Analysis Overview
SHA256
e97aabede02afbb1462597390649c1a8c90ccf92065bffb43f90c432508c8dea
Threat Level: No (potentially) malicious behavior was detected
The file a476403591abe3376f99d1b3c82d34dc_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 07:38
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 07:38
Reported
2024-06-13 07:41
Platform
win7-20240611-en
Max time kernel
135s
Max time network
135s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a807600000000020000000000106600000001000020000000b14fb563f70e977466bd17a9baad41089f3bac69e68193816c4c6b9dd62fb023000000000e8000000002000020000000c6f7ee66a53ded595d47c23735e61093a4dd8db71a1b984bfcae8b4528317017200000004364e20be34c75a93e041f68b3c953ddd18babc9cc21cbb0c0ec2a23a258b29840000000767cac0b1c56d050670969b49991abbf04698536b41c173f06fb95a9e2e83f4bb80158ec2e3294cde3a2c96ee825c4b82a20ff00e2f54f7892b6c8e1ac9b3d55 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424426180" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c009d9c764bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a8076000000000200000000001066000000010000200000001858c87ed0fcc4b2b28b26c5131bbc8b4d786f8bc420eb4ddd7b8df649d9e76b000000000e8000000002000020000000a31fa5785df9543a92a0c8b155c11c61c72c02f6f6439c633a31ed18a66c26c5900000008e64f09714505b1e70103a6566ac4d7efa434f29a93e9b2917de1a969835b4a5ebf34ce25a337001e940bb6b932d70ad9ab1af74519a621860673732b7bcc107eed390a86ebf76c44827b60c815f61d575de1934f4d42d62d879cf0990e3262bf965ee78af1b53baaeb9e3e74ab61605eb67ef3d9b787098d5820068bdf2db59293f59e5a2b1f132c67b8e134e24e505400000002614e759913116356b5966c5122180c1143b564b31ce7e8387b788e6665c56d293e44d63aaee153c4da75b14cd953cdd5e31333ab5f790a73a1b466dd182d0ee | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{EF3A2711-2957-11EF-B918-627D7EE66EFE} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "11778" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "11778" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "11778" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2188 wrote to memory of 1384 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2188 wrote to memory of 1384 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2188 wrote to memory of 1384 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2188 wrote to memory of 1384 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a476403591abe3376f99d1b3c82d34dc_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| IT | 89.46.108.61:80 | www.riccione.tv | tcp |
| IT | 89.46.108.61:80 | www.riccione.tv | tcp |
| IT | 89.46.108.61:80 | www.riccione.tv | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| IT | 89.46.108.61:80 | www.riccione.tv | tcp |
| IT | 89.46.108.61:80 | www.riccione.tv | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| IT | 89.46.108.61:80 | www.riccione.tv | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.234:443 | jnn-pa.googleapis.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\TFI2D1D0\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\TFI2D1D0\www.youtube[1].xml
| MD5 | fc0ba1400ec2b0a96ecda02b9e9c32a2 |
| SHA1 | 9d370a06dfde61ea430eefb69e6b1bee245da9c4 |
| SHA256 | d8e27e124522057afec88bca0eee19e3b259b8a6122912d6986770cb482739a1 |
| SHA512 | 1e82c7d77640b1a778835aa198db7c05a21e9c2797a5a03829c7a02077f23a3f14d681e5ea8e326c6d6fde73d7eb012cab0fc79f88e81e821160aa84160a2c4b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\TFI2D1D0\www.youtube[1].xml
| MD5 | 9fd754660302feb6d3ccc6524f8c3a7f |
| SHA1 | 0a0bc100a8933f75b8a83a63125931e354e9af3d |
| SHA256 | 15d51822b4aa6a17fef77a07d24535ab37bddfc044c7966047d0b05457480b0c |
| SHA512 | 5b2695fc1bc31a0565097d0a0539d3226957b35962023bb92f356079f9fe796d1987ade662e143c7c7b336d698e80825eb6f3e543c7d6f26e39f0ec238b21d7f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\TFI2D1D0\www.youtube[1].xml
| MD5 | 9106fdbe855ee9f0e7f941a287a4cfc7 |
| SHA1 | 74c5a4885f675d84c06771b173e9816758eeecd7 |
| SHA256 | 7c68d9bcbb27f5070a36b7e93b6e471818c3100acaa0c4dbb567cbd28f2fd71a |
| SHA512 | 5f6a92843461d693308395fedd95c56613a17ed6f0045c642ffdb3f2f52738ee867bdd3e5fa89605f03f69fcc11b67eb8cd3e6cfbfebd1772de07bcbd95d569a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\TFI2D1D0\www.youtube[1].xml
| MD5 | 84907712da00282076dd8d6abc1368de |
| SHA1 | 1035cdeece2f86bdd4163a98f18ccf233f49bdd6 |
| SHA256 | f8426009e94d4d73a97d48d33745c318ae19a5347f8ec3aa9b2b0f14aa644456 |
| SHA512 | d516521df89bc5a2538da8eb9ec502f7569b61ea5ae33a20fcd3685f1d5e709944a0fbe1ffd18b5a575c1ed51df9ddf2d9670aa199634a3d795649d8dbd57c86 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 18641e38dfcd20a146113a5c995d5492 |
| SHA1 | 86211637d54543475f241bd7ab39b191ae962216 |
| SHA256 | 911d18be461dce8d0075d5131752d3dfb0bf0fb7d47462f2f913f1bb5d4097d5 |
| SHA512 | 30673ee229cec2719260e71a6438fbaf1c24684a567a5c5760ce2cd197d438d7343ed95b762869c9337ecb8b7f8ddb406d45eec35fe5989930a9aadb96e159a3 |
C:\Users\Admin\AppData\Local\Temp\Cab821C.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar822F.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ca53f6ea38f97b20ac14fbee03891d8c |
| SHA1 | deb36bb450847d9942cc16aebc376cf4e55098d2 |
| SHA256 | 80773ab2c19f26691723adce4a322cf02ec0f544b10a3cc098d057724c0c3aa5 |
| SHA512 | 6f4f8342d4d752873569570d296b3f287be3daff884f1180f207af088f757f0e360b813dce19c9c43b25f58cb508e6eab0a821dd79fc0f9658fa8a1395499fb5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 365369ad5fc952d3c10a272a6a46b470 |
| SHA1 | 212c1cb359b660120229cd61e650c6bbf330f5dd |
| SHA256 | b04dc67026b6043f2b5a9e45e19764bf39fde264c1193df433b48cb6d442ddaa |
| SHA512 | 43bf0eb105649864f80c3fa6ab612d70c87e30c5f81c7ad05e71e4c61567c082f6ae18809eedca05143f8ef0f119f2c854cebcc252fe450a2327835dcfb05bf8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8c33df01733fb8b3b944aaa83207e15a |
| SHA1 | c93b5453916038c36e279f4646b3841cf96e4280 |
| SHA256 | 55bb6a8dccf64429583ecb0002ec913526c94d523da7bba607b1091dd065e3da |
| SHA512 | 2734bc5adfc116f1a5dace795da2d1c54a11cd6c230320fcda7c5c546d363953c2d52f2f3d982529fee54eba09765de6fb5ab54d0e6b5d3331b892975cf875de |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4c67293d5b4b3162aa727f3a26109536 |
| SHA1 | 475eea23bc94e23574a71a985b11df27aa24d737 |
| SHA256 | 54d56a7f8fecc625e03f090ffaa16845fe53346fe2d90f299cb06e11d649db1d |
| SHA512 | 752377d7d2df3cafbc3388533f9501a9d8eb326391ae26fae4c32a4d10e97e4e4fe7bdcd764199d6c333f038027d8915a022f312701227721efa8551660e2e3e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5c953f30d6525e5ee68fcba709f91f47 |
| SHA1 | fc3f7ba265768b5d3ed644fb19e343f345a088f3 |
| SHA256 | 56a6ec6712e261eb1d2dd04822c6f6918ceacca48a2ee162a46300983680ff7a |
| SHA512 | 5f4ba60dc3cbd287fc656f471c6c0e57933c8379b4d671f484bc9d045772e0dbeef352eed30fe1614ffdc88edf90dc572366e7d9bc6326c2c1adfbded05940fd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1f11f6f471f295d4c509a4562eb3cc42 |
| SHA1 | 454bd66ed3ff62efe9b787b1bbee4b216dee8bfa |
| SHA256 | 4fcab6b25a6b1b27ab012cb5431bf98adeea76fa69f4300d174726dae3064edb |
| SHA512 | b3ee64f9acebbd53b515731c62f78d134431f9d1482d9341b90ae94b4cb6dae14fb53b45cf34887f6102a1f2de695f90575cd0923a277ffd13f142142807c71e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | aaf3cd06a82225744e1a78601bfd91e2 |
| SHA1 | 12fdb96c5573609546e56e4201af6950a7c2643c |
| SHA256 | a587785651a4e460b018e3f479ae204bd48dffd0655b1e145c7568ec173b2e57 |
| SHA512 | 90e95e5dbe5b28750e363e0130c331bba8d79dd99eacf33c2c683eac42f64ad361f1cdba3bff68472840d82ca5bbd354b6346f14ee0ac5a303f01fee02ee6753 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ab30c84b0af99fdf7aec035f192d5bbe |
| SHA1 | 6d39e0e0e782b2824abf2524ee14380472afaae2 |
| SHA256 | e883963400589824588a2d5f6bdb94838878ce2012afb1156b5ea4ec7f421891 |
| SHA512 | f0b6b5f1540b51341475a9062836179be34eb067de826a99fec756b3fa5d1dbdf171cbb9235805e2dde29bde547104eb4b72482b7976f4f6da2120ca34ac4964 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\TFI2D1D0\www.youtube[1].xml
| MD5 | a7a7771811d3825fe3d863c12ebf266c |
| SHA1 | 41b6be536f3098a627b265fac055d7840dc1e024 |
| SHA256 | b229e77de2ba0fcc874470a37a2ad1198ca2769329990158cb6090cda9659f19 |
| SHA512 | 566fff935fe2807e6bfe6b56d1f3e0254609e50cb772904b1bdae4f9b543d7df5a5ac4ba4ac4a094f8282f385b21574a32acb2113923681a58032ed9d43d94b7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\TFI2D1D0\www.youtube[1].xml
| MD5 | 85cab274c9995d1b8486d1edb53a4317 |
| SHA1 | f417164346f49197773ee9eda804272c5f48a32b |
| SHA256 | 57014a42566e0aef1edeb8700f51a7c22aef36138295eeff3c7702ad7acc32cd |
| SHA512 | 64198a0fb6703d6bb128a7419a87299ec5f9c5b191d0f68b0fdb48315ad76fa5c69cbd3f71c4ebde036028fa00d6d0c996e12d0177893f434f38c4f0fa6d2258 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4cea2a26adf95aa4a68c8f90f2446ec8 |
| SHA1 | 7f32326f85133c5aa7e5b920d7db5e20a003a06d |
| SHA256 | c097a2ace92dfd68e691f5d94b289e22d82d506478e132ce85a6736f3ae2696d |
| SHA512 | c58e4ed3a4bf1e98c62b2dffd8f39dc5df95a71485bac0d8ef3f70d83df143a40a10820d9c800136ee63479379ed0a67782f891db0b4867718db4e3683a9727c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d66d80ec50e67de1902355b542962468 |
| SHA1 | 6ab12cd6801183c52479db2794eaf54ffc3ba5b1 |
| SHA256 | 01f8fec4840a368f7da95638d860c7150655dd2a04f320b6af10b525971b339f |
| SHA512 | 967f827dec4cd50984e2fbede2497a9523a6abf5dfc7e49dc065b0438c609a5faef98a210cbeef0c798492e47ef2ed50befc50c60ec47362f747f127dbc119e2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 849473d5a269d533b4091b2ebf3ef1c5 |
| SHA1 | 030f204ebd2d6af21a869b0850c7e91edfdd38f6 |
| SHA256 | 3db80a69b0d495a86050641a014096491e7747f17a386cb2c7975c3651a95ab7 |
| SHA512 | 4100689be470e3fe6375ded8a3b4e400b6b3a59b2e3d45bf300ca7689653b6b1698acf42a955b424bf41054254c0fd594480f1aa0c433f5b966c3f7f141f851b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c454705129c11a9c20ef3c8c6564e589 |
| SHA1 | f4721ff11bee576b02d1ef4dac98a7c4403f0371 |
| SHA256 | dc7a89e52055453e709ba425b7401a303c48c4ded14fcaab2fbed47f11513605 |
| SHA512 | 4b994f614fce0bd4b63594ebb122278d278027631afbbce18355a77e37e1e1fadc358baf1c196d9e9ace0ec22ca8f3c43cc7a26701a3ce9bf9c87518253a7ca8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3ba6846a0de23f482fa3495976052b5f |
| SHA1 | 89125507d2210d3a25f771f901922d94aab81686 |
| SHA256 | 5b306be893e5d5cc3a943735b3d3d1513eccee82f9cb24ef83316095015fad3a |
| SHA512 | eb769c83338b692534ff11dc2761966ed0196a4114c90ccc859be211bd9976e96e169bf4e9a5d02d3d25a9a75ea645b9331ffcde6f389e5e869003feb5c1cca9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 85c2ebad9743fbbf459d78c72bab9cb3 |
| SHA1 | 7fde30f725be5e7998b2a1c36ea654ef0e58c8ab |
| SHA256 | da798593a4f8723eab8a23550a601be2b195c61b6529ba313c38c1a2c1f39b63 |
| SHA512 | 400aa4571de15221971cbdf1ddc8fe61a17bca7be4bf239b8f0b779509dd06d301e447a05ff7f11c28504822da4c16b580f562108c64231673508c160eb18149 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9f0ed3a55a727aa5a2cc089dd80f52aa |
| SHA1 | 1fb3df0a8bdb999167aecec914b755547b8906c1 |
| SHA256 | 93c7f93455e3d529a2d65af466ffacddd07017193a14449addf6d4c6f1fcd514 |
| SHA512 | 66672c5da46db0142d13503627552e9dc801fa15117884822a5e23d9d4e225961899c24b5c34701bcaf18055ff7595d755b6cd02df8e73084b5ea56f31545386 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | df85252fbbe534d8d8520b9625c05892 |
| SHA1 | 701922e0515c60ba25979fd70bfd9f2356e53af0 |
| SHA256 | b8c1dbfbb1dc535c0603ef59c30f4882d8d5c6e3a993e882e7e9b809553b2d4d |
| SHA512 | d5df9e820f36cfb41b46a036b173f93c08f9de9d7e26ae010e18454be89a63a1283611100c6761e7eea6005641c52c4c1e15aa740aecc975962133582641f5ab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4d7093e9b3c17fcb11059e507ccde766 |
| SHA1 | 406572ad77c73216ec7421c21d5895fbc3cba05f |
| SHA256 | bacd5b15a246a8b70e6474aa9740429579ff29ebd8be7e8f15e507f7376de6bd |
| SHA512 | 688b5c9a69b1bcaa26d7d44b9f1b9d554559a6b2b97a7934395c891d0b8dffc2221499c2c4c0ccb21280d28eb016b6d77a99886131dbbee1a4742fc9e3487e7d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 197b69f592f468bf8595b85c477d0d92 |
| SHA1 | 5a8488ee2a9f771a4e88169f76a782f5a46daf11 |
| SHA256 | aafd07e8262b9f5c892a970caf04ec5b2d4ed14132f692bb05373c7967a634d7 |
| SHA512 | 9c085a38ef8455a91a864fc1f761bbd8f8963519006ca216a06240d1c70b85f871a7707633d690ed1e5c2f16f58266763f3199e35f5503a0031f792072154f66 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 07:38
Reported
2024-06-13 07:41
Platform
win10v2004-20240508-en
Max time kernel
133s
Max time network
145s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a476403591abe3376f99d1b3c82d34dc_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=1620,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=1292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3968,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=4968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5272,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=5296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5436,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=5448 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5452,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=5532 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5916,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=6860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=5912,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=7020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=6828,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=5804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=7036,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=6200 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| US | 8.8.8.8:53 | www.riccione.tv | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |