Analysis Overview
SHA256
3e801cc9e6ac763307c3903cb940d4103390459ac9c86541a5d223e7142bf53a
Threat Level: No (potentially) malicious behavior was detected
The file a437c79e078b86947fd123820edcd6ac_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 06:31
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 06:31
Reported
2024-06-13 06:34
Platform
win7-20240220-en
Max time kernel
137s
Max time network
138s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b9057aaae4c56043bc47d9221efef639000000000200000000001066000000010000200000004970abac45f2d4f05b288f5b4874fd07132b8911f4a0e6b5b2514571dd8e4b88000000000e80000000020000200000009e7580410c744e1c8794bc5ac2501da798525e4be323f4204e05215f82f4af35200000005e28afb1ba19670a4ffac605898a3bc0bc7029fee719ad07a56aaca804b65abc40000000e7f615a510690dd15d830b9ab3f4daa91d69ae8050ecf673d3e633d486bedefcc4d765422fbf2df751221647a96a25759f4fab4947ac9353da788eae914995ae | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424422176" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9CA9F291-294E-11EF-B54F-5EB6CE0B107A} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000b9057aaae4c56043bc47d9221efef63900000000020000000000106600000001000020000000a5bbea514def111663ced56d355c01fa4503eb8a1a165a58494e7bee84d5e8bb000000000e800000000200002000000004e94f307118056fef5a0e3d38f96824f57fc8415642e1dbfdbea454cbee9ad090000000a7e366fff8e53b6fe3a6405c11c8be4bf058fb3b2700a29e20c54e150ee1138dfb9ba3279e92edd55ee7dff53172ed8aa0bf685ed46be5fb76d641bd18f31ead83fcb0739f04297bdb9449f18bf3b950bf2125a2337fc8ee161bfa8637547f13fc3cf43d7e0f247da8adfc129d93327e4e94c485ef292657b5d9bcd93644e91c37ddc1c5fd96925fe13f11084e6b4e3540000000106446cd4c20d255695e6126ff400d1ae65d2defa7a7cc15dbec4e566086b8833304da340a5112b28c010071bd36b28ae42e36a35464ff3e664a5eabafe6ed07 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 90f3b7b05bbdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 3056 wrote to memory of 2924 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3056 wrote to memory of 2924 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3056 wrote to memory of 2924 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 3056 wrote to memory of 2924 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a437c79e078b86947fd123820edcd6ac_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3056 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | massagetherapyclasseswiki.com | udp |
| US | 8.8.8.8:53 | s3.amazonaws.com | udp |
| US | 52.217.140.184:443 | s3.amazonaws.com | tcp |
| US | 52.217.140.184:443 | s3.amazonaws.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 8.8.8.8:53 | ocsp.r2m01.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m01.amazontrust.com | udp |
| FR | 18.244.35.199:80 | ocsp.r2m01.amazontrust.com | tcp |
| FR | 18.244.35.199:80 | ocsp.r2m01.amazontrust.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 216.126.194.166:80 | massagetherapyclasseswiki.com | tcp |
| US | 8.8.8.8:53 | widget.campusexplorer.com | udp |
| US | 8.8.8.8:53 | mufityilmazgida.com | udp |
| FR | 18.155.129.119:80 | widget.campusexplorer.com | tcp |
| FR | 18.155.129.119:80 | widget.campusexplorer.com | tcp |
| US | 172.67.141.34:80 | mufityilmazgida.com | tcp |
| US | 172.67.141.34:80 | mufityilmazgida.com | tcp |
| FR | 18.155.129.119:443 | widget.campusexplorer.com | tcp |
| US | 8.8.8.8:53 | tobarnetwork.com | udp |
| US | 52.217.140.184:443 | s3.amazonaws.com | tcp |
| US | 52.217.140.184:443 | s3.amazonaws.com | tcp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| FR | 18.244.35.199:80 | ocsp.r2m03.amazontrust.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\CabCEE.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 163efffcf76c104d94be4cd977dc6712 |
| SHA1 | e673c5143defdf50f8098dfb732b31ed67dee1f7 |
| SHA256 | f1352a727d74d8b24a205a6ecf3e9bf3e48f07668a8053778d653cedad34c800 |
| SHA512 | 931d95b0a9865790cb54e838c2fd86f0f3cd4899d4475a82e567619f81989039f84494b118c5934ba1e36022f6369cb15e7788ab2c7d17f865ec1f77c625ca2e |
C:\Users\Admin\AppData\Local\Temp\TarDDF.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 05e64c9881fded88ac47b54611a02a47 |
| SHA1 | 119e9b6e049c5a6deae1ea5b6829e7ac48490657 |
| SHA256 | 52ddd151d7ef74b61d00d706b4d3a4b35462dd042cdbb0152b55f034b68ebbba |
| SHA512 | a0432f7b5e65eef9b0b23e89ba6f4e4675fb2f83154484199f5435fb9be60e3e68cb7cb90f79e0af4d1cb4969618200633aafeed9557731cc2f405e8603b4f53 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
| MD5 | a0a26e84cc7374669031e66e703b7256 |
| SHA1 | eb3e086cd4ee35abc7c3b44afbb279b243ea947a |
| SHA256 | b888d082a4531893d5716165ec073625d27a48bada354b449fa5df5dd4f09636 |
| SHA512 | 7fac2617e1c51905ac7f48d06581b00cdc28473ad3d6a40627f6cfa88144003e01bf5667cdf917d619349d55f0c6b6f8b776fbef26855f0e11c3efdc26bd672e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e8f7ef00a284cb65b2d80f16930ad851 |
| SHA1 | 8626249b933022bdce7f578c6602fc3bc019747d |
| SHA256 | 2b68e8d5928d9770336f5a119c9c945c10c93bde24999645aa1cc55d6923d92e |
| SHA512 | ed8e0c05b399d5c733cd357e902a19fcdf570e729be26c00c7295f5c0b9f4b598797cd76894ad496e0be33b6fd329eae3decc145975d104d58eee82b21e3bb22 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0dbf5c42202e73b9a7aae6711ca045f5 |
| SHA1 | 2871e51d579b6152359c499f4cba678988ba9e09 |
| SHA256 | b74896b6381c333cb406870da4256cf7df015738106151e72c59c0cade1dc4e8 |
| SHA512 | a43dcbf9ff8a85d13d5f61731fc26d09c151ce5c26bc3171ea7e13bc3dc191ce708dadc9e8a71dc6df5879e28b638b77e2a8b25a3294e4a4ae173d02483bd107 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3442f2349d8b1728458d3ac7d85641f3 |
| SHA1 | 38ae5e793cfa32f4ef4e92d81ff3dfa9e47beb10 |
| SHA256 | ddeda8e74d2b5aa4ee07386e7e6865dfffd9d28a28cca5a79e5a0550ecf57841 |
| SHA512 | 3976700c056339f86d9976a33526d7324c79a524613cd40de6f3b3973c2805207deebbf22fdb56819b378ae067c749336587f0e8dbd8c239b13ca05b71cc83b4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 36157b711db0a11e89772e7ce0ac9aa8 |
| SHA1 | 425e65a94a6a547fb24ceb6a8cddd183e198ddc4 |
| SHA256 | 47e6c862ab16e0ac7eccccd3fb73b24ba326037654d46e2f952aa8e2477af637 |
| SHA512 | 12e45d43b38350fafd54112632ff845d64360dab66116ee6f6d90781670ffd1ce8e6966c7f8867c4cb142dd59b3d1c364a5830c0314b8f8960ed10ab74b531b8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3d0ed638c590daa352efe99a9fb935a5 |
| SHA1 | d0f5fc6ea1d29240bc386a05a5315d53e5eec2ef |
| SHA256 | 8675fc3266f002117483692e90b9b7017e32dec2e71d6abea940bf1b601020ab |
| SHA512 | f1610969b3b20ded0f370e5dfee4223343607746dc3413b5a593ac7043e4f4ec83f1c5effe23c48e1ef89656055c713edc5482fb9960b6925f3683f7c9eecf7c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | f2cdfb719af8193c16c09abd1a5fd777 |
| SHA1 | 50d17d2914a88d532aefb273e80078faf4f2872b |
| SHA256 | 1bee74de6c822b4964d71802e6a1236bf0f1a3a8e2fb82d3dde67e11c91c38d2 |
| SHA512 | 114dcc308ccc476580084c67ab00e46e138d56d358b37280add4dcf868d1bc610558aa244a514bd21fe757128bb7840e77d62336785e5cda7acce797e6ae88c7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6af0eff64d152edc9a7abc4515a0c73d |
| SHA1 | bb380f18ecc4a6e5fc546910a9ebae0820ff2e19 |
| SHA256 | bccb7ed1502acd7f240b6c5e66b970d0e3f0e95c0dcaa4df8cc2b12d173914e0 |
| SHA512 | 5366a70be5ee4559519ba100cb657c31d93c5aa77431f80226806e404568626f06f81f79b1a48fe4d467998ae6eaeea3cbf5644c1a666852d71e4d556a240b92 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6960fff7e99b353001e1271d742ec499 |
| SHA1 | 3c5c7134e01c115f36e5fbd4cfbcb1c8c4daf7a3 |
| SHA256 | 6dfad408582a2bd6c68a38a1c329dcdc1bca660c89937b1575765227ee503495 |
| SHA512 | 8b4eb86c2b145a669e567a66391dc8e66d1d407c8b093b1f9f935e46e4fee868818b47dcaa3b9c2242ba1094e81bf419d3e088d7334040aa83ef92c14e862f4c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 77054c383b10efb41f723dd0ad448604 |
| SHA1 | 63c4fd2c0568f3050c1e4889f6cc0d644bcd9155 |
| SHA256 | 9dd67f933184a3a2b4f679816fb475f859d2b747c6fdf46068e17192f4e5f527 |
| SHA512 | d88816349a4f9eddfa7d46295d76bbb2b564caa75e12afd4e6896f3ec321330e6a0ba50f4f228a740ffcbd188a3a3a774dc9aabe1b9bb2fe1ed1ca2074f82e43 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 075d1dea85ee36cd70de071f190b7a2e |
| SHA1 | 462b168175c146e4129ae3b21294e1f73000ac28 |
| SHA256 | 8d95fafeb194fdfb5163efedce5a75c1ea27fd231b3783d6a5c9a93225c01adc |
| SHA512 | 4e0d9f5f221fb39cade3e759988e6a648eba6c32f87b4fbbc4662f2f6113e7f938a80738906aae0aa48485721d2dc36584d630f8b5759f6747baeb533a101420 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 68cb56d0250403b6f9f94b7d4a5aafdc |
| SHA1 | 712d009e192fe1bd9e5a48b866d83a0815d2aa04 |
| SHA256 | c3c284eb273064ae307e3a55152ad1566c2d6a2615bf5cf3dee54c0566139663 |
| SHA512 | 1063fb8219a559dff4205d00f7a659a3cf36b887cf84286f09434ec270f469a73d0aae44dff90f8f3e0eb5d30568d0d03ef50c7bebd42db4a4c6553792ef4eaa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2d916530d2147f43f3441961dae17339 |
| SHA1 | 9f11f406c4b87a5f5e3706db2c6d83d3983e9fe5 |
| SHA256 | 289b8685121f7e4992d77fd1fc69fb9ba3b4e3e4f1cc8f45c9815cbb9626f40a |
| SHA512 | 407946e2d117342760529192929ac06831efe3171477ae2a0430d4118548297ed79b9a7b726e765050f65b97040362567721b3946833493512f4b9ad46c61644 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | b0aab25c4813ab83b605c55e262a415b |
| SHA1 | e6309149d0117a87b29c382fa5ff95fd078a2265 |
| SHA256 | f4480459699195deaa7840f06e12411466c3e8046b425093dd52fb516d8e4477 |
| SHA512 | 19ea05e1d5596cd3699395767be07ea551b11ad5234fcd05058d85b60496cdb8ced47aed3a180b46825302426738d7d3a1b9f2de60d7892d9d6ecb204dace629 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9766f86e4609def62b3c73907dd9e7e3 |
| SHA1 | a827838256ba45b06c8f9e3e5a12e5ad55d5e499 |
| SHA256 | 4e9fe0090f97c99ae0efbe9c7121d3dfd1404dce07e47f7ebab424ca04980c2a |
| SHA512 | 59b765b66b3f5ea180d521ac467c85974bc7c7bbee8d933a57abe03163946c2a762d6391e5262213c45c2f9f4767db76a09723ebea7c0825d849a5c51ca75ddb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6944db011d747e309171218dc5583fda |
| SHA1 | d8a86ae8b658e8ea1e71f761685ed9c77c7382b0 |
| SHA256 | 42b4844dc86d4e4861e6f1c81dcb1ca2be95415602462d9c969044df8820c7e8 |
| SHA512 | 1f7f0848ff0fac37322c901209aec85aad1cfc2f836fb06a7b7f80692b7d9fdc1c78611355cb2213276844a980ad2f56f244d95155cd8f9d1f48a91fc2a9fc26 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7f52e9e5b12773462db00c712fd1b15a |
| SHA1 | d1dfcbfe6cf3ecbef3a8f225395ce45cefeac462 |
| SHA256 | 6829c76088bf4912c4374e93312895dde903394c03ae882df0e62ad349e44e22 |
| SHA512 | 5c92c3c362c81cfcfc53c6428b55206e27741d6fd680e22dd2dc5fdf79f996698b9b201cd4396bced1a63886060499781db39dd2e23d665c002899458f638190 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b2d992bcbf2794118fc31534bf4f876c |
| SHA1 | 33181c457ba0e4ada18fbaed5c52bcb9910cc39a |
| SHA256 | 45219f2d30cff06dbb4d7732a077c6d87033bedd1fcb95b52abe4366b3cfd858 |
| SHA512 | e68aeef89f34c1dc398d67fe635bbd96d7beb8030b52de08170ec9cb17880f61b10cb6b43e7a9a789ee0f9dc18643262b2db3cc3c235be24fd5bff74f11964bd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | edeee12b94f88bdb6b446113892874e0 |
| SHA1 | 794dbd249b2a5cb9cdd1c0c12db431ebe59bc86c |
| SHA256 | b08a99e5d919144db470f30811752c3c8b3635f10aa1fea26f0a8ddcf0f54a01 |
| SHA512 | 318ffe8b7e70bc2e34deebc1792ec995c1eecb50d47c8aa760ce292977a539a0c075bd0fbf308f6ad8e77c73424949119cd9b78397ffc9afac38f3bba376c063 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 96e3d3c81a764eb8264a2b79e977955a |
| SHA1 | 308ae951b134363b72c77747a78ce210dc8f2829 |
| SHA256 | 1bde480fdfc80c96641a84c36245e7123e5ce01addeb7e00d21d18afea2c7145 |
| SHA512 | 3130e680847ae7affc902aa22b63771bdc6ebfa712324440347a13a857421d4c45d473b59f41400fbab69459b86f836587b81bfaa12f2841664f10b95c8540ea |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7c9638ab6ee38f68fc6feee65077dbad |
| SHA1 | 35737cdbad4a1ce53b6f9766e563f40080c6bc57 |
| SHA256 | 2cccafc727e2f240c7784b4b81b620f921392bda730f3c4fe6bc95f09deda2c2 |
| SHA512 | 4936a22beb4dbacaad90c9a7f6a025c1b9339c69e49a68fdab6feda95e19b0cd273b7ab6f5ed28358a97211632f65e4e6a24de783cf15656d3c7b290df40553d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6858bc6d0c7f1cf0f5a822bd0a4e6188 |
| SHA1 | 5f354d945fa90806dcb6ed4556c40029a31c2984 |
| SHA256 | 10a58e7afc89393ef1c6f9d419f95527576a4f1de9cc338966331aea6e249f4f |
| SHA512 | 7f2f6a1799076cf5ff162158ec2f0696a1dfa30da56063b5b77ef853bdd2dde5ab0ace0267ec137dac7e8bfcf932f438dbb564bafe0b3acd6a7b13b6e7eb3a49 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1ef0abc32bc12df7a830ffc36fe66251 |
| SHA1 | a2678220fcaae4b503bc73d32fde0d460ea5b692 |
| SHA256 | db8cf709a2f08a878c27e99b03d77f97ba54dfe54117265b3edfa00d80546eb7 |
| SHA512 | 7277da324c25f092d8d7366f978e238bc1953283c14606b78ef6044a32ca477cc4ce82c144b1ae5c863c53dcd555c9ccd1d1d832b9551cdd40bbe7e2453e1481 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 24fad9a0334ae899f4df9b3448ddac99 |
| SHA1 | a3f08b26af48db1c5bd49977614412f35327ea13 |
| SHA256 | 1bf16f53c99a09f7296bf202667a977ed0ce5d9255d007b25c76aec5e69382e3 |
| SHA512 | 6c27201f473ea67bcd2c6e03311751b17324c6e7c33749a2aacdd711b3e60118e032c656eb77a4c8246f3e5d6eb0e3fdd2724f486115a13c45afe53d7a96c9ed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 438578139c35b7916289c21a20e35e17 |
| SHA1 | b5fe2ee3f6be274360dc45aa767f3704bc0de8c6 |
| SHA256 | 6bc8b54fa058803166d79c14d0b93160f7a6b0f8b76f9c6249065f109fd1207d |
| SHA512 | b543392799518c5a27342b5708f2d4f21a272f4b26dd2e602d3f4419d378a4c71e5d4d709e0263500cfc432d37bcd2b9a16261b9acedc1257862a4dfb91143fa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 11d62ce08d73fd928f4eb39abf19a632 |
| SHA1 | d8f9dce76e606f69b2ca22ef5a25cbb209e8b981 |
| SHA256 | 6f0dcdf6a071320905fdbfe3c1e71566d19c27a81f22ea359490586ef0ff58c8 |
| SHA512 | 155af387f9269470f99a893fb5041a08acd37c9a0147cc9532893d05c1c6431f8d9535a0b71427ce8ef03614e8da407fdd0d11d1a0169f48a1b8af7d40b5ba02 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 06:31
Reported
2024-06-13 06:34
Platform
win10v2004-20240508-en
Max time kernel
147s
Max time network
154s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a437c79e078b86947fd123820edcd6ac_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4840,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=3588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4876,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=3892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=4904,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=5296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5352,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=5304 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5376,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=5524 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5864,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=6588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5956,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=5780 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=3920,i,13640054265074968359,8146127767143474550,262144 --variations-seed-version --mojo-platform-channel-handle=5852 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | massagetherapyclasseswiki.com | udp |
| US | 8.8.8.8:53 | massagetherapyclasseswiki.com | udp |
| US | 8.8.8.8:53 | s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | massagetherapyclasseswiki.com | udp |
| US | 8.8.8.8:53 | massagetherapyclasseswiki.com | udp |
| US | 8.8.8.8:53 | s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | massagetherapyclasseswiki.com | udp |
| US | 8.8.8.8:53 | s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | widget.campusexplorer.com | udp |
| US | 8.8.8.8:53 | s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | widget.campusexplorer.com | udp |
| US | 8.8.8.8:53 | widget.campusexplorer.com | udp |
| US | 8.8.8.8:53 | tobarnetwork.com | udp |
| US | 8.8.8.8:53 | tobarnetwork.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | widget.campusexplorer.com | udp |
| US | 8.8.8.8:53 | widget.campusexplorer.com | udp |
| US | 8.8.8.8:53 | tobarnetwork.com | udp |
| US | 8.8.8.8:53 | tobarnetwork.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | tobarnetwork.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | massagetherapyclasseswiki.com | udp |
| US | 8.8.8.8:53 | massagetherapyclasseswiki.com | udp |
| US | 8.8.8.8:53 | massagetherapyclasseswiki.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | massagetherapyclasseswiki.com | udp |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |