586aa9799fd3db1153cbad0469f7f32e4b912a00b98c50a59ae48ea5e8a6b87adba1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d4b641a2d6d48c68da9802f6e56678d5 |
| SHA1 | aa34afc602c079f32a2f9d28c1bfc6d25cfb0d6b |
| SHA256 | 5875a0e0471e56ff719bdb8633a51744c19b5ccc0013492edf32aee8ef3499b8 |
| SHA512 | d80721759911524a42a8201be73cf7efeb66b8b385eee51aad8aceeed0628fa83c25ebaf17e28c74bcd87e7c1cfcefff15b6762f5ec24adbfdcdf5f236eb89ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58555e.TMP
| MD5 | a0a8620945141140c14d01f7af20e4ce |
| SHA1 | 8b590d01d6f346416781ae427c07c2360cb7c37e |
| SHA256 | a7833495b49e05aa2a9d773abf3f2923018769aac69e0d7012795d1f8c8df2e6 |
| SHA512 | 6926c20b98beb6f01c54fe375404fb3f388d83e914d6228ca6b16fd6016ad43748c27434378ca0cac52fc4cae1c910db1c7213a28fd9cec6d9f5f8ddbedfdf81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | adce2f2fe2db351f58565218635c1c10 |
| SHA1 | 5da41d4a30b9bdf8f597f0db546370d24756ef20 |
| SHA256 | 46f4d41f02e0461d399ab1b922391ad8a31e5fd1a6903991559d5ec487baa7e8 |
| SHA512 | 971a672efe3b098dabb178c3ce576bd749835d959e546a083d5f11b422eaffdcb27499716154d6ac9abc1e514a26c0cbada097f600d93803ede4339a96360659 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4ab3225a36c320dd2157959ba200f290 |
| SHA1 | 2c424e6830da0b0b0acd072ba125c40dbaa0c646 |
| SHA256 | f4cfbb8ca7554621b0b996f3064fea66aa2a4121a5b8fd3fc4a1182a2d0d12bb |
| SHA512 | 6882dfd310c653cd207954f9cb8e3f9ee170aa84f8068820f6c90124ba0dea04941e6e4765b6d4e1eb2c9b1d1195f072a1cf15c357593aa7930bc15259b062ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | e1c71f7c04be834f5587230db2ad24b3 |
| SHA1 | f3bab9cb99d9f343bf7ed3981aaa7450515d2424 |
| SHA256 | 9fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899 |
| SHA512 | 205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3c3a5909c3175eff1b279297fb11671c |
| SHA1 | 8e60da8ab1d870f3db5a850de3e21de1376ec546 |
| SHA256 | 74e20f375ba87d5f94b75ca54b7341b5aaa34ae68dd339d5385c745c765c0ba2 |
| SHA512 | f72c21051fc9948e3650a81f6ba296236779b3383d64c6ba0f29609adf646b78d858f1870ad9ca987fd0bba0154b2fe5e4bd9fb12656a7d13d707377a5b0e90b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 873a47763a3709f1082d7c34c28ada26 |
| SHA1 | 0027a34dc0475ddabb5b67037aab72ef28668556 |
| SHA256 | b608c525533bc44444e1bc2360436a304db51a6bfa8e67f47407dffb6ffa52b4 |
| SHA512 | a65089618847ae467198a56f3ed97b02e44df3996a30a30589f29ef74fd409798adb0e2defc291e63e7636cb810189e62cde40a26308d74ffca13e59428a3750 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fcb224b4dec978c4c3885b38fa3a59cf |
| SHA1 | 7a9030798c9f7dd52503f747359d23c6a8d91f69 |
| SHA256 | c9e1e9353b11bc0eebfab30fb9d4c6de40b1e3606531418f81f8f535e1787566 |
| SHA512 | b2e7ea9c3eab57ffa6204a7ccccee1bef8706575401e530dbfb0553502e88ceb342dd9a6718651d6f52533442e9ca1c9283b598aa58c639e104361c84208f169 |