Malware Analysis Report

2025-04-14 02:58

Sample ID 240613-c646ms1gqd
Target a391caa7e0b7d30ef0f0980c55f4c805_JaffaCakes118
SHA256 385d3b8283d5c411789389a5c1a2daf6a6edc5fbc318ed297b157fb614303001
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

385d3b8283d5c411789389a5c1a2daf6a6edc5fbc318ed297b157fb614303001

Threat Level: No (potentially) malicious behavior was detected

The file a391caa7e0b7d30ef0f0980c55f4c805_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 02:42

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 02:42

Reported

2024-06-13 02:44

Platform

win7-20240221-en

Max time kernel

147s

Max time network

149s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a391caa7e0b7d30ef0f0980c55f4c805_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000009a25aa5bb7e76046bd773aa20b4745f400000000020000000000106600000001000020000000365b016751d48c550b2979e1f94f60f1fcc3757b9244d71178368f277629f4dd000000000e8000000002000020000000e64f0f376d1be5143126379e61464090bd7c41ceaa1a6319c24d58bc10dd6fb79000000023407c7419ac90cc180d7a12cf8bf0451ce4b1a24d70dcaaac587473c665f1087b94f9f9e28def016219480eb04920d218c8692a36eaa5b2ce891e76d35f7612903454629a093e9bb8a7d8fadecc8165609474f64a26df884ea08df407869fa2548ea8d753de163b82f3e5b3074880cf14fbe162a159d99b8f2e19114d1a4aadeaeea22f57e43930f81a6f79b939749540000000252d43f98ebcd8700eb216837ce7569b10bf64e67881648247ca5fd63a7a9201c95d3567289b121f669c204594578701c332e3b8072c8d2d16aa0c65145aea41 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{8C7EE6C1-292E-11EF-9DC0-D20227E6D795} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000009a25aa5bb7e76046bd773aa20b4745f400000000020000000000106600000001000020000000bfac35b896c24d4ade37d29b81aef7cba259b46481d36325b0afa43244e1b956000000000e8000000002000020000000dfa62b27d658df7ce4ffbf072db67cb1ab8a3a5db24c4aa3136fc287e175410a2000000061e8aae4d456cd44d6eedc1181667d1677625bf08acf89843c317b9043c1ec92400000008068a86e54c5eea230ac7345a06034bec0c2c01ae34ad4c4384f138a95cfb72947112535336dc4a03fb3c60765c8dcbde1308a39c91ccbee0929466a61dca696 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424408405" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b0d9e7633bbdda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a391caa7e0b7d30ef0f0980c55f4c805_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2676 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 i1149.photobucket.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 static.addtoany.com udp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 3.165.113.35:80 i1149.photobucket.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.200.14:443 apis.google.com tcp
US 3.165.113.35:80 i1149.photobucket.com tcp
US 104.22.71.197:80 static.addtoany.com tcp
US 3.165.113.35:80 i1149.photobucket.com tcp
US 104.22.71.197:80 static.addtoany.com tcp
GB 142.250.180.10:443 ajax.googleapis.com tcp
GB 142.250.180.10:443 ajax.googleapis.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
NL 192.229.233.25:80 platform.twitter.com tcp
NL 192.229.233.25:80 platform.twitter.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
US 3.165.113.35:443 i1149.photobucket.com tcp
US 3.165.113.35:443 i1149.photobucket.com tcp
US 3.165.113.35:443 i1149.photobucket.com tcp
US 104.22.71.197:443 static.addtoany.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.170:80 apps.identrust.com tcp
US 8.8.8.8:53 jqueryapi.info udp
US 8.8.8.8:53 themes.googleusercontent.com udp
US 45.56.79.23:80 jqueryapi.info tcp
US 45.56.79.23:80 jqueryapi.info tcp
GB 172.217.16.225:80 themes.googleusercontent.com tcp
GB 172.217.16.225:80 themes.googleusercontent.com tcp
GB 172.217.16.225:80 themes.googleusercontent.com tcp
GB 172.217.16.225:80 themes.googleusercontent.com tcp
GB 172.217.16.225:80 themes.googleusercontent.com tcp
US 8.8.8.8:53 x2.c.lencr.org udp
US 8.8.8.8:53 angkajitutogele.blogspot.com udp
BE 23.55.97.11:80 x2.c.lencr.org tcp
GB 142.250.200.1:80 angkajitutogele.blogspot.com tcp
GB 142.250.200.1:80 angkajitutogele.blogspot.com tcp
GB 142.250.178.9:80 resources.blogblog.com tcp
US 8.8.8.8:53 3.bp.blogspot.com udp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
US 104.22.71.197:443 static.addtoany.com tcp
US 8.8.8.8:53 developers.google.com udp
GB 216.58.201.110:80 developers.google.com tcp
GB 216.58.201.110:80 developers.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 216.58.201.110:443 developers.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 216.58.201.110:443 developers.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 d3049f1a4b143f13261e38abab901109
SHA1 1810917619ef7b98f40697c12f35a75575665f8f
SHA256 69df6863aa24aedecf107a7e2e0353d592c52a5905cc2833d824c2298733e9d6
SHA512 6af844057e960d6f4165f297891b676492281fc4abdd7346a220b1972124fabe2a9e0f7b3825c9f67c1ed885262cf6fb994c4dcd607c1981005291a240b6e958

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 3cac07e1baaad12259d45a4a8438c914
SHA1 9548e85c90cec1b7bdcffe5e332a23d2ed97f33a
SHA256 b83ea6fa3c42e0030b247f378c079486ce9138442a9f65bbda7678dd22c0be55
SHA512 a8f55089c678d6b673b315cd2ab8c135293a5985f8bbae418c969f0fd89f80528994fc23ea9aa46a34d5cc5136e0bd528ae2b0d485d7dd6490cf7f1bdb0a12ea

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\Local\Temp\Cab343C.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\Tar344F.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 94768d82dcb7bf40a72cdaba4d202ad9
SHA1 058f28ffe61780ec6a003dc4b5d9109d39ec739d
SHA256 abc4f2b924ab9e1313d597df209071f039dbe926ea308c35edc417ea056f2152
SHA512 77701ab74e458c22949c14716090fd5bfe96dfd471fcc082c2ecb9cfc4e1085da1cdc1c5f3dedc21124406f668214e3af82ecd9ab0578b1602a000259ad4dec4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 9dd6be1459c3c1d76ca718a1c17584b9
SHA1 dfd855f2be47e6125b7b26baa43720abaa71354e
SHA256 bffddac09b1d6f5e41d83f840937b3e098cb8c9e2c25f6d21d61a1d96b926c3b
SHA512 2348432ac968c25ba5f17dd2d2aba2b5a695857537d428778ae617eae4ed03a70707ffcaa1a483dc87473a761bdde996318df883b308c8efcf3c3d6d843b8483

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295

MD5 a4c3e4b3f212ccf9719236eaa8f728be
SHA1 e017a18974a9969ca60ca2499ac54b464d91a2ef
SHA256 0641546fbe6a6bf201d918796cf5efa992632208053037f369a6173cc2afd39a
SHA512 c4c229eec604f4022ab0d439eb8b95bbdbb554d809d4571745957f0da5dc740e4ecb13757273b9dcf9f431a5b1ca40d53a539e2ccfaadbf7c161dba6b8b2734f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar3585.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0ce6f58258ad025b95c6ac889ab94afb
SHA1 06700c5c5012ea7315abbd11d1bb8beaba685196
SHA256 e6b597a89124e0e0bc98d42713ae6a316994eda485abe7ba20f7bd564bb0b19e
SHA512 9b0a04d62cbecf640d464352fe504593c9af0ad9cc35b123bbfcc9ad71bd2cbb84ef5ecafb229ff93fa189fe287307f3e9d08130a44630254a03bee64c6af9de

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9d099ac4b6d0198dab5f473461100185
SHA1 858296dad9bd3de45e66f9c0f458b88ca2cc4cd8
SHA256 991a9038d547e9b3e505481b4ff4f03848eeb8ef57e6bf669daf5a19b555441d
SHA512 5b0e55d805afbcf613b07d6b7953ea86633c63c6e7ca56c5b3d7fa0f62573650b2529678411affa0eae2ffd4f209f42aa507aa619633a64ae764d823ac16eb22

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ad87806969def8f57ca4317c788d2390
SHA1 4b2892328e42c40d4c4de46df9429c6c1afc1a5f
SHA256 2d35618a7724d832b8d4b29193ba14377211b7a52eeecb4aa15f42243b523690
SHA512 66aadd7504ebb2090598a239d63d2ac1b44d0a7339bae0a0b5f2ae0ac67ac7e3354ecf9bb53d9ffa5b224c18c327e514343b79d8dabc7dabe02d98f572d041bc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dfdefafe29265c0f890ee96bb1de0b41
SHA1 e34f34e85650e9daf974f758af9e0fe6f23ea3fa
SHA256 40ae14f45f4e9d283e92448e3a886aca234e9f4cc246ab1639b4515e813daf0b
SHA512 063be08d88f89b7bce070d1af18129634d4579eb634e1113cbf59c0679950abc2544967a6a120bdd41a63293279386029e0faf8f5df26062ad9a17c42aca8ff7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c7a9073164da31c4355b9d470ddb10eb
SHA1 29fa2cb504ff497556c629ea5fda1e336b110f7d
SHA256 89fb41d41c869dcde75f5c2ea15b769d1942d4b9094c83b73a99e536ed37fdd8
SHA512 b64bfb3f7164b76d3488a305e04434dfd237890e06e26d3c9cd289b6a03a71215f9a45d885d270d961bf73ee04e5dc707e35c22e4cad17ac8c962f2114df7a92

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 56d6724ab34101ce0071603105e972f3
SHA1 a739d1d028272d3573dbd60b4d763eed43b235ae
SHA256 e81ac0d8e018d42bdcfa68646ffcf149650ee43fa04ddda8dea0e9b68461ebb9
SHA512 8598b1b039f83d22251719c61e1dc5bf3b606000c31f9057a2c0640733d7044be2a366f7e2d9ad68d6fdd8b612a80697b25e3d5c600559d805758eef42d00273

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 010a47e8ee5af47be347cdd41c2fefb5
SHA1 e22b25530c3025bda19ab980b9a3f2748f4a70e0
SHA256 d7a0ed6ab59f3227d8c186cd4351c901e7a10187a8af959a6af284fbeb41863f
SHA512 0116475f4f7b565485c3b37d34bb3973002a6ff80b151a46f1ab3d5b9dd5dfc021629b238b998f5f1bd25e538c830007f9fc09e85c111410c719bae1a3fce6b9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2ba1dcd454a9b00a7017de2340d331ae
SHA1 50834ff83280caae28ea9689095207dab030f9ad
SHA256 6e837dd81c92aee3e39b8df7d0058f413ed6a4a721c16d3e0353a5b6125e08e0
SHA512 ee055fe04d294620ea3bcb0360a2ef7a7414a5d28ce455394f1e819e07cebe5252f29e7e59341aad43c5d285b16037d31b69dbdb296c54d2bc8144beb4f9b7cf

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\SDXUUH5Z.js

MD5 67e216a27dda24bdcb086c2385b0cb99
SHA1 17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
SHA256 9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
SHA512 802319543dc64cb011bc2684004e878a842b73aa55e4da1141ccb8650cbf42fabbf2b46c730760bbfcc7a140e11700244b9f5da78bafe9fca7ec7825c12b4255

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\plusone[1].js

MD5 53e032294d7b74dc7c3e47b03a045d1a
SHA1 f462da8a8f40b78d570a665668ba8d1a834960c2
SHA256 8076b082eadf0cab4a8823dbd7628a0b44f174c17b3221221c0e31e7c60307a2
SHA512 fe263fe86aea2ba1b86d86305650cdeee45cd1f7b4339f9d4fb81db776b78abedccd0ae77262f45d579751daa26f81385354b3d126fdb5577036e9dd1db33276

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\cb=gapi[3].js

MD5 f9255a0dec7524a9a3e867a9f878a68b
SHA1 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b
SHA256 d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d
SHA512 d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8507d980e3d4a5df9ebc88f9485ce29d
SHA1 ee604782f7665c1219c0dc43daf1184c2a3459be
SHA256 c2554d732b24371dfabf09a35092e5d5e96f8664220fe6f23fdecb1c8c9b8dee
SHA512 0c88dbad37c071e4f3b945a940fa33ff82904e23ffcaba7856cb60f7dedc9ec8d55c190b155383d13b111ac8b066b24a3265e8a70b044aa330abf47d7542c468

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3bfcfc78f7b9c3fd3e4702d34cdda6c6
SHA1 a16da53a43e2f6bd2ba8e3e04c489f102e43de84
SHA256 277867dafd626ae946c927c6911867e043cbdaf4f592a4d91c3f93457d601e58
SHA512 423ea07a7f41aa360dbc688f021a01b0d6477943e5eb87a054f0d61f661e3335861c045a5f67834abf873ab48ccc799d52b4927dffcd7a6eb384ae98c95b29ff

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c87ef0aaa1be66ab7a805585d03f6602
SHA1 ab9e9985efcb3fcdd5cf39f6cb5ce2e58839c6a1
SHA256 b45bc019e3a36db2e6a8bc7cdfd4c2a75ee42ff577771a84572c2b3473d2e73e
SHA512 a2e782051d4a111c94be13802f0ec982f01deb14b87a78a756362e61829377f6aa76aac7bb5affa0f4bc4d51be8ddc5b34a7552625e9199e7a68f9ba34e7ca19

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0d1af079cfd0927540a8b878240575fa
SHA1 523ec66f154bd5c8ffb4e9c2102693c9b3008072
SHA256 2e9979e0dc9a1fc5b6450e8a26abc8a961027a8a83c6cfebf80929047f1a4fab
SHA512 78cadad7e04cc1c2590b739eaec51a639f0fc3da97895ba851ab3048ad7cc495c16560fc7f8814ff4709d96d1ac53e0829f923468bbc8bdc8af1b1028d4435a5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1f436aa2337e8e5c79aeb5a269cc3ed4
SHA1 2cb8e8ddde6ed0cca1e529a52eabf89ec93979c0
SHA256 aaaad97ee9dd3c700b25c1d629ee625f9f7a55b77874cd1f38643a0b07c7280c
SHA512 89fc7d76cbdc2f6c0b9e82fc1a3bcf6df22194d1fdf044f33d82827003404c290203f6531c42962163f163b534fbd973d86e33177c4a0b216b707c6b774c413a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 94298af37c4a44a49499ffd73c1701f9
SHA1 836446d49cd46f2b9dd7f1546f7d6f18294a245c
SHA256 9f845187a91a16c180517426d0ac527cd9291822811db72c2cf025e4a074e62b
SHA512 8c7c4b3f4af49a69bfcd15e2cc9847b315bf7c82b42e1ffc7cea86423d7aa8351d38eabe8d346ac3f446ba5be26296bf3e274da3d1b5ee75851d7c3083849128

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b9d1c7d431c16144b76d2f8750fe11a4
SHA1 68b6d99970d660e6c81993065ece34045260ee60
SHA256 30b25b2a1642bc24155ff8777745a5747c7af65aaaca30ab383e6eb4f9922e0f
SHA512 727ecfdf7d03ff4ff2b3b1f7f13832612e1bacc55f520c82b2c2d7c61e4e46f9278a8e28357e6456ac341829647669238f4c0c3116c7971c39a0e1f1eff40d01

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8870fb027299662dbf6d2c6a8e4e2fba
SHA1 6351ec9b617def390ba6b07c296f3707f61f00c4
SHA256 cb543dc557c77b1779bf395045fd9e438a18d35c699f31161b1f0a05bfb8965f
SHA512 cdd658506b43d792101a9ae0ae6b8978bd800e3015572d359e41b4e1116c5df78b45a4680e6d1bb8cadb4188b067edffaf24a56975802283c9fcc454039df278

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a4c0c48bf0c0846236b486d43e549f8c
SHA1 6bcf860e9cec99ca5eb882d4c3e1fc98585b2fbe
SHA256 9d1c69e8ef682a1c9f4da77fec7efacb5101e8e5e37a6e803c3a1d11f353f4ec
SHA512 a4abbbfcdbc141a080ff81e37f5db70381ecceb68166e28b7d32de1011dfc4112571ebf11a3e0d374089efa030ef8f06e757a4f8cd82e8241c0fa6d3fbc2c377

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bdbe11d67af93ced9a6ae5c005b23434
SHA1 f762d7c138f8a5e9f0a5fec0ab1705249ae85b53
SHA256 37356aec30edd78ab43d5fc7b80ed0c337be5dd17ef164eca6012f32eb41031a
SHA512 56c16f1cb53358af20d5f1144810408bc6107a86e439c3ed06ddc50c1e9e2596d467e016ffb9690d72267d15512321ef236f0110f9fc084d3edbe36b4a94d761

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\3604799710-postmessagerelay[1].js

MD5 40aaadf2a7451d276b940cddefb2d0ed
SHA1 b2fc8129a4f5e5a0c8cb631218f40a4230444d9e
SHA256 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2
SHA512 6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\rpc_shindig_random[1].js

MD5 6a90a8e611705b6e5953757cc549ce8c
SHA1 3e7416db7afe4cfdf3980daba308df560b4bede6
SHA256 51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679
SHA512 583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a3236d2f98ccf7adf3e57715c3f02c43
SHA1 980b70225958265cf084b5c2a86b08ae4785afa5
SHA256 48b5cbfd4e847016f07ca67ecbce2d4e9892ba9597d8c6463d2f44a34274e466
SHA512 1793a131adfe71574d706b539c798807c8cfb80e6172e645e0d80ff789e0eaf238550df8ddc33c1a7d3971bb6cbea3833cafc75188510310a564dd39c2c35ff7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c6ad87e28bb9dd200f560999eb8901d5
SHA1 576e2c0d5ae86c3a578883f2519f27c7e8b6674c
SHA256 073dc8121d945d5da13cf7535639ee5368019938500144d0e7a167296f32dc8e
SHA512 181a2a9a5d4061b5083a2c5f82ff8b6e66cb5a9384ed79785ad07b0e8ac98793601f55a5fe96dfc1ba458a7975e04c2438a2c6be539e63e7c48829a82960d208

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 b1e6df1891170c2b5753f9392f097dfa
SHA1 9af0812f7f5068be843d6f36ec6a52fb8760e67c
SHA256 2ba1e34827e429b018720768f186921fce95b262179754db1f358a8b83245a04
SHA512 599aaca02c2e96dc411d658ddab9b63475649b24d06985ea6f33159ea23f0907c8fbcab90aaf93c9c6cedc3a361f939dcfbf73c6c7ffacb61211a6eead05fb09

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b7ef39d5894381ddaa1b81222883ab04
SHA1 8890a895a73228506d9824cf115dbef83f8be336
SHA256 92726c2f08781e0194f1bc4d814bca68f23024a1991808f0825c7d2f0db1902f
SHA512 f47256e206771142163828ac5230f404d1413ff54a355f2ade9864d456a72eb0af34e36fcda1b49737539c3240b6f9e21d4b687b4568b73256739dd29e3a53a5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e8fccb37c4ac93f256827561056adfb0
SHA1 e48f437ab3fe0037dfab6a40d0a41c413449a4e5
SHA256 529e4acfb615c194769b390ea01c495f58418b2cecde8f640ef8ce33646479b2
SHA512 11d12b016af5c3cb6506899dff0334e564acac2b55846ec273a5cbd257e62a864d6e53af6e9ed911479bd651d175c2429088d4d5a46df1a73475d151abacc2b3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6ad4992fc4b036e119826fdd3a1b019c
SHA1 3e6b4783d8cb948f3126740414c45c73ee636ac4
SHA256 d04c5a6fa6752c99fe922586ec64c3029b05941ba4b981e4efe23ee152e57abe
SHA512 79053364d5ddae8b5a7db8f74b29efe1e56cb86ab72e83e9bb59c3a20d3200567967c3cb7da150b9a0f3397e44143e89a971f695b7abbbe249c4333f91516f34

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0da7337dd2503c1d0622ea109c06a481
SHA1 cd7a89e8803e8bd1a904981c9da939203587833c
SHA256 9f757f0c7d9ebb364edcc74ae49efff336e4aaca7116733d5a4d2b783fecf657
SHA512 1d1b7eef37ebf8897fe9204faff2f8c95c27744bc1da594a60c7f86e58c67b5819272052cc3467f15ba1c0eadcd489d8322b20fc05106438724883cb78981d2b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 aad781e2b057aad676a664f801046794
SHA1 d43aef48e87789c2cdcf031348bb9df909b09023
SHA256 150cb5f23446b26c5999e605c3465fe13b89ca01175f0a4fc09cd3c60e1292f4
SHA512 9a6746f2a6b077a0042fcc594f39b2422821858e48a1e5db7a458f4b658c28f8796167c25de01ea988ad72266edc5bb5700ebb5dcf9e3598aea7cae3584aea53

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9b3fd7fe27a9cf3c21c415d4f2de99d9
SHA1 166699a8aeb0bd97041f57c4c0f88aa14e599c64
SHA256 431574f500df9f1d7ad19fd9f1e6ee1e8c2a09203fafbdf7354a440ccf6478b2
SHA512 baae429b633b002cbab8adbda6b966e0be2dab5de2e2a6623eda6335fb26061e056d4071cde503686461af20054983b21a7bd10f57b81b0cade123c672ec9d26

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 064a94b63910f96dd6d34f7b816761e2
SHA1 2e68a34e6897ba3372c622cb8842c68ae0731f81
SHA256 414e72d2c8eef5f6debd1617561ac4d12ca2780198d17e7c60dccbe211d0a423
SHA512 57060bb7d07a1d418bbcdb5d0287d8a6340de52fffaef856238a5c90a8732344b28c316918855c6aeb98b88b7d22368d04d2049c2d3affd317541376a3c30eb5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 4fbbe35f923742e2e66ddd89c15105ee
SHA1 9c3cfaac8e8c335b69dfa2e2a1b618a2b958b88f
SHA256 90c50fd31be2a67ba55349c938752803cafd7d91be56d7147881f04e11f8269e
SHA512 1ca11d7b6db8604e9c9b925016698ef94c715dba2ceca27c39d06a45008bcbe2dfc27128f24ea0301b6740f2e7b28300006b3d2f1a31c37558839f39b61b18af

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 02:42

Reported

2024-06-13 02:44

Platform

win10v2004-20240226-en

Max time kernel

145s

Max time network

153s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a391caa7e0b7d30ef0f0980c55f4c805_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a391caa7e0b7d30ef0f0980c55f4c805_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4992 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=1404 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=2212 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5516 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5556 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=4600 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=5368 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=3696 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=6432 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6880 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
GB 172.165.61.93:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 13.107.6.158:443 business.bing.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.178.10:443 ajax.googleapis.com tcp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
BE 23.55.97.181:443 www.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 i1149.photobucket.com udp
US 8.8.8.8:53 i1149.photobucket.com udp
SE 184.31.15.35:443 bzib.nelreports.net tcp
US 3.165.113.12:80 i1149.photobucket.com tcp
US 8.8.8.8:53 76.234.34.23.in-addr.arpa udp
US 8.8.8.8:53 9.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 181.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
GB 142.250.178.9:443 www.blogger.com udp
US 3.165.113.12:80 i1149.photobucket.com tcp
US 8.8.8.8:53 i1149.photobucket.com udp
US 8.8.8.8:53 i1149.photobucket.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 jqueryapi.info udp
US 8.8.8.8:53 jqueryapi.info udp
US 3.165.113.12:443 i1149.photobucket.com tcp
US 3.165.113.12:443 i1149.photobucket.com tcp
US 8.8.8.8:53 static.addtoany.com udp
US 8.8.8.8:53 static.addtoany.com udp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
NL 192.229.233.25:80 platform.twitter.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 45.56.79.23:80 jqueryapi.info tcp
US 104.22.70.197:443 static.addtoany.com udp
US 104.22.70.197:443 static.addtoany.com tcp
GB 216.58.213.2:445 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 12.113.165.3.in-addr.arpa udp
US 8.8.8.8:53 35.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 25.233.229.192.in-addr.arpa udp
US 8.8.8.8:53 197.70.22.104.in-addr.arpa udp
US 8.8.8.8:53 23.79.56.45.in-addr.arpa udp
US 8.8.8.8:53 angkajitutogele.blogspot.com udp
US 8.8.8.8:53 angkajitutogele.blogspot.com udp
US 8.8.8.8:53 themes.googleusercontent.com udp
US 8.8.8.8:53 themes.googleusercontent.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
GB 142.250.200.1:80 angkajitutogele.blogspot.com tcp
GB 172.217.16.225:80 themes.googleusercontent.com tcp
GB 172.217.16.225:80 themes.googleusercontent.com tcp
GB 142.250.178.9:80 www.blogger.com tcp
GB 142.250.178.9:80 www.blogger.com tcp
GB 142.250.180.1:80 3.bp.blogspot.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 static.addtoany.com udp
US 8.8.8.8:53 static.addtoany.com udp
US 8.8.8.8:53 static.addtoany.com udp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
US 172.67.39.148:443 static.addtoany.com udp
US 8.8.8.8:53 148.39.67.172.in-addr.arpa udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
GB 142.250.187.194:139 pagead2.googlesyndication.com tcp
US 104.22.70.197:443 static.addtoany.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
GB 142.250.200.14:443 apis.google.com udp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 144.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
US 20.231.121.79:80 tcp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.189.173.21:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 21.173.189.20.in-addr.arpa udp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 connect.facebook.net udp
PL 93.184.220.66:443 platform.twitter.com tcp
GB 163.70.151.21:445 connect.facebook.net tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
PL 93.184.220.66:443 platform.twitter.com tcp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
PL 93.184.220.66:443 platform.twitter.com tcp
US 8.8.8.8:53 syndication.twitter.com udp
US 8.8.8.8:53 syndication.twitter.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 216.58.201.110:80 developers.google.com tcp
US 104.244.42.8:443 syndication.twitter.com tcp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 66.220.184.93.in-addr.arpa udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
GB 216.58.201.110:443 developers.google.com tcp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 connect.facebook.net udp
GB 163.70.151.21:139 connect.facebook.net tcp
US 8.8.8.8:53 8.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
GB 142.250.178.9:443 resources.blogblog.com udp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 216.58.204.74:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 8.167.79.40.in-addr.arpa udp

Files

N/A