Analysis Overview
SHA256
e910f4eae57965d9e358ed24f29dfc00f9822380ba2b8e709dc83ec3e4f2902a
Threat Level: No (potentially) malicious behavior was detected
The file a354a0177e5aec44c48b3d40a6752892_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 01:18
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 01:18
Reported
2024-06-13 01:21
Platform
win7-20240221-en
Max time kernel
118s
Max time network
129s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DBB91731-2922-11EF-93E2-EEF45767FDFF} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 10f2e0b22fbdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000eec57062012b814fbe2917b08b6053e200000000020000000000106600000001000020000000a79e33d10733730a99011162782ee7e9eba8269e7624f3e1c4142635ddeaf85c000000000e80000000020000200000008b04a4004d1088c07ee3e3214a25c7ca52d9f7a96c8cbfa6fe95292372a564702000000020b1db31ae0548d605ed18ec0182b3906377df298c697a1346bf5f3f1329546140000000a7e6851c340e7d8d5a3a2e7955b6f9a0903df79b3b4fa0defb8585d5a02aa935d76997a466090188a6262532a49ec5fda78ea8e5e09c00807cd891109260e0b1 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000eec57062012b814fbe2917b08b6053e200000000020000000000106600000001000020000000b7daaa22a045f928bdbbe7b16b97480e533290f1d8e6101ee6fde7e7a16ac1d3000000000e8000000002000020000000c488676151000f312aaf35560171124d889e1f0d5ed93d1ca019213f9732e84890000000aec354f55bbb2391d4c90737403d2dafc997fd54c110ae17274c8d1999b35a27da8c40da0f42fddbda7c8d7e0f590bf8cde357ab585d92006fca80328dc8563f36f47bcaff76915fefd6d93f6a1d1ecdff2d45cb583d8d6a616c58b63799d18259e2491b6d3e404a9234fef4e2f719e2e05f5819b4e601f64a71463c7aa73fe7fdc060ce0d54a470642741cb21f0ab0b400000001d8a56fc6e7a9ea77db9797085b16d29132d644f9ead6ab5ed81f9a38bf6ef61a82a00d7630bb0b75d83056ccb42454ff1cf6538d6d6d06bf044ed6f15319e7e | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424403384" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2664 wrote to memory of 1200 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2664 wrote to memory of 1200 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2664 wrote to memory of 1200 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2664 wrote to memory of 1200 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a354a0177e5aec44c48b3d40a6752892_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2664 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | coinhive.com | udp |
| US | 8.8.8.8:53 | www.gravatar.com | udp |
| US | 8.8.8.8:53 | saltworld.net | udp |
| US | 104.21.57.186:443 | coinhive.com | tcp |
| US | 192.0.73.2:80 | www.gravatar.com | tcp |
| US | 104.21.11.155:80 | saltworld.net | tcp |
| US | 104.21.11.155:80 | saltworld.net | tcp |
| US | 104.21.11.155:80 | saltworld.net | tcp |
| US | 104.21.11.155:80 | saltworld.net | tcp |
| US | 192.0.73.2:80 | www.gravatar.com | tcp |
| US | 104.21.11.155:80 | saltworld.net | tcp |
| US | 192.0.73.2:80 | www.gravatar.com | tcp |
| US | 104.21.11.155:80 | saltworld.net | tcp |
| US | 104.21.57.186:443 | coinhive.com | tcp |
| US | 192.0.73.2:443 | www.gravatar.com | tcp |
| US | 192.0.73.2:443 | www.gravatar.com | tcp |
| US | 192.0.73.2:443 | www.gravatar.com | tcp |
| US | 104.21.11.155:443 | saltworld.net | tcp |
| US | 104.21.11.155:443 | saltworld.net | tcp |
| US | 104.21.11.155:443 | saltworld.net | tcp |
| US | 104.21.11.155:80 | saltworld.net | tcp |
| US | 8.8.8.8:53 | gamingw.net | udp |
| US | 172.67.160.162:443 | gamingw.net | tcp |
| US | 172.67.160.162:443 | gamingw.net | tcp |
| US | 172.67.160.162:443 | gamingw.net | tcp |
| US | 172.67.160.162:443 | gamingw.net | tcp |
| US | 172.67.160.162:443 | gamingw.net | tcp |
| US | 8.8.8.8:53 | i1.wp.com | udp |
| US | 192.0.77.2:80 | i1.wp.com | tcp |
| US | 192.0.77.2:80 | i1.wp.com | tcp |
| US | 104.21.11.155:443 | saltworld.net | tcp |
| US | 104.21.11.155:443 | saltworld.net | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Tar33E1.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\Local\Temp\Cab33DE.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 0795ef778e6797b09412a1d2bb5b2056 |
| SHA1 | ec26e2fd626ade1c3a65991c697aa1c3013efb44 |
| SHA256 | bcf080f1a024be2b2e56ae04d36874a56acac4a2beeb42926dcb2678426a6d77 |
| SHA512 | 7563b2e96013ef1e5a72e842aa8e17418a74823c77612520bf06d65086d88b8cff6eb4b7ef5b78416ff096a7376c55738d44d6b215ac7730c1d08c5d13f61db5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | d3049f1a4b143f13261e38abab901109 |
| SHA1 | 1810917619ef7b98f40697c12f35a75575665f8f |
| SHA256 | 69df6863aa24aedecf107a7e2e0353d592c52a5905cc2833d824c2298733e9d6 |
| SHA512 | 6af844057e960d6f4165f297891b676492281fc4abdd7346a220b1972124fabe2a9e0f7b3825c9f67c1ed885262cf6fb994c4dcd607c1981005291a240b6e958 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
| MD5 | 8202a1cd02e7d69597995cabbe881a12 |
| SHA1 | 8858d9d934b7aa9330ee73de6c476acf19929ff6 |
| SHA256 | 58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5 |
| SHA512 | 97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
| MD5 | 5184ddaa8b6d289c43486495cd512f4e |
| SHA1 | 045513521a11534d3f534ba84d4055a4cbf4656f |
| SHA256 | 6206feed291957fd53a60b615007077896ddcc657161a9fbf5bc66bdfb0bba47 |
| SHA512 | 7637acb6d04a0b688cf726ed60e1c05d1494a1cc37cd2a014d01574b22b57e6c070eab2bdde15bbad60de670b06651d4d65f042cff1319aa858b1829bbd3e161 |
C:\Users\Admin\AppData\Local\Temp\Tar34E1.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a415363eaa83602e91d876180e1fa5d0 |
| SHA1 | f516178017277ee8ea18e420014f23613c64d2db |
| SHA256 | 9035dc21d5f311dbe49bdb03473c6319131614a41e5f01af8130708d93ab245d |
| SHA512 | 21de270386759ee16969a70b0f2c5924a714820201a973006f1c7e0fa0d5bdfd855a6e05ae0b39a154917d8957d1956dbbc95256165cabd772aea91e359021bd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ac941013c041a7cd8ad7334242943d63 |
| SHA1 | 59828d839834ebaa31ea4494f4c6ff402bf0c867 |
| SHA256 | 81cd83bf7e1d7e47425ceea227b96cba8d81163f999586a7bab2e0599db990fd |
| SHA512 | 686411ab7c142ef95f4892c6ad626a3832d2fbe3271a5b8cd061c5579baf81d42ffe1fd09cb618c9d6ace4feda8d1b71c8105fa20ac3f59694e6ab1fecbd57ad |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6819221d5eaff1adf4b5c548189186d1 |
| SHA1 | c6c7134ebb82fec8575baa319ca380e52946d599 |
| SHA256 | 2782bd4e23e4fbc5c0a45d44eae19094c7588dfe5586ef45328d5cc4a896f102 |
| SHA512 | f54c1bccc47a61ac3af831ce83252eee2f1e3259c1f9d23f50b9a16916910afd2a8cd22929e66b85dc588f99b82571f6c208e580aa5066528d364a73352b090d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 311e456c47db3b10baaa8fc2126cc9a2 |
| SHA1 | 1f06001e51c19a790a0ac5c52c45bd47b496bd6b |
| SHA256 | babd6c241ed9cf7ec53a5ad561ba35e492123a473d97910672cd0ce2898f4c7a |
| SHA512 | fe5f925bc53fcd852bf94e5368b594d6e3adeb05eedd963147326ade6d83355a8e74a4462ceb6e9bb05c6ec6f39aa8d8e6897fd2f822dee9b45bd98f20f41d66 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4be8fbff984e408a31bef8be2ea3eb29 |
| SHA1 | 19e526db5e5aa04792ea21709cc9e8d56bb1c768 |
| SHA256 | 7087de8aee461b4bdbb4dd542524d93861b02a17460345000186c54ec710c393 |
| SHA512 | f450dc4e80421aebcbf5ec01c2563cab864ccba143bf9ce3ee495e02376669910cd0fad1c29b8987aee8766a52787cae46c56b194587176ef2781807b7cf245a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c8194db6ac63a112e9e98dcbaf4c2a4c |
| SHA1 | 7e8fb6f81a4f4fcc4c3d2de474acd60e843126ed |
| SHA256 | 80dde04cd1e1e7328d8f235ed740aa9d1fe2b45ced5c88d7c2a052bf3a68e426 |
| SHA512 | 5c7b492c2ccfc27ba71fee9b1f6d1c24c32e013693bc5088189b15ec9e3e24287f460883094ba7df2c96a86a7d8d760ffdb8e6f884446c85768f9ca00ecd0245 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c58cbdfe23b623011bd968021289135d |
| SHA1 | 9ac486ea4b224a5defbe08e54746e46e15ac1343 |
| SHA256 | 4f831bcc64585ffc61b6bb845c51a37f7fb9050ca163f5af0dead60b2d96ab70 |
| SHA512 | db4075a9e7f21bd3065ea80ea270f59cade08d7f720146785e3eae043d4247f3dc138b08660a4e0bd7d011a0604ef1884ee048e326fd830e2a78107623e7ee07 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e27b83770e3e80524a74f33b50406389 |
| SHA1 | fada28032a527ad0de9b53daadc2c25e7f608b9a |
| SHA256 | 97ca09005d8414a5aaa19cc1992c85230da25ca88be83634d669153be64c1fa5 |
| SHA512 | a4181f5424c9f5680a4d500604422747d427e28887a85f46007cfd5a614349bbf24eff63fa383789183f247db4d59c7e76ef5c895b11d21b256f3eb4ea84d1e0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b5358f93a5145228011ab8f726d929d8 |
| SHA1 | 0b8fab44585cd5b17889ec4ef859f0a8d2b75ce8 |
| SHA256 | 9146a158a88a8ee95e8a9ded667e9ef8286b71aef2c3525608528248d357ba8c |
| SHA512 | 8a51ddeb2400843631c3c640730d56b586daf0594691c8b49c31ef8f34de5cdb7bc044ca4f6a573d0c1600ab3d8da3bde985511d0bd92ce393d138fe0b705587 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ce06f4477b4689964d21797dfdea9337 |
| SHA1 | 5b5ee6c20e3acaf3b2066701cb645bb36d4f7d84 |
| SHA256 | 6a540a894865c18194967954098143ef4ab44078025328de147bb8b798dfe715 |
| SHA512 | bbab8dd8ce68f018dc1f0dbdbaeaa7d1ee28605d9835a0b06967a141e5e333875fe37b850aac69167c590a7ead8532863e2afa4744b6806142d21ac263b6d6fa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 06748731a2cc428574f213fc1d3e89d4 |
| SHA1 | 06283a5e7144231ff25257d3f726c2a6ea246d0f |
| SHA256 | 9fdc32b804f360c7df9c7d6a3b520258cafd4cb04f55ca7c81fb2574706496b6 |
| SHA512 | 429be87ffdf4e281cec800774c1a4ec1011c4ce59325c141a691204a46d383640b76ce62f3379a92948a0963efae39884af76ecb4940f9f1ff90edf4644d1345 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c7df444787cbb2cc612d1f8f17fcd87f |
| SHA1 | 11ad8117455dcad8ceb5cc4b5d9c6a0572bcdca1 |
| SHA256 | ad9a9df139a7420ad6ee9c044b66256faeb19a55550f4783bda5ef056e63f74b |
| SHA512 | 6da0561034b9b05e7dcca686ff667312a3cd3f0b1094d2ff34287ec8ee77168283b3ab87f62251c635bd76906dc16244d35a5a7d73f11dcac37ae57667cc1b8a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 4072b53711ed306660a782595d1e69a2 |
| SHA1 | 0e06db3251f349df893efaf2ebb8d02c63cfdb3b |
| SHA256 | fca88c23969bc41efb200d7a907541ab88382ddca5efe702c0552abeb0dd9295 |
| SHA512 | eba42c12586699ec3d450424104c5f277f17cb24b9ec49aec4d71a1346399d0274b081af91e75d56308180b0584dd8e814b837f56edeeed89633edd0c8ae072b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c2cd5f52f0b80b41867b044d977b2c24 |
| SHA1 | 0983a6696562607a250556140f6a6cce547bebb2 |
| SHA256 | 0046ad16d3baebb1f99130cea8365978f77e515daaa7a0652899ebec24bd0fd0 |
| SHA512 | 32a3b0d7d89b4f15a05e111bb017a2a48fefd9ad1ef3d197e6f740e191d17d8e2af63ba8e05eb13dcf96b3742d51ddba83662163bda207394ff242258aa6a866 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 08557766cea6dc515113c1d384193995 |
| SHA1 | 7aa0212c2ba3976023769bd41eada7d655c52bf7 |
| SHA256 | 3b757b8ba642ea8d6c7a5d6e082b3363421d46fb2519b022bd7dcd4b71a283dc |
| SHA512 | e7d586d55d14d112d9bad25754aef18faa7cc4ec3e814b3d025efc6ecb5afce20fdb4fc9ca214987f3c33f44b87a28b7aea507543caccbfb63bd838f46d75968 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0fd16019e8933127bbe902024a149240 |
| SHA1 | 53e617fc8b6179552eaefd6a571196419b2bfa84 |
| SHA256 | 47d5fda5036e4d255cec615035603bd7eab06d3b0fc543782313e9b7c59a0fd6 |
| SHA512 | d3eea3540d14027043f26979e80f1cb84f1f56f28d917f30c20003e2da61681c92d2c566b996ecddc34c1494bf587624ac7a01b7e04b19a69a289d3f9dd654d2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0c85b5288dd45bd6052f9b9ea9fdbf93 |
| SHA1 | 87e839b42156dd243691686173a9f8ad40d4af75 |
| SHA256 | 33bd84d3b1283efcbc5e49db61512ac4de83c75662b716258e85766ea4e79791 |
| SHA512 | af58fa353a1bd9b50aca6a115ae126faad23ec010abbe30e678a2b932ac55bdbddde975084587bbbb9cf61ebaee8622527fa7a923a1b45b7e652a0f2e080d1b5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 1b17cc142283c71a15b09402fa53aea3 |
| SHA1 | 4a41c1133aab20b0d31fdc15790a86ac39ef7370 |
| SHA256 | 97c27b63c4d1d6ab77577dee9f94f33416e3f3f569522f8b5013f1ce9115e5c3 |
| SHA512 | 434258b73bcc55cdeee528bd9d2412c44788c69d8def695056d41f3309070e95549822dc22dac66c0d615a030ee2ef347f3b7c672ec8457270377107f077d825 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 10d81aa515d564754116aad4eb8bdfb6 |
| SHA1 | f0d03035ed21f2d5324e20638414380516c8d2a4 |
| SHA256 | bff0d1d0d03bd4e77cbb7a1e03173d9613885471eb71c93b316d69e1c02eb005 |
| SHA512 | 6357f8e659470c0956b66280d01b6b19543f28e3f01f510eb9ee6cffafc4909f80b11fab19e828a83af8b5fc2bb435fcba5d098c9871016c0baed1bd1cfd10ea |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 47f557f1b4d3628afc2f3386df087d99 |
| SHA1 | 50571e08c3b83a6864cb8bce0cec85e5aa4faf72 |
| SHA256 | 62b3d2828f89b5a2ada5b50b32c9bff86353896d3bc7ab57fff3add3bc2fced9 |
| SHA512 | 9962d3539b4d96deebc8cc5a8aadb1c82a7a9944126d8ff905bf336c35b6c4f095ff3fe938459e591b0773e60de2e02e05dea72c51efe91d9daf2084d2a854ea |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0653f324c2c11ab2a10a7dfaea1f0202 |
| SHA1 | b377ba3f7d73a6e8fd9e157f548359f22844aeba |
| SHA256 | 04ead3c2336e9d586f96d01c5839df2de20d68f1c54ed41b7c935dd384f428af |
| SHA512 | ea33580c15984818773737f2f65e8ff346f9de40697ba31cc9abd2de0ab1fad46a31ac568394ef7adcf6f392f0c983134bb8d500a33ab6996df40217c55d72ae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 74a2151ba2302e5bcd33e7ac1305ef14 |
| SHA1 | 1463fc8b4531529568de2f0751cfb0ac2adf2df1 |
| SHA256 | 481b12592f3cf6c08449632871f61e5a57968d14d030fc54040789cb8236c6a5 |
| SHA512 | d37ef373b58a123e3562528e03107097199541b80abc589fb471c002f675a7e976fb3b60e9fa474b7d8d46edcf1c9bb6198f580b255d51db9d4efefe66a092bd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e6bd336625f7ddb0f44e507820022b2f |
| SHA1 | 47772ed942d9232cb2b7a1613edb42ffdb5ed3f6 |
| SHA256 | cc3b55d606a41ba7200735c35d9e3bfdddd3f836a7542c1abfba364dc2376ac2 |
| SHA512 | e7f3962929a9481faaf0ddda81b9f22fc8212e456d53d9ad07d38b7e920ac00fa5314cc9b1f679497d65ef753371b98d49e69b6b91a67570106cc3ac5e799127 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 091c5614081a0980575c32389c5da78e |
| SHA1 | fb63aa344e358972ef9da303e667d9cf373c7933 |
| SHA256 | 2581be199f11d6e941447928fad4e619138dc8080f83fc3c24dfa359367b45df |
| SHA512 | 620ff1a73857e0bbca45d06b5a1c2593acfcb0c943b11e9f09ef9b08ddcdf323219c7325568cd0da64a2fd39ed1e65bd648b3c52894a317e02c7a30438affa8b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d25f99cad0ff20ef32e5274daae25895 |
| SHA1 | f71d3c74522777eb6c41276a3380a37b73dc8541 |
| SHA256 | 13e58540db8f9a579a14522f5b6fe6663236520dfcbaefc4483daadb2e6068cf |
| SHA512 | 0a016ee5532672694f84f5ff04e29afc2471ca02cf4f3a25e5322ef329d7e9806991af4a7461461d9304de3b6c530ab465968d2688afb520c615a226b29f8fbf |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 01:18
Reported
2024-06-13 01:21
Platform
win10v2004-20240611-en
Max time kernel
128s
Max time network
137s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a354a0177e5aec44c48b3d40a6752892_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4592,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=4120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4696,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5220,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5360,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5556 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5384,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=4292 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5348,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5824,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5660 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4308,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5892 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | saltworld.net | udp |
| US | 8.8.8.8:53 | saltworld.net | udp |
| US | 8.8.8.8:53 | saltworld.net | udp |
| US | 8.8.8.8:53 | saltworld.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 172.67.166.97:443 | saltworld.net | udp |
| US | 2.20.12.101:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 23.55.97.181:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | gamingw.net | udp |
| US | 8.8.8.8:53 | gamingw.net | udp |
| US | 172.67.160.162:443 | gamingw.net | udp |
| US | 8.8.8.8:53 | www.gravatar.com | udp |
| US | 8.8.8.8:53 | www.gravatar.com | udp |
| US | 192.0.73.2:80 | www.gravatar.com | tcp |
| US | 192.0.73.2:80 | www.gravatar.com | tcp |
| US | 192.0.73.2:80 | www.gravatar.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.gravatar.com | udp |
| US | 8.8.8.8:53 | www.gravatar.com | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 192.0.73.2:443 | www.gravatar.com | tcp |
| US | 192.0.73.2:443 | www.gravatar.com | tcp |
| US | 192.0.73.2:443 | www.gravatar.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | i1.wp.com | udp |
| US | 8.8.8.8:53 | i1.wp.com | udp |
| US | 192.0.77.2:80 | i1.wp.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 57.234.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.166.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.160.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.73.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.77.0.192.in-addr.arpa | udp |
| BE | 2.17.107.105:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| BE | 2.17.107.105:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| BE | 2.17.107.105:443 | www.bing.com | tcp |