Analysis Overview
SHA256
2946c4e517a2dd7709790fac4426cc54cdaa0bc8eed8fa5a0804725869fbdec5
Threat Level: No (potentially) malicious behavior was detected
The file a39a7344c77bf99eff96f1b0900b5f38_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 02:57
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 02:57
Reported
2024-06-13 03:00
Platform
win7-20240611-en
Max time kernel
133s
Max time network
128s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000b2968c6cf60b74b94229c882944fb81000000000200000000001066000000010000200000000edd8f6a8f6d62e76b82dc016d9810192fefdccb0a68023c2515200e884d503d000000000e8000000002000020000000a13e5cba2abc8ada9cccc35780952b6ed1f221703a672f78e2e3b4cb4a13485090000000e5dfad7203bff2aaafe584bd00c34175e93e67ed6defd8dc2d43ba24d863fb34b3cd0dba06f6767bec1d79b9afbf9f94e74747ba2845357ee7e5d48d6cca72937db2b21fbf89c91c54336d211b3334d5123813b439f9c806664d357bcc3378b9dbb860c61cd88959c31719dceac549072be9ba8f701cdc55da0b12c248bbd4c0a2ac558436212580a21f267940e3d21a40000000464fbb2736031dad30c12777f0835db3d1877527c49dc8647a814b30980724908e4cc26d1fa172543a242066522fde4b23e515b469dd5e3435fdd04b343212a9 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424409327" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000000b2968c6cf60b74b94229c882944fb810000000002000000000010660000000100002000000023a9feb02488849c61fa3ef58b2480a008bb5da309e6b4df1ea683263400a6da000000000e800000000200002000000021284857b76647a7d0ffc0068c7a8d94be421732f55a1e8e6cd387b6e6c1616920000000d60bfc3811f975d7b351f510ab9edc1e0a3c2230a863f3726da30de06246c9fe4000000053084c52ada7e59abbccd7f7d32fc7a9d17490cd726b11d7b97483514b101fe4fa887f5ebe0f39e89a8d5a8436c93d20b73229afa54b25ae1f401f485ef71db6 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 505d85873dbdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B2040E51-2930-11EF-BA09-6ACBDECABE1A} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2140 wrote to memory of 2236 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2140 wrote to memory of 2236 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2140 wrote to memory of 2236 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2140 wrote to memory of 2236 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a39a7344c77bf99eff96f1b0900b5f38_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2140 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | nguyenhuytap.googlecode.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | tcp |
| NL | 142.250.102.82:443 | nguyenhuytap.googlecode.com | tcp |
| NL | 142.250.102.82:443 | nguyenhuytap.googlecode.com | tcp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh4.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh4.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | feb2599126cd6edadb82d069957117c9 |
| SHA1 | 699fa585f68d4ba1d82036d225e10c2150584973 |
| SHA256 | e5b71eb9ac581fe931ef37ecc27fa17d7e40954b8842b2930ea9861de6994c47 |
| SHA512 | 26e18e33b5b81c18859cf462ac863f2e00e4822f762e2f33059836bde5f9a912c5512d352428e0e6684eee9b87e39a11d516fd5ebfd7106ec64eae90fa3b7913 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | d3049f1a4b143f13261e38abab901109 |
| SHA1 | 1810917619ef7b98f40697c12f35a75575665f8f |
| SHA256 | 69df6863aa24aedecf107a7e2e0353d592c52a5905cc2833d824c2298733e9d6 |
| SHA512 | 6af844057e960d6f4165f297891b676492281fc4abdd7346a220b1972124fabe2a9e0f7b3825c9f67c1ed885262cf6fb994c4dcd607c1981005291a240b6e958 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 53f940910828fca6c9a139b2f73d6dd3 |
| SHA1 | 9495bde8609580a87d5d6ae6b0287cc4509a367f |
| SHA256 | 5c94630f94cfa778b0684a8afe3cc01b1d5c569b6042339f4fee5e713674145f |
| SHA512 | 89e3b8d3545382e81cef4a238c806c62d8f460c7514eb9e8ec6fffb027e2f6e670c3c655cd4fcb005abd44a8792ca21050ef5b3475587b8248109c105adb93b5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | c78149dce50614fcb87f9d64ac57bb4e |
| SHA1 | a1164891e958ffa06f50262299ddae615b6059b5 |
| SHA256 | 7676d44a0aa67a9e345a42bb591643586a257c2dafc660f397ab7269467b3741 |
| SHA512 | ac86723995fcae86372c61d56b6b9b8f597e1ef282643e5592569e27ace07dea90a297add0ecd6d6c037f299d32566c67995582e7489e6c63c2cda4482e8d28c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 76acdf81f142afb0a765b58f5c8ceaf9 |
| SHA1 | 47d9ed6d7498f83d7947db6d1aabf64d86a607c0 |
| SHA256 | 9d921c1a2117447a756fb8464b54571f8bbfb81cb1ec212f5a013fd85c8a3db4 |
| SHA512 | 19ad72b8244110fb5097d9192448b27124d3bc38d78cdefee9729694d8482ec01d7cb757bcfdfec875da36b1bbf6322b0e8f710033f12bfd5452e15d84246303 |
C:\Users\Admin\AppData\Local\Temp\Cab119D.tmp
| MD5 | 2d3dcf90f6c99f47e7593ea250c9e749 |
| SHA1 | 51be82be4a272669983313565b4940d4b1385237 |
| SHA256 | 8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4 |
| SHA512 | 9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295
| MD5 | a4c3e4b3f212ccf9719236eaa8f728be |
| SHA1 | e017a18974a9969ca60ca2499ac54b464d91a2ef |
| SHA256 | 0641546fbe6a6bf201d918796cf5efa992632208053037f369a6173cc2afd39a |
| SHA512 | c4c229eec604f4022ab0d439eb8b95bbdbb554d809d4571745957f0da5dc740e4ecb13757273b9dcf9f431a5b1ca40d53a539e2ccfaadbf7c161dba6b8b2734f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R54TGSS0\plusone[1].js
| MD5 | 53e032294d7b74dc7c3e47b03a045d1a |
| SHA1 | f462da8a8f40b78d570a665668ba8d1a834960c2 |
| SHA256 | 8076b082eadf0cab4a8823dbd7628a0b44f174c17b3221221c0e31e7c60307a2 |
| SHA512 | fe263fe86aea2ba1b86d86305650cdeee45cd1f7b4339f9d4fb81db776b78abedccd0ae77262f45d579751daa26f81385354b3d126fdb5577036e9dd1db33276 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M46YZP1\cb=gapi[3].js
| MD5 | f9255a0dec7524a9a3e867a9f878a68b |
| SHA1 | 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b |
| SHA256 | d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d |
| SHA512 | d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 88480432aa9a48c6e2775dffa8ab8ecd |
| SHA1 | 52e245dd730f6b7214e0d445f8235d18779a1d64 |
| SHA256 | 1a8de7f96bc1a73eb1d1c2b00ee197f28d723dcac43ca272f179f909dcc412a2 |
| SHA512 | ff2c87ded361991f14aee7b6d0336bd5cd91a80049114bc0b7123dabbe00ced3c6536df3cb3923d1055ca702075ca45b047596eb9fbd80ae0535bd75dd1698c8 |
C:\Users\Admin\AppData\Local\Temp\Tar2BB8.tmp
| MD5 | 7186ad693b8ad9444401bd9bcd2217c2 |
| SHA1 | 5c28ca10a650f6026b0df4737078fa4197f3bac1 |
| SHA256 | 9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed |
| SHA512 | 135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 771e498f3ebda563698f216cbed18169 |
| SHA1 | 545ac32336e38929c276e600d41b0a1d34c4822c |
| SHA256 | c54ca45a37411f716bd691f6b8c81649037ed8fee7cadd2a4bf7f11d2ac43294 |
| SHA512 | 2bda54f549c339cd91a8c3a4d278f043f0d7d18327fb537a02f1928e54582a2b91e4cb492a7a0e7aed6b3bac9bdc1e966fc6220b07e4119ff1a4eeb22d2bf2c3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9ffa5a13553445ca21e11dae5279ad44 |
| SHA1 | 34e3849137d6d77db006bd32d1c3e765474db6c9 |
| SHA256 | 4b8724afa9cbe0878625238214d3815718116555d69843fd56b7017eb60cf9dd |
| SHA512 | ff157118577b80594c57df5386dbab815be9d52d2696a21bd278d5696f9ba5db15574695ea28e9c2874f32b90b3837909a74827491e03e6452a9a15394609a20 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5b9d61481743b41f83104aff235c34a8 |
| SHA1 | 2628c2e3f005541806f191b7f2a7fd17fa72a266 |
| SHA256 | da8c0c2f0182a93f446664ba4c60f8e257189b97d450fee5cc791a26a82bebc8 |
| SHA512 | 70b5b04cb995e33f2875b9465536487a12b95f1172edca6046b72ec469a1dceec4fc0825c61419c8a70ad130ea2a80518df5f3e2db8bbfab9ee8bbd1ea28e1ff |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6d53ffb3468725e4f93c87aba83c955f |
| SHA1 | 7550afe421fe03a8d01597c695b90c503387bdf7 |
| SHA256 | ecf7929a81b6e13ef211504aae50a587d12d3f278e1fbdffe4da9c7fa145414d |
| SHA512 | e1813ba07e1a19349b7f5714f4509d786143286bcc0d3665e86ec9d30077d37ec3b3895003641a895c1f6279ef3a4ac586de9e2c75108f6640e824162ae6db03 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e6a6af250702508fb04a71a77e359f2d |
| SHA1 | 6e495f9a9a7dbb454b4c805b7fec13e860b2efd6 |
| SHA256 | 3cb274eaf808581cda0411da496dba16a2564ab35ac591eefc0d1e0aacd6d2e0 |
| SHA512 | 85ede979f744d74fdf30bf867530dbcba9b9662895315a8912920c465476853ec757f7ea306055f57db36c0c863e865faeebbd1b733f8e2015c681a1e686cfac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 35d3a66720faf29103a6634e5260437d |
| SHA1 | f50a083fff1431ade14989c6bebc0c4bd4f223f4 |
| SHA256 | dbd28f6120672da4ed9cc6d31203c5760b218e8c0464af755078f96b1963bcaa |
| SHA512 | ac710a305756f9f6e0dabc6c3c9c42ee77844c79fa61d7f65926bdc376c894908f4025e9a7e4795759eadae9344234b1fca97774b9e6716a7cf0633ab083f2b4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ae736af828f0d5e71f140b7a0b68aee9 |
| SHA1 | 4149e9a567924ea32c4e0826a4926d262daf6e2e |
| SHA256 | 537d63771090069a23cdf5792aad630c67851b9912f31d40e605b275123ac51a |
| SHA512 | f108c19ab4fcf3f36b49071e4af2a5866bb3b66c7c43bce2b5b21b4b09ef196e16cb2fea5069d03c36c67e81f9bda7b58a1382fded77e8aaa066e577b9a3b102 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 72ccb4bc056269dcee7976108e7d79f1 |
| SHA1 | 053b0c7c733f7a9c1bae6d7dd03c1d176b5a3d78 |
| SHA256 | 5cd76c47413437cdb75c5f2e621e22f20565df14e84c397b1ce4b2834170fc74 |
| SHA512 | 4e7c0332d3bfffa50bb979962d3a30de1f504a926037ca3792bc8a70ab8bf34fece5baadb14a7a93d10fc522058c79abbb6990b4ba66c3534359b2c30b68592c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eebd2403d3b39587b28786e318a9da42 |
| SHA1 | 0ab1b7a39dda73e96a43cdb2852a075157f701db |
| SHA256 | 4c5591ce3709c0bc4a594695e47045a4f1aee25183beeb8f387d8e630516204b |
| SHA512 | 92393a7ec935b81bdeebdadde875b3d403689ff3e5c9f0299ea69005a3a9c13eec5cb7762390f88f08aa288c70b48cf22ca7f9e2090c64b5865a613a66478030 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f6162f52c8b2d3728da135c3c5f3ad67 |
| SHA1 | 4b8c182137c836bb163f3a9d4bda411375d6992a |
| SHA256 | d0ea1bbf1445fb68b147883a325b2564676f89bb7385cd083590f328726e442e |
| SHA512 | adcbe7a021aa0be81a422544ca18bc33d2cc804b988d075ae161b49c5b3a56a3f07352dc53ddc15a33946764158d4d21e54e90b7b9fbb8a4e7fa82dbf85d5d3a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 01d75e68aef1e946a18484990e0a840e |
| SHA1 | 075a2a836a74726574dea1eb4c3b1467526d9af0 |
| SHA256 | b6ec3d7d516e9e84baab4a767de0547824867f553c8696424a5f42c5a6bb8071 |
| SHA512 | a675e35a5539ca944fe34ef4ccfcf370b6adce342ce2226bff8da6060a5d1ad18ff0f87b2150fe5e73ecf5eb2cb948541bbd953bcf334b0c1562cd16402db7cd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d56fdef96a46c957b81ffa6f131605af |
| SHA1 | 8fb7592222486cdad23de439b40a5fa9dbc1a677 |
| SHA256 | 7e56839bb1fd1f16bc8b3ad41fce866ce12e7c8ed4e90cad599c68920fe47dd6 |
| SHA512 | 1a670b97375d1bd21b9dac65c803a4033ad03cc79e424b4149da300f85753f29f36cc183672eeba18136fcbfb023b5859e0b741000da0f8916e385c4f9cd43b7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 43680ac15900daddc2075c3ef1cd48f2 |
| SHA1 | 4ff0fb64e719dad7246836a9847bee39951842c9 |
| SHA256 | b0b6575bea3a7699b4db8f7a9fa6bc19c91e4017469a6186ba3f865dafcaa0c7 |
| SHA512 | c1c87439733e041ec88c0b08eb0838bdef09add48f21fe771c197e93cec8a7c80e7ca04061a220fd66590b391394ce97885e4195a3529d337d80371f8bad67ab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f50220e1abe3d297119027b186434eed |
| SHA1 | f877308f3f7096c9a8fe326cc02fe3ab1a7a4f75 |
| SHA256 | 07e2a642edb926ccce5891dd12de118bedfe2a85e776554d3b54fb7f163b0242 |
| SHA512 | 83972e0689edf757b13596dc6b223d54315f10fcb6ab23a957e5a22a78a07f316f082c157d6a8a014255b5118b374f3182a6885998d09b5b03eaf27a4a25d967 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0ca81a04699daae7a87e14777fd5be25 |
| SHA1 | 5d6e5fb95a018d89ad1087b07b2032b1b1d76de2 |
| SHA256 | 4707e4e7aaade5d97b5647a9bcfca03e3a7ae520e0d003a04acf68f707ad4c99 |
| SHA512 | 0e1dbc88b63a6f48fdc89205effd282143c3796b5353260668710a118683ae70aef6644aa7e8c173405effc3e3aea9f774e721c2f4054eb62d11be47f9e4c265 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 67d0e84c80012a8962e8c266c2fb5734 |
| SHA1 | 8e8d8941d7736c031dcd8d0fe753b1b0c1630e6c |
| SHA256 | aaf3fcc79ef218acc6d2763c0d1748c06ee167f7d44104c6aaeaa924a52a3bda |
| SHA512 | a25dcbf3184e75bfdc5593753c4dd9e8cb233663e057d54c05009c3959e25457900f469ca176ccb2ef4770b36ae0cb43aa6fd182433a02bb49710cb895eceee2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d6ebf4f20d8038da1cbc82aa93b5744b |
| SHA1 | 9088393bb145b34b41922285e63ed790b52dd986 |
| SHA256 | 938f2b5bab9ea5cf7a50803e1ddfa1dd8f910047ccb7f1b96699f5364f74a6a4 |
| SHA512 | a2c02d86119b3b2971e671cb76ccdf93794eead61cd7262cfd5cda5554a3e144612f00c99abfd36a3db95e0784927c7c2264dbbdd38500b31376c2e8a8789551 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4ac0fab47981d33929e87c3aae459f35 |
| SHA1 | 155e17d63d2d924a8c15737c24a9ecd87a9e2d85 |
| SHA256 | 04d71d1ad608464ddc1c444c9dac49e22911a55cafd4e592856b1e8d3b617023 |
| SHA512 | ca5b00d771927e080144af177401ffa665593f7a3f11cfca7f63802cf2c0b9c541cb07fd8b2e419d37466783f38504f8ff274d4468c1e8e4168823b2618760fd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8c48bde8d3b7c6d92576d04ee8b90408 |
| SHA1 | 9c9616c7925b934a9121d2a3b9db295875186a15 |
| SHA256 | 9f841ef491e5431fbd116f80f2de8c7766e055ca5f7197eb4fcb43ccceea3f05 |
| SHA512 | 69355aca90cbe6cc77ca9cd406957a8d40fb9ace3b4c2a96f429400a5126b1b360ab7a17d525dcbed8b7246b65b7cc509856a200fe192cfaf3378be5b8de9208 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 02:57
Reported
2024-06-13 03:00
Platform
win10v2004-20240508-en
Max time kernel
133s
Max time network
143s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a39a7344c77bf99eff96f1b0900b5f38_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3944,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=4268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=1404,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=4592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=3808,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=5304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5320,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=5460 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5452,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=5504 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5284,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=5876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=6152,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=6184 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | nguyenhuytap.googlecode.com | udp |
| US | 8.8.8.8:53 | nguyenhuytap.googlecode.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | nguyenhuytap.googlecode.com | udp |
| US | 8.8.8.8:53 | nguyenhuytap.googlecode.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | nguyenhuytap.googlecode.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | nguyenhuytap.googlecode.com | udp |
| US | 8.8.8.8:53 | nguyenhuytap.googlecode.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | nguyenhuytap.googlecode.com | udp |
| US | 8.8.8.8:53 | nguyenhuytap.googlecode.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | nguyenhuytap.googlecode.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | appwebbrowser.blogspot.com | udp |
| US | 8.8.8.8:53 | appwebbrowser.blogspot.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | appwebbrowser.blogspot.com | udp |
| US | 8.8.8.8:53 | appwebbrowser.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | appwebbrowser.blogspot.com | udp |
| US | 8.8.8.8:53 | appwebbrowser.blogspot.com | udp |
| US | 8.8.8.8:53 | appwebbrowser.blogspot.com | udp |
| US | 8.8.8.8:53 | appwebbrowser.blogspot.com | udp |
| US | 8.8.8.8:53 | appwebbrowser.blogspot.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |