Analysis Overview
SHA256
0d32b98d6bb8f5a6c71bfffcc8f564f383dd73287d2217de2e7e72fb7ee149c0
Threat Level: No (potentially) malicious behavior was detected
The file a3b0ee24cf18fa451dbdba7ecd9147fc_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 03:35
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 03:35
Reported
2024-06-13 03:37
Platform
win7-20240611-en
Max time kernel
121s
Max time network
127s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8086" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19415" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424411583" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8086" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8092" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "28458" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10812" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10812" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "19497" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9452" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "288" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "167" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "19415" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F2AD9B61-2935-11EF-BEBB-767D26DA5D32} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8092" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8296" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8296" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8204" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8086" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9959" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9452" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "167" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "200" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 3044 wrote to memory of 2760 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3044 wrote to memory of 2760 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3044 wrote to memory of 2760 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3044 wrote to memory of 2760 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3b0ee24cf18fa451dbdba7ecd9147fc_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3044 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.187.206:80 | www.youtube.com | tcp |
| GB | 142.250.187.206:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.206:80 | www.youtube.com | tcp |
| GB | 142.250.187.206:80 | www.youtube.com | tcp |
| US | 216.239.32.178:80 | www.google-analytics.com | tcp |
| US | 216.239.32.178:80 | www.google-analytics.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 216.58.201.118:443 | i.ytimg.com | tcp |
| GB | 216.58.201.118:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\CabD5E7.tmp
| MD5 | 2d3dcf90f6c99f47e7593ea250c9e749 |
| SHA1 | 51be82be4a272669983313565b4940d4b1385237 |
| SHA256 | 8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4 |
| SHA512 | 9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5 |
C:\Users\Admin\AppData\Local\Temp\TarD64C.tmp
| MD5 | 7186ad693b8ad9444401bd9bcd2217c2 |
| SHA1 | 5c28ca10a650f6026b0df4737078fa4197f3bac1 |
| SHA256 | 9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed |
| SHA512 | 135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 0e11de8e1b6b9d1f5c61182ee1b399ec |
| SHA1 | 7f13e8cbff917d46ec7e0d8e48bebdf5480a21ab |
| SHA256 | c5b933d94937935fed5fc74aa79573c1cdf00aa28a916a722c73513e76ed4620 |
| SHA512 | bbe2e5540b91bfe9637700f413b8d6e76564b01e6c2d4f138480e0d6143845e8ceec1d97a1e782c1fc392f108f2d4b7d354ba322e70e8bd51a92237f8c9a4e10 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 2b2b888627b904043271252c94b62255 |
| SHA1 | 71f7d0fd7be12e8156403f14cb367c55916e9838 |
| SHA256 | cd20723cb3cd73eb50e9c86b4415c42b499daebe7105099eabc002e1f2fa877f |
| SHA512 | 63e3d3411b8f31388dc40f042494c9268498cc458cd67303c8e0e8f165a6423740d04dd0165d805dc964c92bf0cf13fbd2a76e422ce259fbd896bec01990a1c0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 0f931aff2732707ef797e1400bbd897a |
| SHA1 | d451c701ca18878ff4f6f4b614db3c3cb3a6dd08 |
| SHA256 | c2037e141f8a97efc667cbe5177175bf07bea567a101c6d4527631d4df4b76f1 |
| SHA512 | e99a690944f989183b9ab0a78c560d21f5d2c6244eb5942d23614b89e7d6bc5c20c8ac866706f8d68bb10f5c666ae87bb1edd221c4a62082c7eba7360df25133 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 82042a91e461f178af0a77bbcfabd1d7 |
| SHA1 | 3a8e85d93f50c39b27794e6f7bfddf62c4591fa0 |
| SHA256 | d865a60b8def105ab5a4e00b042976626529bf39f614c93b8f590babad144c36 |
| SHA512 | fe1e058505701811b853a977161c3b3e5ded0601bac42a8cbf99407e476ec59795310a72a3376385566c97fffc96bfa2b8dafedc8d439f36040fc1225c50cb68 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 0e4e9503a56b4e2f45d92973163c1451 |
| SHA1 | 59ac0148ac915dd84ae0f6b8809c65b49c7ee28e |
| SHA256 | 141c32f7269ad461f51be229685cc998253864e430a9828c9bebfdbbdb24b178 |
| SHA512 | e2aff23a4c42b5ed15fd51faee388a87a1372d839b6e7f10802d5b75c47e8f5c7cfbcf3da5903ee754a5e3a1077c0bb829b2e6b6d05a3eede81bf4ef088cc7f3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6F0O117Z\www-player[1].css
| MD5 | 69958caec43c10f1d36a71ce83ac69e8 |
| SHA1 | d363274a0f568e4bfe98e978eae59441fc17a1fa |
| SHA256 | d24493147c49a7b5d1a21c66aa87d11a0c976cd4e9392b89add880139aa2b1ff |
| SHA512 | 8a57bb5c5a1f7a91057493bad34133f7a2da0b7322ea84638a82e4df13045a584b11a0bc5beb90c018e9d5fecd323bc73cb35e2c322804ddd74ab0e4967bb84a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R54TGSS0\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6F0O117Z\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6F0O117Z\www-embed-player[1].js
| MD5 | 8940a491297381a0ce25360e21b39bb5 |
| SHA1 | 43d7a4157e78777fc024415969c3a7bd550a4322 |
| SHA256 | afc766cb1c4a339c40d24ad926f05e8b4927eed7532b876291d0bd19adc9cf3e |
| SHA512 | 5772d7e7485db888676e69cbaf4c88af01872997338bc61e8e0344d5dba208c2909e167d54d8edcb782e17d1a2b4e9dba955baeb0ad0e43ba932b3bf25ae7dde |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6F0O117Z\base[1].js
| MD5 | cb463df0a090cdfabc77af2691141830 |
| SHA1 | e3dde6a1f5c4803e69839154013496a781137473 |
| SHA256 | e09e2e8a3cfbcc88eea12d0b17161e1f2c8c75f1bb21100829c09f9858db3f24 |
| SHA512 | 099374f7b03a4635390b94525105884fa101d93a583eed0d92def7d2de3199d2bd57fc63d885e8e9af0863db40cf521d2fb770eb09400a4c6285f7c37ad88e8c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FY3LN490\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 648661ba013a7a010fcc8d6336c7133c |
| SHA1 | 45bfa0de91c3af977074bb99350f926d816f3410 |
| SHA256 | 8e3cc288c2ab8981cb9f52aea6517daaddd125cc99786d1bf470a3a85779fa2c |
| SHA512 | 2ed2b8e4857fe08382099a1caf9f14bf40424c1a044fa3071756b0b365a06388909f25000a37ca018248138b80802ffe5619829b8e74eae30175333084fa8ffb |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6F0O117Z\embed[1].js
| MD5 | 14d69fc9da4a63c8ad5013b3d3781842 |
| SHA1 | e0272f8403d95fd27df22dff5fc014e2ab5d8a3d |
| SHA256 | e2a5632fec9da56d272ccdea5ecfa7000dc70659673c52a11966802e37a2140e |
| SHA512 | 0f85c67ae8969570f6cfa4d265013da7d4820ea11349b11b886d480d7d78df5c6aa1e7484724d6b21421db18678d22bae6d478d3d0e35506673fd609805d1976 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | c7db7015a1356ee33d1d0f8ff9a9d64d |
| SHA1 | 3b0b809fafb1c973b9d70bff6513b70e0e7f05f8 |
| SHA256 | 58d13943d1b09dc0f67398ebcc001f97ae674eaa61e627dce3ac4d0f2d1d6705 |
| SHA512 | c3677bcfe94fd9357f4c0ab5a1eb6028cd0319de2875d10deaf56afc0aec6c156b71b435410dca36b51867d3dc5fcb4c1dd6de7df8b1292030d7f4322eeae9de |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6F0O117Z\j85XBmD3K-auBXRuR4gFy-YbXrRwDWE2e6ZsFqyJZWU[1].js
| MD5 | c31f785afed7c3bd94e48286a26482ad |
| SHA1 | f66156197cf74e58d6e0a327e8a1e6503fe63374 |
| SHA256 | 8fce570660f72be6ae05746e478805cbe61b5eb4700d61367ba66c16ac896565 |
| SHA512 | 8932b515493774d5587a01fe6d3fd08c404fdb694219898ee32a44ef00cd8773ceec0f46af1fb2834211a64a7eb698ed6d1ee7edbf70e80593997ce65113a6a7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | c2247b1663f498724a1900f51d06bd30 |
| SHA1 | 0bbff333a9fb5736c734611a4f36c3965b6b0c10 |
| SHA256 | 313e3c3103a56a99a3a7aca609aff3a26c9cee89e3374883d37f4ae1890ce94d |
| SHA512 | dd06b7998d970e9c78744dfc38302382249fb98a113c3286bede382caabe538ebe79ef4556fc7975df75088e2a1dca1a5667b973b174c2ba15fa3bae2f81d0ce |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 2ecf490fb2b9b71cff4aa958b1e22bcf |
| SHA1 | 340212d850456d8fb5074fd4688f01d2f6e22ed6 |
| SHA256 | 8fea6851f6ead262b8c521e1247ef090de0a592231c00f70c66106f7e501953d |
| SHA512 | 2c3cfd646e97e4332138994db20e26468cec52c2b29caefb8be718bf2b6dda81d1309c3f6a5d5c02655d064ea781f7b9fe177efd190b92ded37d6dcadbf942d6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 2702dae49b25751a142701d82bfc6728 |
| SHA1 | d7e1fe9a402e6d4e310e2f3a76a57897b45f815d |
| SHA256 | 28c5c70229ec580b4221c23e3a73d340b719f846c6371af59e0e51fd03455e6d |
| SHA512 | 8fdc4cfd4a0a58aed25bf1afeed240d680773b98002040f3c11aed2dd77a2a6df470ecf732440caceeab87124575b4f9dd5cb3800083519f6f7b6d544fae15a2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 63b4e6b8113f43b76e492c48b136d7f1 |
| SHA1 | b1f9a97cc07ca66304eaf4effc9ea6d979c347e0 |
| SHA256 | 1ce364705f839c027c4e5154654029bca4e656938bc4c6e5658eb17137c88284 |
| SHA512 | 9903327be9053dd88f8e4324f4ce57dfa5a45071db45de6825169065abcc6bfaa74a122787f7be5957c9cc7933cdfbe6e9ea1cb7ef647e6ab70730fbbbffd6cd |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R54TGSS0\remote[1].js
| MD5 | 122e83be4335ed0b6b270ff458ce45fc |
| SHA1 | 4cb88bf4d9efe3759b45d01dbdf258ab8b4147e1 |
| SHA256 | 13bace7cd8fc970632b82a7f1614ffff8f8f9f8dee7d5072d633c4ad5f7cadc5 |
| SHA512 | 188863a2f4c41b81179f8039874f989163a3c61ad4a6d766dc86aacac71f80add476682b6686f8c95f6be031ad78bf5767ca48544aa64ffd303f522888b558aa |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 3c7b9d4e31fdc93b540bb9f1c0cbc11e |
| SHA1 | 5c3b7a1660417b4b97353c9b8dfd57ebdf142f34 |
| SHA256 | d3cc5395ae7da9ea510c3a01e5427c348e4d1f0fb761e63eabedf4203c7c9d66 |
| SHA512 | af83aed3bd675ee970367eeb3ba31fe664f24095f71df40234ff636c41a209144f3c7097d6adbe9d5d93bbcbc2ea8131a7a857c659f37b870522e9af334bf0c1 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 8050924c16d32da0480bff904675d58f |
| SHA1 | d9c83d3736ce749b49dd8a9ba05777bc8b6734bd |
| SHA256 | 48f738dc22a110d0d2cebd7de61611ca110d9991c8f79f79afacf6e48de05440 |
| SHA512 | a73af3f060e6a242023caaf9619d6c3c24a75f1c2e04161d136937d7ae2cd47aa4d981e539dd7092c3c2b54de3a2c26a98a7b7cf19ba8642b781f0d82a384f4c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | e43f858477d8fdaebe458cdff2ca234b |
| SHA1 | caf77669d15e27b3cc9f0188cfe0bd70e973d4d4 |
| SHA256 | 7f5c7555b2c666cb3e782f982f8cffc07780a5710c3e1520a0381155d3b94c95 |
| SHA512 | b436f67b9c4313fa4ad35d09909e6be5b921251e5d95d3417cd50a5797bb5a1ac4c9bd1cc6d906081b2f5de4d99821f80b8f7a2e21af194196256f150fdbc268 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 871656593d93548589e770659b68596a |
| SHA1 | 6419329ce761e2a8fc9b0f1cc227de922e8453b1 |
| SHA256 | a4473e556928ddd985934e54f2c60d4f0dc940c0a997718ff16a546b741267d4 |
| SHA512 | f06eee3c88191e5ccfb2cff02fe63f9d2ad7b07ca8a91002ae14951f4679e0044bb4455e9510bdee6b1d1d84d6660fc2b3e462ca0520f26fa71c6382c5c9a2ff |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 1e99045c4ae7f47afc36bda5f726c3e1 |
| SHA1 | dc0fa223b0eadf2a3b2d1717bff2d9dacc689de4 |
| SHA256 | 4493055465339ad960d8e465c5db2b9e81f829ba60c1396ff905b45effaeb515 |
| SHA512 | c7602c009c289df9c4617cab8717c6d6a2269d585480e17a062f71e7b4083e9697279a43c357239d4295476d3faaa4b492ebc13fb5adcabb5ed57c86a1af50fb |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | bf1ddb7a9c9846b183450f0e6cacd347 |
| SHA1 | 539652a07c65be0a284872fc37c0448667d8e088 |
| SHA256 | a32488809b892bfb0fefb8a64038bb60325f14aa399b61aafbcb32307f4aa4a2 |
| SHA512 | 867d83f6680560734b1c4c14a3b1500d9e57fc19c9316eb7b8d365e3753f619a58654cc408cd7d4625c5ab8c5544effd8860f78dc5f7629286a78b21890d37a9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 75c53d4f395271032790dd53972a4ca4 |
| SHA1 | a713bc210e9c5043a2f978f006bebfccb28c0a6c |
| SHA256 | e575d9ee9f8321a247ef62c9f8a63ebd65f1626fa210556bab8002487114a336 |
| SHA512 | 65068881aae724ab027ae9287370fa508c149270ec2ebd8ccceaf8e68682de1e9cfe09eb9032163f154e7bf64280e86b0c20d71ced8fdf50b6527037eaabf643 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 48dd77d27a9695a5422517d99c928051 |
| SHA1 | 10cc894a8987dfe536e835cc9c57c18cbf7c5fb7 |
| SHA256 | 7265e1d22f648399aaf8cbd6b6979a1570eddb2029a007e203b9f5111c193b8a |
| SHA512 | a4b2f22ebc7aecf18c062c7d4e3b12a09d5aee10f54fc892ad476f750f324dd0e7ff0b292d82966dc30195d2520435e1b887abbb939ddb3bb1258e94ac0a4098 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 093c25f2a80254de8178f4c021cdd246 |
| SHA1 | 5b223062b388bdd20f28b0d3cbf2b7e1d4d2202f |
| SHA256 | 470e05ed1a7d5db2612284804a56a2f61faadfacf924b15c695348bce2915eac |
| SHA512 | aa44f5782d2a2c5b6c0b2be5351fc34ca1a1fe61a6b303642590cd34af360c9a866cd1a0a44a027d9aa474a6ac2f9c7e5245b34974a8e228cef7b0357e529f6e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | b0d81a2873bd7144af8615b092d68925 |
| SHA1 | 7d981a6811dec246d3d1f9fe6afeddfcf97abc5c |
| SHA256 | e2f3e4944dd7ada282c8f60a655d72e076d36c73b034ea5187b786c67cda1c89 |
| SHA512 | 2c351a49b03245bcc6685da4f67199176d4b162d33a0a33d1cf1b8290017c9bbae0a814e1387386e543242e0cd322d24ef849c07bb70a58b121291bfdd217773 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 589b7a9a361de0250e519355270215b8 |
| SHA1 | c1d4ea6acdf1f523d21e27e050c94d761946c036 |
| SHA256 | bb49e5634759a54e1d8fbb853021bd82756bf9492752ec773c8ebefd636f0112 |
| SHA512 | 4b245f58d9c73d5e0d44f33bbc6382cf86af0a14186bcb711516a65df5036afbf2a2b700c7b87a6c716a748c21cd4c153dc4c4941d9a0be06158f6a5d846f3d1 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\8AQX73FX\www.youtube[1].xml
| MD5 | 0c19dfb8e57c624c729831394a15778d |
| SHA1 | 3b67695ab653503fca5c6ff3f51e139128104237 |
| SHA256 | a17f6cc49f2ead77bd4a0399f407453d6be6ca5d5084f948c9f937d711551999 |
| SHA512 | b61e00afb072da8ab1050674ced9988dc55bb3a84811c4aa58519c604b2b6c11b7066902e2c8eb1fa22dc1789f97b7d635a1bb17cf2f1130c839525871292073 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9b798b42bb9b29e3d886fc39bb00a90e |
| SHA1 | f199fda7e38639568d5e75573ecef56dc4fc5227 |
| SHA256 | 5a72ac94f7f1b776fb0a37652219bdc90053430f0534874695ca5783963d1038 |
| SHA512 | 078408372c0cd40e2a0e0d351249ed416842d38c881cc6ca59775aa86672b509fe9d7255b78c2b0abf13730c3f1304ed3efad01622ad568b7ed3d51b8e70e950 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 481ba4a6b95e5087697fd00587e22f57 |
| SHA1 | cfd4b916e0f486d2a244b45c5ecc02034205fa99 |
| SHA256 | b94e9b47c2a82fe21211b086a81e81513f9fe7b25c46614b02766a042009d5e5 |
| SHA512 | 29fa61a0f0a26016ec5c1b8b43f86618336b49b4f2ca4882e7d6362ceda0363d3e5b3f63c99bcae37c354e0f853f2042293951c181fbc087f70110c0f9874c70 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 726b254bd31aade463a33421deb7d7b0 |
| SHA1 | bc05616e80e9d032caf7e080fa6738cae2866ad3 |
| SHA256 | cc67a447000b06995024379b3b5c8c8086420eb4d90ee2fabe0f03dd35fe1b81 |
| SHA512 | 9016113accd73f7b8e5a03ce204691e22f53723265fee9b80750a46cc8d6a5539cb237ccea5e940bc13f0e2abe73284b94f60499b831fa6d9d966d9b2ec72004 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c7075dd151cd63cc270760cfb7ecb96a |
| SHA1 | dc82f2729a57ab248fce79fb2254d2e349e23caf |
| SHA256 | 9f0a7d9ffd25463bcbf4f242cc7e2bd41c7dfe6ebe20307597ee6288054db78c |
| SHA512 | 323db4f6097c918aa53318a8af639cfde1fbbff7037344d43a3d82bb5ba6cc396d50adb1745389f0db1fe0f8f9da39a06e72662005f09e7f77eaaa753b8d3c05 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 24f567423b9eb3a790b9f0e5da416f8c |
| SHA1 | c2f6201a91357c916f97183532ff3877869fc7cc |
| SHA256 | 1781177cba2739f29b66c9c0b89b1ec568a9b8c9614ed48d5709d715a8098dd7 |
| SHA512 | 00eb1a90dec8716588a12603f8d59a9364d152ce9b1a49c2361cff1a26e7371e755d0367b8ab64870618ccd01c54f2537e71411b816b99570ed6e297da9dbece |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 65ee366e2731d606f200c90042b1e94c |
| SHA1 | 9e2712b50985d5980a0e29a1baba6831f000c527 |
| SHA256 | f7b776d78fc078221c12cd0a4881a8963db85971db15380576a2c0fc3b437ce3 |
| SHA512 | 18fb31aa7dfc73c245696a5e4872e6b09cff1e75e56e54c473658c21bb15270418351ce9c7c1e90f654641046404d649e4fdf4862404d54986bff793454c2ab5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 56fea7228aedbff728b474025ffdfb63 |
| SHA1 | 38b182cf1afa692f464ba2aa3f2ab77605b7d01d |
| SHA256 | 0719a065103276f0ab8484403fdad357aab77bfe68ca06d797653610b617aada |
| SHA512 | 49282f5a929cd41b05c6699f16f248c6e0b664ca9008c61e5896ad6b803ac04065fdc682024e62495428b6888c270840137df16808f7ac74151f2c5f92979820 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b0e9644f9a8b7dd9edaa54847af92c87 |
| SHA1 | 7879ca0c74f906435fa54dbc877d9869f4f4b135 |
| SHA256 | e481c61b69fd72e9f372569cf169cb117ec179971c9ae16c0e068db5ea2e03c3 |
| SHA512 | 31430dc14a45a85d9b0a0ea92fbe8170f6aa18d199555cedc0fa3c6cc94f5caed200d57945fbbb55ceac012555070c9182bb0481109be7c04d19dbf571df42d3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a1054f1cb6c8ebf5c867787753208421 |
| SHA1 | 01316399c02b983dc7629879e87c63b543dfb03e |
| SHA256 | c7b590d31f5f555fc59ef0a5f476528e4250705dbfb8c4e13c7abe23dc7512e4 |
| SHA512 | 1cfffa9ac6f4b51023d937c260f96d10afda3c9e7c01b7d0b5edc24c99caefb637914e845e1e05ef82f91318d5745227b5d0c8ff3c62ab54e7a05a5b09fa0119 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b8bafcf515cb12f3b9f1fcb613f4755d |
| SHA1 | ac5cec1d433557a6397b7bf87dc5076c65667898 |
| SHA256 | 7e3a5513e97ef9f3ff8a4f0aa853d9c0722287f3b8409f421783fe506e195209 |
| SHA512 | ebf9228eb9a44598f1418c58b75b0daabb10ab09854e8e06b659b6c89f43eac95a5c102e99d538c3cfff327a90f013ecc08ed9db2731297f551a17e07c352984 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 63b48fd067f9ebbfd0ec8359b14b1fae |
| SHA1 | 0f3639d123967ac21de4e816695c0be128f88dcc |
| SHA256 | 3134d7c82c3777626624341960e82a1d89188b2998c4f539a530d65d0f360c33 |
| SHA512 | 57b8ca2eaa7459d7cb239730493cc48e5dc5128332acb86c49904a446c22363718cd83567f942fb69ed161753887af5fb6c24a367328dace21a335aa4197558b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9471f2a17107042a95eeb47a94229581 |
| SHA1 | a15b3c1703378b7c108061e56b22af143877384b |
| SHA256 | 58839edb4882e9380dc43f91dbb60dd40e1be344948e9bb42fbee98b59a1fe6e |
| SHA512 | db307a3646938740166cd902043cdbdabcf06b19dd4c0e3cc30d66585e06bcbd80610546962675b491ff32bf219110f5fd3ed5218162ab17f4a314004a31cff4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c32b25342a8662e6ec5fe08c00866e5c |
| SHA1 | 057fddc509ae0ce15c88eb53ce077eb51a4f1b30 |
| SHA256 | c14e2d57b1b3882a303af5b9b89508c90bdf0cf27d6da011a0cc08ded897040c |
| SHA512 | 295fdeba780378d8a89f3771ba830dce25cba7e47d6fe18d2786560573308e6127a4af9a26eeb3ec4e2930a41806980108e438010e9ac4aeff7f2d8409f6e52f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b05bcfcc4b0b78a41386d34fad7b1f21 |
| SHA1 | 0311a90f25fb9d1421b0d6930ac4fd0cb3e57160 |
| SHA256 | 3e1a5cf52206510cf3718293dffe69b659669747f8523b5466fdb74b74b5308d |
| SHA512 | 53aecb7ad409984d02358fc89d4469c6cb31adf709a58c1949872ad5b85f1ae443c11390ef0033e95f2102607b584b74383ac1dc6f359d8fa4099a129af86c82 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 75efd7c6331509e20646216e7a742d8b |
| SHA1 | 440a4c1cf2f574336ca9a51f480ebbf28a473fe0 |
| SHA256 | 56855dc647ffe7c315d74070e5912153c3ee2300429e1b4ef2dbf5038413c8c6 |
| SHA512 | 62a74d7f8581db40fb859216cbed5e71a17821df50a2487d5c8b92f6f7806b5270da2bd2819c17692c488af307fd389fa382aee1597ecc0c28abd130bac0dbca |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3816420343697fe993d173adee46271d |
| SHA1 | a9e2d8f8dd5386d20a79e4712baadb50acebce66 |
| SHA256 | 9f1ae0c6bee55692e91b9a14a6b70fb5f5d2cd5cb17de8776d982304b3367772 |
| SHA512 | 5512f9ed394851794a80aef1530adffa4fadd37bb6fdfda0563ee46ea9c164f1f4edc5a53d1cba8e45cc191d4cdc06a5a59343a6172b8fd5f4020058f717bd60 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 03:35
Reported
2024-06-13 03:37
Platform
win10v2004-20240508-en
Max time kernel
145s
Max time network
125s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a3b0ee24cf18fa451dbdba7ecd9147fc_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff956ee46f8,0x7ff956ee4708,0x7ff956ee4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,15355166010087575694,631101629007011509,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2648 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4158365912175436289496136e7912c2 |
| SHA1 | 813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59 |
| SHA256 | 354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1 |
| SHA512 | 74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b |
\??\pipe\LOCAL\crashpad_3636_LASRQUDSXFIUTOUL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ce4c898f8fc7601e2fbc252fdadb5115 |
| SHA1 | 01bf06badc5da353e539c7c07527d30dccc55a91 |
| SHA256 | bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa |
| SHA512 | 80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f44f32fb3d47e001f255fc2cef02787a |
| SHA1 | 2aa6256e48576e08c9784d7fbedefe685f3acae0 |
| SHA256 | a6e73058f23e21716a66ba5ce928a74019785ab4b6e338d274a6c830b2c4c43f |
| SHA512 | 43d8ee66de29b6f356487794d555e21a7c134e306424f02d1f16fb03bd9480b9211d143b915eb694a964d145f9ae2a816089dac758148bc148630cab880da1a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0bc4ece2e03a3ac99f4af20dfa91ac04 |
| SHA1 | 8d47a129889115d7d46d708b448041686e9ec6a8 |
| SHA256 | fad5862c407695b8cd5a17bad84f80861e70c835317236ea14cb4ead78e408a8 |
| SHA512 | 117ea9153a40fa41cf224a3018c5e41411a1076a1be1dcfb51e092fa4131ab94b9ab19f81f0156418484df00a72d7d28b8e54fb1f739ab137d9673bd52a98e65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | de4f5c12e99f54fd9f22fd38f65eb308 |
| SHA1 | 58b2438bdeb644a038763c8f71a5bcd7e198cccd |
| SHA256 | 4b72cd55fddd78cb79755f7165064b78bb5c6a327bafe7b9f6a21d9ad90a58f3 |
| SHA512 | d446dc3dd73818293e67d0cf9bd5f9de818a34fc2504477e87331a923392cc636f1e01dd45db40648c4e320d9a5c6c2f45feb83e380cca6c3cb7cbee1de366d0 |