Malware Analysis Report

2025-01-18 02:24

Sample ID 240613-bl5e8syejb
Target a3519e0480d2847dcd75f838a2eb591f_JaffaCakes118
SHA256 d44af9b48f81c4bdd072b8c31d062511bf046f25abfd75a7e0eb6de4e1a6e8fe
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

d44af9b48f81c4bdd072b8c31d062511bf046f25abfd75a7e0eb6de4e1a6e8fe

Threat Level: No (potentially) malicious behavior was detected

The file a3519e0480d2847dcd75f838a2eb591f_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 01:14

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 01:14

Reported

2024-06-13 01:17

Platform

win7-20231129-en

Max time kernel

144s

Max time network

148s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3519e0480d2847dcd75f838a2eb591f_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004db0c947560db0458e2eca046d7f5b570000000002000000000010660000000100002000000077c70ffec17d629e634e6a9dc22b991fc81ea2cf3f167c908583606244d154f7000000000e80000000020000200000006f83e89a7e9e1cca130800a7f55c7ec5b14e63ebd05ce2fc22cbcd4b48701ae92000000038cade52d7f75e72ff473ce3f10b7203f6896454a0b36adb9f91e0386aec057840000000b8c49665562e44e8c3e9aba3e8907b324f64c684707c398cf2986a67d069f613b0a60594cb297002c32ba901fac339613f217c8f9da6823cdd57a8725d5e8ce9 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004db0c947560db0458e2eca046d7f5b57000000000200000000001066000000010000200000000d7eba95f6ea9c128576b0a622025be63bf694af0582de68c865c4f68795a096000000000e800000000200002000000048cc03a026a6317767f9df3974c5a3f44d21831dc6096b22134c4bed7297cc2490000000d3579b2fe873cbb008c3bd5e31763696d0bb42c15bd02c8066fa0344192968eff809cbca936604155f866e98d18306be0753b8e8fabdcdb7971c62df086e9185282b647c3981fc62cd98877ecccff86cf1145e330811cbe2e752529fad582125890c2baa13f523abdf4fa9701c17f9c852b68b610c73a63dac0d0f6c8ecb2d84ddcc48843342d7135c49f4601b333af9400000001578ccb6f1ca35cef1cc2e71726878b22d02a2f7fc24158410c111f87ca5aa12decc9164ab3438b6cff1dfd1217c6b6f03efec9962159596f1af41bc704f1ae9 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{588FBA81-2922-11EF-910D-CE7E212FECBD} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424403164" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60d377312fbdda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3519e0480d2847dcd75f838a2eb591f_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 s.gravatar.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 s0.wp.com udp
US 8.8.8.8:53 ads.voipnewswire.net udp
GB 216.58.204.74:80 fonts.googleapis.com tcp
GB 216.58.204.74:80 fonts.googleapis.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 192.0.73.2:80 s.gravatar.com tcp
US 192.0.73.2:80 s.gravatar.com tcp
US 192.0.77.32:443 s0.wp.com tcp
US 192.0.77.32:443 s0.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.76.3:443 stats.wp.com tcp
US 192.0.73.2:443 s.gravatar.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 8.8.8.8:53 static.hotjar.com udp
US 18.245.175.46:443 static.hotjar.com tcp
US 18.245.175.46:443 static.hotjar.com tcp
US 18.245.175.46:443 static.hotjar.com tcp
US 18.245.175.46:443 static.hotjar.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 18.245.175.46:443 static.hotjar.com tcp
US 18.245.175.46:443 static.hotjar.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 18.245.175.46:443 static.hotjar.com tcp
US 18.245.175.46:443 static.hotjar.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
US 67.20.112.14:80 digifarsi.com tcp
BE 88.221.83.187:80 www.bing.com tcp
BE 88.221.83.187:80 www.bing.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\Cab1758.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar175D.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 7918d04bb81a0523c2d8e64f2cfc4d9b
SHA1 9bbfe9de79b56ac3115654c134242421f9ac0965
SHA256 2301994da68954ba1b36faed2288117ef8902bae5aed2beba9827c06c2264dbf
SHA512 5933404287fa94501290d94784d9fa2ea892ef359f45d1587bbbfb81d8a607279990c7f7b3a0afda4eed8cf47cebd0ee742343cb8e073d9f756cadbaea2fcea8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9ad0316b17ff995c884a5544121d5605
SHA1 24857d37d3246d287bbd4745cdb81489e51f592e
SHA256 9c31d31a9bc4fa18d5863bda65d5d88be7ef26402ec3c8964ed1bb1b05c2de99
SHA512 d6d3ac027ad3f62cbdabebdf49b6c62d98920ae19f00fee04192d0e9b2306c9839422394f84d37bfe11868b9fb824131c92ad443423ae7596671aa4bd44172a0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 1321b9758d5b80426571a3a0a2ada783
SHA1 e0834af746c060440fd32959e1e4cfa94967565f
SHA256 a671f939a84496b3f638c8776e3d82c6841e4d3357a06b648577288090f28526
SHA512 27886f6d12a8bebef5bff25ac408972888b9631246572ea1f027617e0ea428e9b655bc3080f87c3eae2887cd494edd52a28174802db0ca703d822ae5db7047ef

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 991a32532fc4d5e4eae1b4aa415f6c78
SHA1 6440e3dc8a02ed76310234384757df419f914f91
SHA256 b138faca1a5b106e21cbc4929274690b65d3223f45977e21de5bb093d06d1491
SHA512 bc6c19145f35fc12cafe8ca0a1e01960c2390ad0d485ce88cc1068293368fb6bab070e5106be62a5af78adfe112225a0028416e3e6a1dd43493a52c88140adbf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9bcdf922444e091e8bc1201dd57fcc9e
SHA1 667a3e80af8056b90286b1989d73d0c192d8fa5c
SHA256 071bc7c854d5fccf9a73fcb26bdf6df7226c281a414e36ee9cb33ecac0c17547
SHA512 2cc3679dfa0874849b8e5534173ce400e4a6893fd9dbdc8f5bab259ea9d3aff9ba653760083e5cea42a2255bfdf540b94af5ecb494bbc5bb44b56731123e00e9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1b1f079da78f42032899355086715ff5
SHA1 b01968cb7961dc9ce05a6eb6181bcc6b321615b5
SHA256 9c82e48ff41967bd53d322826135e83ca87a6ce1e5fc31ea44309721d6277f6e
SHA512 7c11e943c4b48d4c3bde527178a3f1b6b248d145cb6d2210ef1872b99bd09003c6017ee45bb974dd2ee3326d31a72ab9e628daadecde89009c7963ec65b672af

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 17b08d767727334f7c3d7dc96b94b279
SHA1 3a993eecb92a299d8822633a1c2f3743c2816ea7
SHA256 f13b66dd7ea7b6886e20a381721b74d8e992613b409f3adbadd123e20394146f
SHA512 f81778944c9cc3ede5390d46b3cca8b48a29aa56c3ce982ce0e67ffed763057c607bbf754cab455cf4cab2411cf8b25531a2f641d6ceba0d64e737ea03acaac6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

MD5 057e1799d5aa22f0f76e435c6e2819dd
SHA1 fc686cea358cff1dcb48a5b6aa8902678f9cd1ed
SHA256 0d085ab90717c985767e5e94dd075c9857cdc1a7480fa1cafc7e57359205e3e3
SHA512 96b77574740575f289a6c26e80742b19dc5a6e420d459e06183097dbbee9762b48d8ff8c7396b958b102b0a08cf8c826b5123db028d72df3db6ed14cc7d9a3ef

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

MD5 2c7ecdbbb063ea5981f2aabe7fcf9ac2
SHA1 5c92e25fa96ac7eb2d432563ce62be6a11dbd232
SHA256 a6420b0e8db153c246988af7382bb94364fe491631d88ca68f800e83750489c4
SHA512 8d7258ae557ce5f5fb98fa4da2f55036df3ebe308392f656a1bc21cf09f0d335ada0b44503fb523b16e8067bc7803f7e20e5e05bdfcc9b4ef970e763975b8c93

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

MD5 5fbbd11da1447361d95430e07018c9c3
SHA1 23934454aa9c6076fe25696a8223c63ff258f496
SHA256 9018fa7df4d8c5ac5f77c69f1a33e696bbc91e2d44a64d3b81274c510242b2ff
SHA512 c3d1b0ed8493b07dbb496c8369c34011c9cd46c8020f9a693aa807baa5e375a09c0d633f14f05212d2e6ac7c4802e69bc13c186eb95086e0220a26a5523f4b7f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 74b66ef0a33c6f58ca40eeefafc20a1d
SHA1 9c03dbb5f512e8f58f6fade6c66db1c77b5a8f3a
SHA256 0cf577185c8c637cb8b0cafe616ededf78b00bebf93ca5c040359b3ba0570fd7
SHA512 185dc78dbf95c8da4317887d33807767972f0dcd76dfe02bf1b72c133d1486ea721ecd4e3f9b752d0667d53465dd2eaa3ddcd6677020e5c43710376560a29fed

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cc55dd557d08950676a0fe26270fcbaf
SHA1 6c9377cf520bd3a020f1e225129c5ee4b4ab81ad
SHA256 0282563ff50334d46467f28fe13837eb896e3dae04577848a0fb540dd802b5e2
SHA512 9cbc13c68f0227109e1adc039e4d96ea9a6bbf65c67e965e2e77c1ae43944fc1e661bcf8cc7be09fdbfb2e408e01fcead6d84528fd4ffab9349617d72b34b584

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8fbbef2cb4a953d4897ae558e6af6ed9
SHA1 6b5ed6ef483212673a72febecb27f816e0892c0c
SHA256 9ad1ffde16bb88ce79c75a5209016ce0f7aeb3bb044abb2f7544f57e62375d8e
SHA512 689875cf483814ffe71b3e970ab42af3b81cad45374269a26986b1dbac404c753fd905ed9b784450b0cccc64a9ee116af691532864502abde78cc9759ece934f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c600c86d79c0e9e94fc9c978c0073ab6
SHA1 4b71a8bffa6ef591cc1364cbd51216fa8e478d0b
SHA256 07595ebb70c289aaa2f4d4a711978c340054debf6f8605739212d02532e73f95
SHA512 cef3e7cfb811853df2f6d6bd9e074f1f8103d91abd1aa431115c7814d51eb7773157c669d14a9539858964011adc09023d5299f69611482ec3f824585e5a1426

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f633f487c5426233b51b10b59ea167f0
SHA1 6233db65f9d09fa43c176fd01691833f617a0a18
SHA256 996489758ab8bc48a823c880789128434a740770eeb0fdb6334a4890b63c9b91
SHA512 aa11e7ba1cb5b5898063f1ff9e6b6d718a4d0f8410eba74125df1ee3bf413fcb1d1e517f1c5cb0687a71ebbbe8bb8caa164a9fd540e667df53d6cc564aa11a85

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e33f9518ceea97ee4d3a939119a06a11
SHA1 480f7b8d8ec61cae8c4b6497e5ad3e92adb16f11
SHA256 b026aba28b1813b667ccb4631f335f9ca1ae20079b9802634a9650d63a26335b
SHA512 0b1e109fbfbf64b9a5ff7fb797eb1a7ccf0ff26584d3fedbf1085c45d923728b86155ff825d52c234b44943aa6fd2f5a41efa8a3b5e7399507bedd3ae7a273f1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5fa72dd1cd8d68aebe20fe6da41c46a3
SHA1 9cf2c6ce42ec92c18f35c9194e2ab0daa02754a7
SHA256 dd18776a548f8e783cfc49db9eb751056b400f91b2b95f8e7748668ff4231c7e
SHA512 2a1379ee5ab83f1eaa6e7247f1c661948c0f866172e2d2d0182a30ee206750f56be61ad48aae81cdfbf0f7b696eb389a4bc7c5dc714833689e007a3760038734

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 7340c4865a42f859d719723ce135c90d
SHA1 98d21904563232ad2e6135d3280bf6b0452cf3fe
SHA256 16f455f477ae2046f2ad11465cfe1821c902f0b1feb682e0f318794981e032e0
SHA512 a95a0129328282f91f42214819542bb3d380690e2d9a9ec74be40eb5fadac063ba0b43982193009d44bab339c90a3d91cff2e5f34e72060a151429b8188564eb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4394fa98f4927f86a7ae00f2a9dc84af
SHA1 ec2f6c1ad14b78f68512a0377fcdc42e59c0f833
SHA256 e2473a910e9210a6365c1026c427f6724b3f1ead1e258cc9e5e40b9db2737457
SHA512 a654e55411a94d3bb7038db0ef2d0d84700068c5b8f14533f0f345bdaa4496b5a671a2f48b286eaf0a4e6ce6990b046b58ad43d170d14830cb3c0143666d5434

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8f3031f26f562e36af1b17a17b61823a
SHA1 7e61ff8f7ebda57329a89324ef424a513672deef
SHA256 a726b86959084050d1b47c24b405769333eac410b0dc446412016eb6cffd72a3
SHA512 5b4e9556dabb386390e8088f53f4c9a7def8be327713248af0ddccb904bf3de442a75ff3a6828373e316cebe7b203b69dc16f8598f92e628192daa297407a8fd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 58a7b376108199dea39e023ba6575e6f
SHA1 488767c55e1d66c7b2852466bdc304b75fdb40a6
SHA256 1ca9959b045174285eaf979c01871e736821d4f18cb2655994820c114bab429f
SHA512 372ae98de5e32452537e88517c067e550e7979b12747864e24a1b7a00f0e0f2d96870248d342ea6ed4b42b3c18fa8fc1fb9fffaeb22f1a392da7b4742e4af66b

C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

MD5 da597791be3b6e732f0bc8b20e38ee62
SHA1 1125c45d285c360542027d7554a5c442288974de
SHA256 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
SHA512 d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 127a32e54afaaedf4eb84eef61a89032
SHA1 e95fd4001ef028c9b5d8c68a4c6de0b7c62fcb5a
SHA256 9bc26d9665218c1e0613c3c7df0d8eabdb5a8fd3398cdbe05aa6688ec98af7fa
SHA512 65b634bf3221339b9d98e2a565127ce2df38be766f3e6a1962207ff4297e5afef70b71e07c07635567c77a90f05b8abd12a25d9515796d7a6feae426b0ca749b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3cb5f338aa6cfdf0daddc40e763bda98
SHA1 4168767c3ba79bcc01b0ba0747f09e02c769233f
SHA256 d337cf80cdd47f92b2b259ad06ace3c98fc72c9063b9980a27f2d4a26e792402
SHA512 ef748c7aa7bb59faa3870f1b4fbb044a479fce299acc4e0a5a3dc431cc57279320d4cf8b0c1fda8dfec13c589195e899666743d2efa64e21b02219415dc18148

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3e5e561a4f21b8045967939e2f538be4
SHA1 10657461692233030c481ef7aa94a5287374a7f3
SHA256 eb2fecdeb9f9dda851ae420a64b423073b13035c5ac78ee90faaec11ad06013b
SHA512 8d8572babefc787577487be60a87dcf4485d142e3917d95ae480478af066d314b20984bcf34963bfd8ec3647eeb50dc296e32aa58105e11ac5e04bfaf8c8bfe7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 07c1aa980025ed58c221e51f5088de1d
SHA1 a933229958952795907f687b09fd9eb88e9ca5c5
SHA256 b7d407158fcc9a00c278f8fdb50d4d5dff95dd7d2b2ff01b32d0f4f37fabc4b3
SHA512 245e61a1e765b771f6b7f138bd8a8509b9d83bb6ac2a6c6698bdbcde5b91e31e3811e40107fa93fafc226981f25ac5c957ead79191b0f5fb55136b2171653a56

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d52f110a95567a526a90b360dac3809b
SHA1 b4fc43e478dbb7eff8f7b342f90331b827538b0e
SHA256 98dc2fb944fec011bd66829a8baca9a2e70859313a160c78053497d6b6c6fdbc
SHA512 8aaca00d8315822e6457e6a7601b0fd16650829842539a36e7620f8a3c44b0323c9be2da537c5c41862eec5819f3fd672ce094b8dc73c1bd7ef33f0bb1d04fee

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9e06b38895367ea2d2b97eaffbadafa7
SHA1 3a8d32a434a002e96e73f186043808216d8d44b3
SHA256 dab7449e895d92df15605c2d2f9796ba34934441060f73021f86304584ba81da
SHA512 579d93d8219c398a3f50c1652a09d5ff035ea191d5ffed0af74a33a5cec1fb4715703d967ec057e5b7e196589d84316b9edd2ef651e2e5ba05d1fdbbb1cb4c39

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7dd4bc42182ea6422282152816bee784
SHA1 d4f114e74132f5a5325064c07306c46550996bd9
SHA256 59de12044a77803f250c4661c7d9d7dfdffbfb5e5f3ee8d2648382bba989f097
SHA512 c682c1fd4dd834d23a998273c35e5d1996612a37e886cf1d6e7d470cd8c57b513b335d3cb4d2eb999387ddabe1129e6de303069d20066f5c7380bd792b1f1b8e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f0ed434b5c3cf58ee791d57234ee6711
SHA1 55a91d28f4cce5ec65ddab1bd996f4772fcca717
SHA256 e9b4fc6aca564428eb712dae248b39d7eab2f472b53c26c87be5208cb99a2a65
SHA512 3e38eefc7be064baa19ee4ac83595a0d2519a834bf6c9f79ae0da91d94d4f985253a3ddb80a80d29595a4e808b47192b395aea2ff7a18d669d315252c881944a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6426240529e9469007b07c600d256138
SHA1 e4a106354425004ac4613b012420fa906a135912
SHA256 d7ca51ae68522068d9def252d50b8010b82738b3d3dade1477d53285b246cf30
SHA512 5b90411da6c0ca2ec8e2cdc5e9a7425309edf501b27dab068c178dff607308ae33276cd1b92546d24283fabaebdcda4bed090114d86e70aeb3fb4af1b56aed0a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8aa836be0ce6ea72cff04e3c88c64331
SHA1 25ecf0935e8e425e78dd137fa32b0909e5fc2e54
SHA256 76ae41d3830f50efdd643d79f40a588cd6dc2962e8af5183674c06e15dc9218c
SHA512 bae8a4d5e2ecb1244d0c7bdb60c17f0aa4f0629898e74e7666ad39dbfca90121fe69f27321131bf0e32ded0480919548b092a89f1cc6c729532c19831bf651e4

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 01:14

Reported

2024-06-13 01:17

Platform

win10v2004-20240508-en

Max time kernel

139s

Max time network

149s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a3519e0480d2847dcd75f838a2eb591f_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a3519e0480d2847dcd75f838a2eb591f_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4152,i,13035806169561352434,1332896185314862791,262144 --variations-seed-version --mojo-platform-channel-handle=4928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=5020,i,13035806169561352434,1332896185314862791,262144 --variations-seed-version --mojo-platform-channel-handle=1308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=3832,i,13035806169561352434,1332896185314862791,262144 --variations-seed-version --mojo-platform-channel-handle=5276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5408,i,13035806169561352434,1332896185314862791,262144 --variations-seed-version --mojo-platform-channel-handle=5448 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5420,i,13035806169561352434,1332896185314862791,262144 --variations-seed-version --mojo-platform-channel-handle=5500 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5836,i,13035806169561352434,1332896185314862791,262144 --variations-seed-version --mojo-platform-channel-handle=5612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5748,i,13035806169561352434,1332896185314862791,262144 --variations-seed-version --mojo-platform-channel-handle=6196 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4864,i,13035806169561352434,1332896185314862791,262144 --variations-seed-version --mojo-platform-channel-handle=5996 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 s0.wp.com udp
US 8.8.8.8:53 s0.wp.com udp
US 8.8.8.8:53 s.gravatar.com udp
US 8.8.8.8:53 s.gravatar.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 ads.voipnewswire.net udp
US 8.8.8.8:53 ads.voipnewswire.net udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 s0.wp.com udp
US 8.8.8.8:53 s0.wp.com udp
US 8.8.8.8:53 s.gravatar.com udp
US 8.8.8.8:53 s.gravatar.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 ads.voipnewswire.net udp
US 8.8.8.8:53 ads.voipnewswire.net udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 edge-http.microsoft.com udp
US 8.8.8.8:53 edge-http.microsoft.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 s0.wp.com udp
US 8.8.8.8:53 s0.wp.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 ads.voipnewswire.net udp
US 8.8.8.8:53 ads.voipnewswire.net udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 edge-http.microsoft.com udp
US 8.8.8.8:53 edge-http.microsoft.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 s0.wp.com udp
US 8.8.8.8:53 s0.wp.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 ads.voipnewswire.net udp
US 8.8.8.8:53 ads.voipnewswire.net udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp
US 8.8.8.8:53 digifarsi.com udp

Files

N/A