Analysis Overview
SHA256
aed6f63e3522c2301815cdf29e896a6933164f9d9da2846fca0faab91da3e5b8
Threat Level: No (potentially) malicious behavior was detected
The file a39ac2aa2ecc732b55160d9aeacf49a0_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 02:58
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 02:58
Reported
2024-06-13 03:00
Platform
win7-20231129-en
Max time kernel
147s
Max time network
148s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{C3496981-2930-11EF-8A73-D2C28B9FE739} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3dc241a2db915429c1ba1a5afa679d200000000020000000000106600000001000020000000032f2bfbf345aecce4c1638df9ebaa93a91f64c7cf8415d6b8fdbc9e7eb5b9bb000000000e800000000200002000000091189151aa62d06481a2135eb332622b655336060d0543c10322ea9fdaf5b47f900000001c5c9cfa11f3b77ba7a0afd6b02afe7db2fbf4ea29fab0bf622d4ffffb515c13a551de7e135cd20e69aa7704e6978c35b70152d4f8be4e5b4252f76200ebb26d291af9fe4dab91a5f58c915b9f76797f3e39cadb422d818eb49fffda4f567dccb89aaeda924ce8652b4e49e328992bb9850c0ceb17d93d294da8b1c6eef9009a5a7d7f11b29233b25aa4a1416a0196754000000009db678971eaa5927b2f93df9c8a6ab2288da12b9689c91144a47cddd54791b9c2cb9bdbbe3bbe3fc10afdd046e29f9fdb86c11bf9d0eb136d85b8a06f0408e3 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b3dc241a2db915429c1ba1a5afa679d2000000000200000000001066000000010000200000004eb8fed7c2c44d854adbeacdd8a3f5cb0255fb129fe483097189004bc64f3896000000000e8000000002000020000000445bddd8116b96e2633afa587b563969d000c561bcc0343ade53afc243db1b1320000000176c2b513eeb502569af0bb83c8c9f3061ab964a9159d440fd8d39aa3c0dcb0840000000a04db5c4f7fb97f2c4e9e40576606f3bc516056de84b946c6de65468b5ce46e68cdb18712457d7c3b714e789afc05f6f30b70adf28644ec3a002fd4ac65cb759 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b0170a9d3dbdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424409366" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 3028 wrote to memory of 2032 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3028 wrote to memory of 2032 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3028 wrote to memory of 2032 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3028 wrote to memory of 2032 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a39ac2aa2ecc732b55160d9aeacf49a0_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3028 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | pixxur.com | udp |
| US | 8.8.8.8:53 | www.videoporno-gratis.net | udp |
| US | 8.8.8.8:53 | widgets.hubtraffic.com | udp |
| US | 8.8.8.8:53 | cdn.popcash.net | udp |
| US | 8.8.8.8:53 | syndication.exoclick.com | udp |
| NL | 95.211.229.245:80 | syndication.exoclick.com | tcp |
| DE | 142.132.202.70:80 | pixxur.com | tcp |
| DE | 142.132.202.70:80 | pixxur.com | tcp |
| GB | 143.244.38.136:80 | cdn.popcash.net | tcp |
| DE | 142.132.202.70:80 | pixxur.com | tcp |
| NL | 95.211.229.245:80 | syndication.exoclick.com | tcp |
| GB | 64.210.156.22:80 | widgets.hubtraffic.com | tcp |
| DE | 142.132.202.70:80 | pixxur.com | tcp |
| DE | 142.132.202.70:80 | pixxur.com | tcp |
| GB | 143.244.38.136:80 | cdn.popcash.net | tcp |
| DE | 142.132.202.70:80 | pixxur.com | tcp |
| GB | 64.210.156.22:80 | widgets.hubtraffic.com | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| GB | 64.210.156.22:443 | widgets.hubtraffic.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| US | 8.8.8.8:53 | qltuh.bellatrixmeissa.com | udp |
| US | 172.67.218.75:443 | qltuh.bellatrixmeissa.com | tcp |
| US | 172.67.218.75:443 | qltuh.bellatrixmeissa.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 172.67.218.75:443 | qltuh.bellatrixmeissa.com | tcp |
| US | 8.8.8.8:53 | qltuh.check-tl-ver-36-1.com | udp |
| US | 8.8.8.8:53 | qltuh.check-tl-ver-85-1.com | udp |
| US | 172.67.142.122:443 | qltuh.check-tl-ver-36-1.com | tcp |
| US | 172.67.142.122:443 | qltuh.check-tl-ver-36-1.com | tcp |
| US | 172.67.221.186:443 | qltuh.check-tl-ver-85-1.com | tcp |
| US | 172.67.221.186:443 | qltuh.check-tl-ver-85-1.com | tcp |
| US | 8.8.8.8:53 | dcba.popcash.net | udp |
| US | 18.207.37.195:443 | dcba.popcash.net | tcp |
| US | 18.207.37.195:443 | dcba.popcash.net | tcp |
| US | 8.8.8.8:53 | www.cam4.com | udp |
| NL | 185.94.239.81:443 | www.cam4.com | tcp |
| NL | 185.94.239.81:443 | www.cam4.com | tcp |
| NL | 185.94.239.81:443 | www.cam4.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| NL | 64.46.118.23:443 | www.videoporno-gratis.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| BE | 108.177.15.157:443 | stats.g.doubleclick.net | tcp |
| BE | 108.177.15.157:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | snapshots.xcdnpro.com | udp |
| GB | 64.210.156.22:443 | snapshots.xcdnpro.com | tcp |
| GB | 64.210.156.22:443 | snapshots.xcdnpro.com | tcp |
| GB | 64.210.156.22:443 | snapshots.xcdnpro.com | tcp |
| GB | 64.210.156.22:443 | snapshots.xcdnpro.com | tcp |
| GB | 64.210.156.22:443 | snapshots.xcdnpro.com | tcp |
| GB | 64.210.156.22:443 | snapshots.xcdnpro.com | tcp |
| GB | 64.210.156.22:443 | snapshots.xcdnpro.com | tcp |
| GB | 64.210.156.22:443 | snapshots.xcdnpro.com | tcp |
| NL | 23.62.61.97:80 | www.bing.com | tcp |
| NL | 23.62.61.97:80 | www.bing.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JVCWHMT\98372-300x250[1].htm
| MD5 | bd2695f4b079c71dbddde3436286fb9c |
| SHA1 | 733c05da132193d6cf1d8e242d12e2525c03bab4 |
| SHA256 | 2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b |
| SHA512 | 5b73af24d095f7593026d3f211da6775d91c2efb5cdb0e0258ccca8edd3f8645cdf80d8338c863794d260f4bca08637233be3548d83e7225518dee2f47560798 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YW4LOOUK\space-robot[2].htm
| MD5 | 01041709ecf6a3f0b549820730593c03 |
| SHA1 | 55775e4279d24a34f601bf8180d9f280b8131e0d |
| SHA256 | 51907b3319c05ec1c1a7466f4017f4dcc7b6dc59a29ed962bfd36572f223bb51 |
| SHA512 | 70225e01be14f7c73cc4cebac8759fcec92f024d6972a6cbe30cbf7e5f01fe1d4658c077fbeefce5a47f082ee6eb60a61b44f48ff9a71cb817e4d9d111cc00d8 |
C:\Users\Admin\AppData\Local\Temp\Tar1BEF.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 55ba44b8badd53a683a9546ed8f02685 |
| SHA1 | 4f991ebc7a350d380a290543ffeba20db3fe3291 |
| SHA256 | 62e971602b483da413e43e2f8b8d7d8540449e180240bf9d4ad78715b208ed5f |
| SHA512 | ed76dde05b1543fb5fb480eb8a26931a9f4c728e73e7f231bc122efbd4c86706ec88570dfe44acecaca669d5fb101f34c598e72e97ae159fca3256a43d204014 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 50ac6f07f28b0963ef3ed8169936cf51 |
| SHA1 | de93c8d2e64b831a084a4bcfb3c00382e6f24a50 |
| SHA256 | a68b894c9dfc82fdbb4b88d3e1ebf1daa023d9136fe414dda73fd2090185fe93 |
| SHA512 | 93f74a7e7b26473dfb7ff3ba87597886dec834f9e8d4b735d64a1b0b84d2e022c45391fa45b2770d2727fbd0d38f2d94cb656edebe88f26b01606d2cacf5f158 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4d3181adbea4fc4ab35d6d58cfe02a0c |
| SHA1 | 956b3e3caa6293c9fca71ae43043574c0dc297ed |
| SHA256 | aad6b34130c0625f6373b25d47dd3012cef63bc92283774ad738c425eebb54b3 |
| SHA512 | 6460fc9e8bf9d93d3080933a49659206023fae798cc586117e9ad6f341085d11056239c74e9aff49b0469c110a8016754595c7c133c19d5c96b3d030e510b2be |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1a54e2457d97e7f70bfb7be2bf8da589 |
| SHA1 | d76442a98f511c9e121d5b60ba00a7a581d9ad26 |
| SHA256 | b1c07babbf3bd9461cdc804f369ff19db83061d3c700491582e96271421bd2a6 |
| SHA512 | c13f939a691822fbd66bd75c059cf619ad51ef08495ae2ae0a4d07a96ca7e4c8b0be1191a63648504fb6f7dfa3d546d31a3bb257dd60c72946c5890229a47a82 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2832de5bb8de1680135550893915fb59 |
| SHA1 | 00933abd27083b04a967c11f3f3723774572800b |
| SHA256 | 2605144c8b867a412a15ee01f8141426b3d2fdee87eda1666233ae8753b06acb |
| SHA512 | 43bed2a57084dcf60f8a27399a8e8b103f054354bee277d9297e9e8498bbf5e8cd685da7a6bfed563b5de8cbad087ef949e90d4a2739e9967eb3f66a14c543b8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6caba8bff1ad98dae8b38e39c81bc78b |
| SHA1 | 8e2ff957b119adc678ba88f51d131f1fc63e44f3 |
| SHA256 | fb503d8e8df9ce66bbf2baa4d7b07aa95489075bd339411e4ef1a9d0c751769f |
| SHA512 | e10f2e1c5296920c8d697d88d8cb250e4f7a5146ab86b72458ff9362cc7668c5a7e1340cab9889c797ffa6ef30304caa50e08b3f6d79b7b5ed2b060e9a04ed77 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4ae308ea89effe95b615ffe9863cba07 |
| SHA1 | 622113577891bfb822d9c62b09681f0a8a4e8c65 |
| SHA256 | 071e6525649d312d5bd7586eba5154a5074f6b4f96d13c94dc51f8a318df1d58 |
| SHA512 | 7681fa483266cc81fa641b7873435e418f9d5c20384f6560a5c6a6a308321c63f686683ea8d34a2218c900e4d0029665558303d0365a63535898831bcda5e511 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | c5dfb849ca051355ee2dba1ac33eb028 |
| SHA1 | d69b561148f01c77c54578c10926df5b856976ad |
| SHA256 | cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b |
| SHA512 | 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | da692299265bd8767481672515d16581 |
| SHA1 | 2b5eaf29ca83b0efef46b7b474ef4d3be4fdd66f |
| SHA256 | 40b84d20c1610d94a5401bcf5f0958fcac29668d258452778bca0fbff85f762f |
| SHA512 | a8780654f6c338e73fbd3b41df40fbec283c07852c4007b815d0b1481be47ee21ae23978dc97bb23ca915d590822ea7ae350a8d93219750108698fc11077cde5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | 886ac4d095caeee0fce1fc8d872a14c9 |
| SHA1 | 99545b03dd938496daf3083d0f85b3ad64b40166 |
| SHA256 | fd1822dfe898bf84c0364dada0c8ffe18504110d1614ab79769aecaead43b5cc |
| SHA512 | ec50863d5d9738ac3f858833afd8694e156b3ac6a8ccadfebfbbd528a5f3a9824c0b26ec35e680369a97ac57d0179e899a100164b7926d729fc8e51520a87d1e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 24f362f62a7446ae0da19f4af7eed41a |
| SHA1 | 209b1b248fa0845e7baad24c97a457216e394a4f |
| SHA256 | e39047eed2fef9b60c0557d90a773b9735971a9c7173d98f405b0e65e89e3ce6 |
| SHA512 | 6081c0231516dd7af1a5c360cf0ec69b510f1985a25b15b2ccbd467d9a17c1553a529c09e94da19a820dd1ff23ec136a8a9e47b23fc57a0b767ec80093b7c758 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 08447296df8240449b8c8bdd5c51c628 |
| SHA1 | 38490ed055ba70117a1a71b28e908bb966313566 |
| SHA256 | 67322f48c629bbf74e3bc6bd896561da595ccda9ed61653373408006e3f40d08 |
| SHA512 | 57a2ffa2d3d6f6db31e29c5021a39673bcedc00f75977bc74740883b5c2d4d2d2a1f5563e1a6edd9e76a881834cf6ae017f6c976ebbca9ac63d64391aad01e4f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2d31871d46dcb91820a281455cd96734 |
| SHA1 | 35b1847a558c780fca5b34321d0d8e983f51ee8e |
| SHA256 | 199c0bde88002c72957468e827b94f68ad621d8b07b236fe60f719a1ef215974 |
| SHA512 | fad9f50e09dcac8802c967b5960b3a9e04395a3e6db0e9ae476a6317d5e2261a24195b65e6e5bf0b67da968abfe1535292ed25f60eac01c4592c0b735f70c9e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 59b2dd1bac39b5890721e01f27379909 |
| SHA1 | 2b6342e33661a0d8ddc0b53bc5476b018c577827 |
| SHA256 | ea627e89e1d1e946258981655a6159c8b0225a571e549d072d94983129fbf0f1 |
| SHA512 | 0b0dad1aa5b4211468bdb45d78751cbbc66badcea56acbf2c5d3b94918795e773342cceeae1b82204ece577e2da14715a198e04978a08fe75f0324e9ff7c7d96 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9d5dceebb1d8fbb9bdba0b18408080c0 |
| SHA1 | 7ee501272784d5b5a0fc21f7181ec245024cc988 |
| SHA256 | 6cae22f97f07751e07666488dcd2613d0acd54ccd936b0a896c31275cbebd924 |
| SHA512 | 72e21e224d0d12e16424ded7c767a4917881aaab9fdc1619e7e140374eca30818c0736b0c30487eb5463fc50b14b74ec50af679db56018c311396040fe40eff9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7543f80050e1526185c3d0e130ef80fd |
| SHA1 | 8d69570357a0ca3a80c5d4942bf2cce96a2f2383 |
| SHA256 | f2fef85462e3097eb6e77a5ec0f45515bfae4ae5ac16ff17db417a9b62343b76 |
| SHA512 | 6a06467c034defd3ea839dd1ad786545251ec2a05f4d5fc59c61e5034019d309245149f2015ddd26e704f42b3064c341ed9d1c50128d16b15d7ead9d34d39aa8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a1f0d78d18017eb65555a3a94c53bd09 |
| SHA1 | 39c392d6a33c898cb03b6f7bfaaa4398b5f32138 |
| SHA256 | e42fd0cce11534a20b0b692bda346c78eedaa6b4b560f13da9edbc71add7c878 |
| SHA512 | 2ae05c5a58b611cbab23d76d8912102249643e7f19ac78df178bf81127a95e08e7ad0fa3dc26cac9733d92a3041d4ec382eebf7b48691f2732576dae1463db53 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ef9ee32fec09015edff331470115a500 |
| SHA1 | 81c9dd81bcc3c3c89dfefa86aca5f4c63217dc35 |
| SHA256 | 0c7ed322d718f8639c662390e298d80eb25569ce5135cff36ec55fc5dc8c8cb9 |
| SHA512 | 00d4554353dbfc8264a20cf5a7ac43fe76e58f0392fe9fa75e506e6507ae95b8a567dff0be341cd8ea52a28398533972a9f541fadd4d02fc777a8c0622bffef8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | da0b8a8c9dc9b0a207d63a88fe4a457e |
| SHA1 | 12132b58db2ea3b0572e6f992516871a7c9c7123 |
| SHA256 | 30eb2b7ed7a77356a5f794fbbf62952c843aad04f9c5c24941cbd19b9ec24040 |
| SHA512 | 48e8305fa82ed1a5d5e8c4caba3730df888567f0d724afdfe0dbb27eaf13a029b8182f6e676bfa4599d8a9ce28454bfd334add2e49efce10f747fa975891ecf6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 29c1645d3804ec37dca946f02a4950e7 |
| SHA1 | 1f54a6f3952299f9d4666477a532c8cf4042e0ba |
| SHA256 | f3d887d2e25f54e255f80944f6000c78a9c974a107b6cf8b7a4bdb499f64116e |
| SHA512 | 034ba782c78998882b83cb5136043199c7511c28ea5674af89c07da9f187180407f0773526842fac162240c6b7e686666b44f72f1dcd5800082b587b142332f3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d85ae57c040c97a71a0499d8e18aa4e3 |
| SHA1 | c45d6caf2b1f6a0109a4dc3fc6f24410daac019c |
| SHA256 | 5fda36b8673afe040fdbdd2285441c1a8b18d4cdf81776bced0b1b50b2a485f6 |
| SHA512 | 9c876e198005a527458a62c6834ccce98198ae6e2118652b99732829c529fa7ce2a47809ae5771d0c772ba75db890d013e465828e87243441f587e4a4572f64a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7ef5bb76c37a733aab016edaf81d2f83 |
| SHA1 | 0c58f55f1f5f8a4f1213935cfe0282f5198af142 |
| SHA256 | bce3dce745bd807389684e6cf3a9a132e8374b0adb29218e22c6d1023bdef4d7 |
| SHA512 | 295a7e113649db46cb94929fb4212ec7d526ad5e5e81be01b7890d5ee4d427ee41c15465b304754ea869218e803f4bf4d81278144b5b04e4cfa15e112c93d653 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 09849d0b631ffa5a3abdaee88d0df2ce |
| SHA1 | 3f8f554cb8b1b887c0477dcf77dba300b0ffcbdc |
| SHA256 | 820f276f14860f571fd97d40029a270f5c753b60a8aceae237cab7b435413ac9 |
| SHA512 | 08195e89a8d8534828f315e93dc144ec468cd3db0a7b93c45b65ffdf2476d5a1007ad2a72d8352eacac69dd84ab94896bce1f7e0f63ceeecd314c2ce58c68201 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f43da35b4cea9164dc1767bc51097886 |
| SHA1 | 1c0b71ba9fea5313beecad8387abb76df98be2e9 |
| SHA256 | 31db2fe211241563ee223e4a3ddf9a4de0fcc6be273cd444a432b6b13b31e9be |
| SHA512 | 4cbe11c19c0a66fd1448519df8daf2008a614fdf746f4c496f0d03023dfe29342b6e5908bfa0604c3ae438c916a2d8dcd5d64bac23ec04bda1704bee9983c24f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 506214417b54e39d1a520399ec3ad3d0 |
| SHA1 | 48639572439ade050eed2dc1de62e5dbb16e746b |
| SHA256 | b909f98da95a6ab6cba43b050dd28df41f8ddea73fb363d1b17ca2130eaeb45c |
| SHA512 | 42e02d4b852d869146cfe48773a72af7e80827caa5f46f9728a16829d56daffc1f702b5c0b2914a6dd44c1f94694a7a9be404c592826f9bb83385282ffa1d96c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 49dce5ea4ef6e7d96f41fe5b18a977f3 |
| SHA1 | 66138aed53483de645f9565ae97eb2702815499b |
| SHA256 | 75b63dee381be97fc9093659e732579e4160c0ee6d3ba664882c16684a43977a |
| SHA512 | acccdb07d9276a06dfbd8f635324817a1926acb93ff9058de035be9738567e4cc2ee57ef51acfa94aa465a8be4e6e600dcadaaeb513c3e10b13c7efa2951ead8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 88faa7658fd6a38e7ac64db0939bb1f1 |
| SHA1 | 675853ffa356c2b7c93ae2f3ffad69297ade6c5a |
| SHA256 | 255da427e0de553c69425049fae37216b7962ebb225a1d5b53f642794d17b790 |
| SHA512 | d9691c8995e9ffb22c584d0c3c3a779d381b1a41d27b8d1deb35c7f0f98e15d6db858f70f474d03fca1d3da8fde66a8e542a709dca45fbcf95cd82dc049b65fd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 95944063c3532476c8819e361817d177 |
| SHA1 | 47e854d8ea7d9b75a8b59b648b3c2ff39112d6c0 |
| SHA256 | 2ea50369b1ad76ce3dfc7c0e2dbf335d2453fb20d85f20312f332d95667422cb |
| SHA512 | ee09df2b7da4c8813fad673b8c260482bbea05b4ccf5934cc27a389aa6fe4a160c2ff839ebe6a759fa352e09c1bd9985fa748ed3fc3b219ec08884c0e5a2fedb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b6efd40cb8e4f46498b9b3529dd17b67 |
| SHA1 | faa11f80d8ab43f7fcb8ed1ca08d7302c177aa60 |
| SHA256 | 959eaff59b77f9218a4dcb7c5c7f9e7c1e5bb8d7196cb9610cce062fd319135c |
| SHA512 | 228c99307bd592f169f5fd82675c3a779f6409b7311b1f89fb4afa3594d19bda0821ebaafd1b3d3cca2ce217cf3bc8c4927445bb92d29516db75ddce1987324b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ccbf9b5d022511b039e2824aed2d1d32 |
| SHA1 | 975b79b3eb2635d185b1f2af013fe6bc81f43eb6 |
| SHA256 | c7644508635bae3d79e581d5840f457763f668dfed37c82c05aa849adbaad0d0 |
| SHA512 | 9bd9a185661cfa29b0bd90882fc2ef07a0a9656e186268abd783eed55e33cf568741d865859d5998c04db0d4c086e82fbe9208a669a6ad0790803bc5016a014c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9264a0edc3923bdd65e50b0c9f5fcc98 |
| SHA1 | da43b0efb1d3567f5d40d6c4a5e616f9f0726477 |
| SHA256 | ac4ac7f69bf0e8be4d2e3632433e0fb958a47fcd8e5702314cbd20b5222c44ef |
| SHA512 | 8a6b5e6b5714640afacc32afe55163fc6a0543f05d630aceb17180636df0064255c545e7835f7c3105b125e019f7543bb9433b0916f932be7e5348466b3f02e4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0adb58f137c8811858cf54b6304df233 |
| SHA1 | 54f9ad9275ef4c5ffb13c56b2f3bd9270e937366 |
| SHA256 | a341249b3226edddd4237b32b88f96723a10edc848c2dda10e7f2e5f9f425fcc |
| SHA512 | 67e811d87e9c858dc64d3b4e14ef208bd6b240192b50e8e048a10645f9835a77d938353a875a59aa79ac8bb228cd85827f294ef7ca5a354d4f4c6b3a64a00ca6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4f9be2d3acf01405299efbd44807a41d |
| SHA1 | c3fc19bbf3df1b29303c0eb494a77af8b7b8c253 |
| SHA256 | bb3f49a978db6a71daf80754747f7ab2d9d93f9c0f240e2fe7726cdac80acab8 |
| SHA512 | 81fa02da46e23929aa8cd8c0f8a1d01cc63f3bb287653974aec1bd5c68e6cc61138e603162bb73b82bd797e70ec9a7e7c9273f9ed57e81dee0b663d8565d6ae4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 455c841d782b1c0edff40f0dc9dbc3a4 |
| SHA1 | b76a89b8abc1110a29923917b99729760fbdd240 |
| SHA256 | 2210541a573e988b66cd1efb86a1587ea748e25a25c5a30cd2fcfb17482fefd4 |
| SHA512 | 47889ba7f28f9ddbcc936dc213822276390787a050fa780707e4c4c762f3ac588a76b9e9d99f29a5883c6225f70f4ccd1709b9e44f3fb69f13b3b3fb8564db57 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 055cd6571e8def2cb2ac5efc314c1140 |
| SHA1 | 145a7a343114e5b6bd3c25a17542c661c350ac6b |
| SHA256 | ab307c7a91474b3cddf4290b32389ef2b737b1d07c55c22a880d0b294d02c2d6 |
| SHA512 | ffd68a2c6e486f51953ea550d6ab8090c5b4da31c8ef077c1b92c492d182c9f1c2f8b4fa3e0e1cf529c2f09022df1b5e82934d60d13313f99b91b49d5faad8a8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1452738d72ed80f1df4c4522bdf5e068 |
| SHA1 | 1ee73d94cc79bb6d6c7cd1b3196bfac93f8a70c4 |
| SHA256 | 976d16784a91220ad0fe68274990b5e93a93b359c4ee0fca7f66eeda03638602 |
| SHA512 | 012c1dbe1e521c07736778fa0e71e4896f5e67c13c923f352a87db7ee37e4b1542a229a5d447052ee742f0956d21dc1862bf79973a04cd372ecc0aba21de6d3c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bc9a157121df57d59ad72718552da950 |
| SHA1 | 67103b72d0580e738dd3f71a40252060d4d70a41 |
| SHA256 | eb3099d4bb08d4bc73b92b94b172884b324902f2f14f9c52d382b8c9a8e4ba8e |
| SHA512 | 230ae4e91ac1b87b2e6af82bc261952c820949a55fbcbca73581ec27646475c93bd8e83fb8263ea36fc2472d7a80d5f130e2fe4e104aabef9b41cfc43114569f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | afbbd0a88b9b424d4f84282aad2fec11 |
| SHA1 | 59c8f7296314003f39634df7268964b0f20f21a7 |
| SHA256 | 66cb6522c018ddf0c65fe7d631d8ca45225f64df8904c38928d96354dd590436 |
| SHA512 | 7c6815f148c6ee2f82c28c841d7ff355102c23cd0e6cc744adf5afba7da1982653d8ea7b481c6bea88ff1051abaf3dc0712c48196c59ddfd8137c5c133b44e03 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2c0e45ef3f04cebe5b46358308742ee6 |
| SHA1 | cdb72b39086033f89a3d9b177f8c8c32a6f684b3 |
| SHA256 | f376bcc5d0dfe29dfcd776111ed9c1cea39a911ff0210d00bc5fe91466d8989c |
| SHA512 | bad4b67b717480b78dac5273a42f740bcc808e4ab681246b5290c51d978fbbe5bf1e3eaca468809234656c2754000cfc38eb4b3869e8dccc26f00e87b293ef07 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bc9ad7150038d4e3b29dfd5e8a0f05da |
| SHA1 | 8473f3f028cbb57542fe42f493df536e706b3aa6 |
| SHA256 | faca5e19ee05a205925596bcbd68f730aea1cb9eac7af0307ce3a75b9e913040 |
| SHA512 | 7cf0bee75d58c6d92bbe40c37ceb3c75a69766994c0c16f92f314a4bcfabbb2c743a53254b9e7f6e4418a856da51fc55be351ea361f564610cdf374486dd3090 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0c6bcaf482c3c26cea5718885910f21b |
| SHA1 | b48817d3e4e3ff472c6912175a44d0a648c279ea |
| SHA256 | 2856ae3a339577b64bb06334c6f3fe4ed0416a87d34eb2a2bb931f1485c60d1e |
| SHA512 | 1f0aadca5cda45bf18688e58acc10df0b23f7ad5f0183f44830f99030d30c52877e68f90bfa22aab632950bb6a2759b73ef69e7eede05676c83b835e45398b8a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 83974502b6c7a57355b695de3628faed |
| SHA1 | fb5137d88896a18abe5ff95e74cd46b8eb6c84e0 |
| SHA256 | 7e3673e44b1428b323c13d2145fb62a9daf89f5e3707f8f781d154b180fa2d61 |
| SHA512 | 1743ecd39bf7d89c90b331448db79844af451137a955e60ea9a4cd615f80a4846bbdb050603fdf21790da4f02a6f852b486247231177dab23566d78e1e421834 |
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e964bef19ec7dc2049249543bd2477ee |
| SHA1 | c9c071e1a7043c3d906b4dd1e7741467e37fffb7 |
| SHA256 | 96658f0a3b69d055a85035dc71e7f5603c6bff485b351748548fa8f9364d9622 |
| SHA512 | f1a5f3f429b510772233eef81c6e19fc284cbcffaa02a4006590145854a015132b40f7b20864cd402fa1a5b94e4ef9ef91f20b2b1e0da652117a4fa5ca00fb87 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f566c341837a3cd5d94d7e3781d09872 |
| SHA1 | ee1f0800a0fe742808965dc6e374f3934f196430 |
| SHA256 | 81a3f56608d67c8645ff0a74404c02961f7b4515418833fa432ae1a486ddb35a |
| SHA512 | 9d2bbdecb8be3de43c7596f97740929e740406c64a3dce869ec0a9c8c887e0ad6fc10ca9d59bac1959bed10f68d3429f5d71e7069f995545d76947cdadd1448b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 72b907291a6601496d6c35f899f0be00 |
| SHA1 | 350f9abcd88509c36932d87233e7e800bdb04db4 |
| SHA256 | 3b07a2d419b9479d77cc999d585f770949157916fddd8d786eb7b0d6a9cf4905 |
| SHA512 | a32c36aec133e8b0bf47ea7e67583bd86f5155ee757dad8b0ed6c7954c5ddcd937ecb1b7da3de05967b3dee000d4e6438d3bf4efa243aab8037a22d1ba9d5dd6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 20506f0deb400636a149bad72891e881 |
| SHA1 | ef63568895b2c63e083117e44eb2f8a4fcae7d2e |
| SHA256 | 53e0fee98214171a0cdaa2c9294ed73dc9b9360a7bd291ddf644923d9b4b4ba2 |
| SHA512 | 4f47b7f66b946b1adaecd82385c79cb0fdd057d8b273a807010fa0ca61927edf2d41b053e2596cd19486a859470ac76efe6d8bf2ca4a877331e21af7eb67e3c0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | da84843114240f534e0a32acb37d217a |
| SHA1 | fc54eb90763b193d2dce9186622536796f4fe9e3 |
| SHA256 | 4e696a9416e3f104a95d6e25b10babdbd750adc37db431698759762108007c2a |
| SHA512 | 20216846c1eec36253fc9946dc94e13eef084346c65fa9d9da4687329b73541485a72d6d497c307e33740031624feae5c58e3fd5ec97ae9f41568bfb4c7c7266 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d778bb106cac940f711bfcf467ec4c5b |
| SHA1 | 38e77e2c2b3aaba5ef07b459371cfede28839d62 |
| SHA256 | b393eb8bfde2e62bdd43b5b5583832b6b78327cd4148b1991dc2723502c845e2 |
| SHA512 | 055afc4872a39da0f23ed78fed6e76b0ec14469fcda9711bd0e2d630df6f718c62c10bc57adf8c823db69a39622619e6dc8bd50e4418b9afa6a369981cbfb582 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 47001dbfb7643f6e3e48ec90b78af222 |
| SHA1 | 680d4e49e108ab5e8a34aeee6c04c8a19f8f0619 |
| SHA256 | 58ff3879cd07b325b17e562da81d3f2f029b331e64c5e78ea87cb7a5a5d240b7 |
| SHA512 | dc2ee06017416376b3a1749cad4c559861b5aba0913165925a2353b606d53b2723cc6bcf01b521054dcaca11ec32c1b82edcacf2d16afc8bc93b4cfc4ee18f50 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 02:58
Reported
2024-06-13 03:00
Platform
win10v2004-20240611-en
Max time kernel
129s
Max time network
140s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a39ac2aa2ecc732b55160d9aeacf49a0_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4144,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=3812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4352,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=4972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=4776,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=5320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5472,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=5484 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5488,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=5560 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5300,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=5500,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=6156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5664,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=5568 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3680,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=5700 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | www.videoporno-gratis.net | udp |
| US | 8.8.8.8:53 | www.videoporno-gratis.net | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| US | 8.8.8.8:53 | pixxur.com | udp |
| US | 8.8.8.8:53 | pixxur.com | udp |
| DE | 142.132.202.70:80 | pixxur.com | tcp |
| DE | 142.132.202.70:80 | pixxur.com | tcp |
| GB | 216.58.213.14:445 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| SE | 184.31.15.40:443 | bzib.nelreports.net | tcp |
| BE | 23.55.97.181:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | pixxur.com | udp |
| US | 8.8.8.8:53 | pixxur.com | udp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| DE | 142.132.202.70:443 | pixxur.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.118.46.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.202.132.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nethcdn.com | udp |
| US | 8.8.8.8:53 | nethcdn.com | udp |
| US | 172.67.193.18:443 | nethcdn.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | korfo.org | udp |
| US | 8.8.8.8:53 | korfo.org | udp |
| DE | 142.132.202.70:443 | korfo.org | tcp |
| US | 8.8.8.8:53 | www.hotels.com | udp |
| US | 8.8.8.8:53 | www.hotels.com | udp |
| BE | 23.55.98.239:443 | www.hotels.com | tcp |
| US | 8.8.8.8:53 | telem-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | telem-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| GB | 13.87.96.169:443 | telem-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| GB | 216.58.213.14:139 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | uk.hotels.com | udp |
| US | 8.8.8.8:53 | uk.hotels.com | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.193.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.98.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.96.87.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | qltuh.bellatrixmeissa.com | udp |
| US | 8.8.8.8:53 | qltuh.bellatrixmeissa.com | udp |
| US | 172.67.218.75:443 | qltuh.bellatrixmeissa.com | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.218.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| DE | 142.132.202.70:80 | korfo.org | tcp |
| DE | 142.132.202.70:80 | korfo.org | tcp |
| DE | 142.132.202.70:80 | korfo.org | tcp |
| US | 8.8.8.8:53 | widgets.hubtraffic.com | udp |
| US | 8.8.8.8:53 | widgets.hubtraffic.com | udp |
| US | 8.8.8.8:53 | cdn.popcash.net | udp |
| US | 8.8.8.8:53 | cdn.popcash.net | udp |
| US | 8.8.8.8:53 | syndication.exoclick.com | udp |
| US | 8.8.8.8:53 | syndication.exoclick.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| GB | 64.210.156.16:80 | widgets.hubtraffic.com | tcp |
| NL | 95.211.229.245:80 | syndication.exoclick.com | tcp |
| GB | 143.244.38.136:80 | cdn.popcash.net | tcp |
| DE | 142.132.202.70:443 | korfo.org | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| DE | 142.132.202.70:443 | korfo.org | tcp |
| DE | 142.132.202.70:443 | korfo.org | tcp |
| US | 8.8.8.8:53 | widgets.hubtraffic.com | udp |
| US | 8.8.8.8:53 | widgets.hubtraffic.com | udp |
| GB | 64.210.156.19:443 | widgets.hubtraffic.com | tcp |
| US | 8.8.8.8:53 | syndication.exoclick.com | udp |
| US | 8.8.8.8:53 | syndication.exoclick.com | udp |
| US | 8.8.8.8:53 | syndication.exoclick.com | udp |
| US | 8.8.8.8:53 | dcba.popcash.net | udp |
| US | 8.8.8.8:53 | dcba.popcash.net | udp |
| NL | 95.211.229.247:80 | syndication.exoclick.com | tcp |
| NL | 95.211.229.247:80 | syndication.exoclick.com | tcp |
| US | 35.172.44.169:443 | dcba.popcash.net | tcp |
| US | 8.8.8.8:53 | s3t3d2y8.afcdn.net | udp |
| US | 8.8.8.8:53 | s3t3d2y8.afcdn.net | udp |
| GB | 195.181.164.14:80 | s3t3d2y8.afcdn.net | tcp |
| US | 8.8.8.8:53 | 16.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.229.211.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.229.211.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.44.172.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.164.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.videoporno-gratis.net | udp |
| US | 8.8.8.8:53 | www.videoporno-gratis.net | udp |
| NL | 64.46.118.23:443 | www.videoporno-gratis.net | tcp |
| NL | 23.62.61.194:443 | www.bing.com | udp |
| NL | 64.46.118.23:80 | www.videoporno-gratis.net | tcp |
| NL | 64.46.118.23:443 | www.videoporno-gratis.net | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.107.17.2.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |