Analysis Overview
SHA256
cce976ef9fb5ce05649777ac5d1ad21b9ddc8ce5a4e57d0ae00902156031620d
Threat Level: No (potentially) malicious behavior was detected
The file a47d6bf019003b4b01df6f9406deb0ee_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 07:46
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 07:46
Reported
2024-06-13 07:49
Platform
win10v2004-20240508-en
Max time kernel
145s
Max time network
127s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a47d6bf019003b4b01df6f9406deb0ee_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff091646f8,0x7fff09164708,0x7fff09164718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1488 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,5596763178839036717,5218213149650206374,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5780 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 52.111.229.43:443 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 87f7abeb82600e1e640b843ad50fe0a1 |
| SHA1 | 045bbada3f23fc59941bf7d0210fb160cb78ae87 |
| SHA256 | b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262 |
| SHA512 | ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618 |
\??\pipe\LOCAL\crashpad_2696_JEDCKUMAUSRVBJBU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f61fa5143fe872d1d8f1e9f8dc6544f9 |
| SHA1 | df44bab94d7388fb38c63085ec4db80cfc5eb009 |
| SHA256 | 284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64 |
| SHA512 | 971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a5ce2f8c5c461dd0c2d84ab341e20772 |
| SHA1 | 4eeb9938105950aa8dd1f578d9e889fcddfde58f |
| SHA256 | 199e380581351ea0b938f9d5e4278cb3281d6c1e53ba0e4e8a582fa860438368 |
| SHA512 | 956190825afacdc45d22b932b25168030de9e07fada448a0bf453529ee419c00b3d428d956643fa693f892dc149a18bff5519f34942c740307ca012b740efae0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fac8425defb4483b79921467073095b1 |
| SHA1 | a83ec4ed6ea95b782fd07300f20d6abb9d0fb3f8 |
| SHA256 | b3d7489a540513c1d98f2ef86e8ee74a96448de7c354dc565152933cac26dd43 |
| SHA512 | 7b202bd84eb0e4eecc28670f546900d302c96d02858b52270e19cfbee8ce7bc220667c2dcea181b2cbcce8ec705dc832b0250bba66c58fa6035a383d4381fdef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e7bcacc9aff2a9ac399ea5dda38fec3c |
| SHA1 | cdbe57d1daac63530e530c7ba93bb22e9bdd4e79 |
| SHA256 | f84a065ddef27b0ed9be10e23df3bfc4b6495a6874cfad9cce87138260de7293 |
| SHA512 | 7b565aed94aa6c3663ced04ada6d4570bf1e0a39a84347cc0c0d4e0f9b3d6de2bbf0c2ee6e886c957852ec73a352c0ac01fd2ba686b579b2657007de3c1bd18d |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 07:46
Reported
2024-06-13 07:49
Platform
win7-20240221-en
Max time kernel
133s
Max time network
128s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "16803" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8588" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8384" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8296" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "18924" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "16797" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9880" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "16797" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002839321140e4944ab02e697eb3b9087f00000000020000000000106600000001000020000000eb5241be674d43c73d9ffe3fd6cd521a8191fb0bf516731413145df2708806bd000000000e8000000002000020000000f173b8e14e09adab298bccedd3fd70ffefa3e10948850fc6d6019c0c34dda0de20000000c612c60f62f47276a18e406a54158faba3ac37ab22586d255edb7ce42fb44b69400000006f7d46f12306b9e97e2662de17252afb9e65ff4f689fdb50406280a9e996423287fbeee38c9a0f08c222d5481020305c2f5a213678d13216f01df1a74674db10 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8588" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8588" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424426669" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8296" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9962" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8296" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{129E9691-2959-11EF-92E0-EA483E0BCDAF} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10050" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8384" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8384" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "16797" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "18924" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "17007" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9880" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8378" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "16803" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10050" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1740 wrote to memory of 2916 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1740 wrote to memory of 2916 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1740 wrote to memory of 2916 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1740 wrote to memory of 2916 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a47d6bf019003b4b01df6f9406deb0ee_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 216.58.212.214:443 | i.ytimg.com | tcp |
| GB | 216.58.212.214:443 | i.ytimg.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 30d86a9f17b6be51a21a056640c0f87b |
| SHA1 | 297990313a635ca02a54a168baa70ba01ba51f1b |
| SHA256 | 4a6edd18e094ae89c946c86d3dfcc4ce84d269ec5dabab4cf7bc986de7b833ab |
| SHA512 | 2969685d330e7a59037043ddb057b2f1d428bb40b98346e0c8c92b1ec31beca9ccb73d5d907b2376e1cb9399304df7e1c6ba8f0f4b2a0479ea7b28033f40c82e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | cb85f3fcf86ef0de7ef258539cae87de |
| SHA1 | c73288fff07885a62f8c7033b348863ed3b8cad1 |
| SHA256 | 7430a96d94b1faa5363b7656b323ffa416fd262e0405e498bb143dc93443963f |
| SHA512 | dc152f2e8c8f7e316e84f7a1f3996e02c08d582d6d0e40b8bf7171e359ea952a80b7452e56690b30fe98b4655d4744e8529a930449ef1cd853e377f86294b2d2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | b2da82d6ec3ec602d25dc9e045eeab18 |
| SHA1 | 8a5cdbe24350b827c572f1df6d7050396315e9cd |
| SHA256 | 921e7ac4948c7e06b1e12cf3a37f3bce0f67c9dc9fa008191f10957f853e92f8 |
| SHA512 | ef68cbba224e707091c0f59ed4add3e982cc024987800388a072622a7b8e14f9e2625c988bbe0157e090bc83a23ba40d26f71f045a7623ea09a9ddf56b289ca8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_89FBEB9EEBFF8AABF1EBFA20B87AFE7E
| MD5 | 4d9982e08cc570df49c2c1a09ae5413f |
| SHA1 | 36e59cae43644178e72d2223975fd1d1d5434d00 |
| SHA256 | b08a5b4b34e61b24894432137f637fa61c1d4bd8d83e1f67fc8251ec6b21468d |
| SHA512 | 67d56c2b285abf126989d508f986205850a604b1ab0dee9f4c327a45352df4137de469801fd73ec067aef45a8dd299ee3527d58d4cca3b594762a495a7cdb148 |
C:\Users\Admin\AppData\Local\Temp\TarECF5.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_89FBEB9EEBFF8AABF1EBFA20B87AFE7E
| MD5 | 60c593c796591612a55accb66d6448da |
| SHA1 | 816aeadcd13ae6c0829aee7c247b5dde70c7af95 |
| SHA256 | 0a7ef74ec7fbf8eeee4907e58fe82af1928e84c8585a1684c3257db3ba58f40d |
| SHA512 | fc0b1b8d6d428ecdeb395894b6eda967b75f1835a81fa436abb6fe8b3a0d89b5bbd45292bad2eb5531155b4da048ce579b57b59c94338bce58501d60c8f4b176 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\www-player[2].css
| MD5 | d32700adacd5d982244c69736b87bedf |
| SHA1 | 813dfe8ce4ee3608ed3580113e3b82730ff03c85 |
| SHA256 | 2c7426a5c6bf00c328c96fb01c89c3e23ba7791e87455cab5aa3b546942f1fc8 |
| SHA512 | bbe35704822e0a82de2da2890da6c06138514070fe93978823601079a9371386915431f98e613adaa9566112d728f5f0274b3864e8a0c7da538833383ea5d342 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\www-embed-player[1].js
| MD5 | 8940a491297381a0ce25360e21b39bb5 |
| SHA1 | 43d7a4157e78777fc024415969c3a7bd550a4322 |
| SHA256 | afc766cb1c4a339c40d24ad926f05e8b4927eed7532b876291d0bd19adc9cf3e |
| SHA512 | 5772d7e7485db888676e69cbaf4c88af01872997338bc61e8e0344d5dba208c2909e167d54d8edcb782e17d1a2b4e9dba955baeb0ad0e43ba932b3bf25ae7dde |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\base[1].js
| MD5 | cb463df0a090cdfabc77af2691141830 |
| SHA1 | e3dde6a1f5c4803e69839154013496a781137473 |
| SHA256 | e09e2e8a3cfbcc88eea12d0b17161e1f2c8c75f1bb21100829c09f9858db3f24 |
| SHA512 | 099374f7b03a4635390b94525105884fa101d93a583eed0d92def7d2de3199d2bd57fc63d885e8e9af0863db40cf521d2fb770eb09400a4c6285f7c37ad88e8c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | bab7f329d090d5c16a5b63ae0e50dd65 |
| SHA1 | 35c8beebe76a68746a09252180e6cd1563ba5574 |
| SHA256 | a25269e3426a4a6d4d29c992b880a2f3bd59b5c5827c55516c535e742a3f947a |
| SHA512 | 3ae3525ed4b390864fa242d69c262ff268f06a49a403fc8168383116436548286c296bde35bd3915752adbb535c12abd3a61be4f213b14572ff740408eff6d79 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | efafd9b361bf4c016dc056b2f31d0745 |
| SHA1 | b32660e4d6c9ff8123447eb0dc25d91f8e59b5f0 |
| SHA256 | 1c4111d0b577b590608ba71206c52c7e333ef73187b7c1f4313051d64e15456e |
| SHA512 | 1bfc14c66d7d9975ba8c88e7d43173dceaa0b0d431162056cb682e458a6c3739550757bc16535e7d419042f9cdd883f6032de1595886c1443f5de40a0aafcecd |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 1734a8ad8c5377c27bedff7276c9b2d1 |
| SHA1 | 3ef72d9bc70e81ae340a73270ab1baf8ff54393a |
| SHA256 | 6d65549ccd689d19126b24f3631f3c529779b92899b83995a42c3441a0384f90 |
| SHA512 | 4e591ef4ee2a1f08f158f8df4b4c96668e209caf76630ccbe0890ef7cad84927ccabcea77d974c7b0dbe0a156ebd8ec930105c879879411c4ea12d5c1ce922aa |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\embed[1].js
| MD5 | 14d69fc9da4a63c8ad5013b3d3781842 |
| SHA1 | e0272f8403d95fd27df22dff5fc014e2ab5d8a3d |
| SHA256 | e2a5632fec9da56d272ccdea5ecfa7000dc70659673c52a11966802e37a2140e |
| SHA512 | 0f85c67ae8969570f6cfa4d265013da7d4820ea11349b11b886d480d7d78df5c6aa1e7484724d6b21421db18678d22bae6d478d3d0e35506673fd609805d1976 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 6e231a505b065a9e1dbefe78f2ad10de |
| SHA1 | 35317ed73f3aef37677bcef2ad93ef42c60d3d4b |
| SHA256 | 9f552e0c3e971295c40044061b9570c8a778bcc9f506d652c405b5e5f9e8cac3 |
| SHA512 | d58c126563610bf1725de594aa3a3d02a0b65567536ef060cc285137530c411a77317767a1bf44813a66bf745aabfea5c1df1ac3380dd8132b513ed8f5858584 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\57wTYcgCL9-06Mjz4he5vP6_4afBPjLl2lxgmn3azys[1].js
| MD5 | 856cbc9239ad5b22e09262a0772086b7 |
| SHA1 | f85c8823e31ee0445b52eaff81a312bf30a9de0a |
| SHA256 | e7bc1361c8022fdfb4e8c8f3e217b9bcfebfe1a7c13e32e5da5c609a7ddacf2b |
| SHA512 | 9a57544fc353802c2e7b209a025b39a79ee646393fd89ac7d0325940853033fa661a252da81a0e4ef391d0c3b6365fe9f77a6c3f5f73bb41ddc14459c627b745 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 0c95ad0a95e51d04d0e333e92d5d5db1 |
| SHA1 | 42793d15aa23e324e3eb94eb3df7cf405e4c0f61 |
| SHA256 | 4a04c79807350fed011ddfc7c9be2b283917ed7a6937f7221768ee50cdb726fa |
| SHA512 | 24361df136c64fea9bded1be4ef4847c0a14feb5d8682af8d0d0679443dc0c57135544ee08fdc8c051217cce2f908e0a0bbf52089db41cc1ae9c2a62164d343a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 7788b101d359ff57edd115d2d6276da2 |
| SHA1 | 20652ae36d31176dca85541b9cd995ae919d010e |
| SHA256 | 2059d2a633af343fb204e4f568bcaa0311fd38d1802d6f72859476892191a5d8 |
| SHA512 | 0622af8da203c2c1c4601aec3965994c62ea5bfb936abdeeed9a1ee1a6fdb99c95ea21d5d681ffa9972b86b43eb7d5256ec78be22374ea84befae446490c8d50 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\remote[1].js
| MD5 | 122e83be4335ed0b6b270ff458ce45fc |
| SHA1 | 4cb88bf4d9efe3759b45d01dbdf258ab8b4147e1 |
| SHA256 | 13bace7cd8fc970632b82a7f1614ffff8f8f9f8dee7d5072d633c4ad5f7cadc5 |
| SHA512 | 188863a2f4c41b81179f8039874f989163a3c61ad4a6d766dc86aacac71f80add476682b6686f8c95f6be031ad78bf5767ca48544aa64ffd303f522888b558aa |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | e1ed99464c685888fed363387a417d84 |
| SHA1 | 1544189be5deebbdddebd4ae613889ba8efbf876 |
| SHA256 | 4a4558bb0f63657b44e64b86e16c8e2b9d1f24eaf72fc55eec20696230024f6b |
| SHA512 | ba54559df4ba3862e1d2cac7bbb13449166305906d34b80fe5e341ef140e89560efde6200a7ff242089b2e9580611d441be1b859349afe2de72057c31ca55f9c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 3a739138fa6e40cdc82900ecd86619ad |
| SHA1 | 78767f9e43c24d2f1d1b04b39d3fcd1cf52ae125 |
| SHA256 | 82cc4681277d9598b28d7496c85f46b15d4ad93b1b18393fb022149b9fc43c99 |
| SHA512 | b0ff68c4dfb54fa707858e3abe26dec4ee6d7d58d34265587f90bcd691a7a8588d7a0fbaded58c81ebf6bb94a36f70b12012c8e211362b0df71a85c122b28f57 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 680a8cd496335db448046ba9482c5d47 |
| SHA1 | 317540f1f79a262da7022135e426407d47530515 |
| SHA256 | c1766f1ece4199247ac9e5e09db0ee4a0fa39a7cf99f48c3b03befdff91a4454 |
| SHA512 | 9aae8743afec1ec03a450bdd720649addd8797091b35c4ed06e988414e249249d9dbbe880b64a8dff8f442042672ba619695c45e9dbcabb5a873ce578171c106 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | f3dee7968e4c5c597a467678932ba256 |
| SHA1 | 01528ceb97241e3b4d4c137f45b7209c2597dd8f |
| SHA256 | ec18de86821fdc9374d306ac6aa5297ba691816508a7d6390fcb121667c188e0 |
| SHA512 | faecc9d5fb21fa37adfc41e99928f8dcd27de45b2e1a2be709fa69bafbdc754a13801f3338f2671ee9b3b0b08603dbcfd3071726f32531cc59d2ba3373eef752 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | db721e03456bb14a79884345e3408b3e |
| SHA1 | 4c6c870d75092a203d6eb8e22d9487031a40fdcb |
| SHA256 | 7e61160c6a5b4b9356ca1217ca88f305e3e5c716ead44dfe06c313802f4055d2 |
| SHA512 | de8b2c57a39b606e4805b8bbbf2fd16fd82ea8840966547521e7750a5a9066eeaa9bf48de7a5d3c65453fd8becfa006621f23be4c0397d47add0b081c37891a7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | b7cbb5dfc370305882b927c52230dad5 |
| SHA1 | 86660d274f6312dbcfaabd5d6b22d52c6c5885b2 |
| SHA256 | f28ae6971c0f27575aad2c6a4a6fac3fb028c741d4a08c073f5fb4cdcbb2bb87 |
| SHA512 | f1d1e30757dbfde8e015723ca2df71387cb6b80b36e426bf757780f1314e1322690378e4de50134f2526dd11931af9b21149ab86de7a53f038dff3406dba46e8 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | b97199dc20d9e42c19ede7edf8ea26a4 |
| SHA1 | 259272d15c6c0494ebcc6ec457b22919c3454b36 |
| SHA256 | 4121f2bad5e4b96304cd5336a50030afeaecc37b8da634c9950dbb062548f367 |
| SHA512 | bff33c30f6d2a400e0f5d214ea77c4fd5ce21b0500a042752a23016bd00114c05626d98ff8d80f516c160da1f2301a19091889dd2f6fbdd7ee5500d610947a72 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 17da87077f768da725982f2b3eedc82c |
| SHA1 | e40e6cc4561e86cb7c1c1666ef7f98f088fb08a0 |
| SHA256 | 9b00dd3bf418786768c5ae55fd7faa01ac339a680890b3a4f1acc003d688235f |
| SHA512 | 1addf0ccd42ab30c3c14f76cdd07238d177f1bc03f8d8f2442bf06e819fd539a15473c34bc288981f253fe7dd0f42bd4a733ca61c76a63b94b6fd5c98f35cb4d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 823eb0b8b6de106931809ec01f3a5612 |
| SHA1 | 127cca9aca6a24129309151841851401d1b1a15d |
| SHA256 | c3402fb26f589c90d01f06eacf99c7f55137cbfe759246b2471592fcab2095b7 |
| SHA512 | 9f6e5fcf5f5e758f2d7ca2927d20796170adb08a7fd44bdcbfe49d35109eb986be1c1244e4fd6156f67a53d33cf2f72be724ddb1b993ae56078e55ad0f50943c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | ff497f94b3c64f1c8f4c0eecb035fa00 |
| SHA1 | 2d0df7833d62622b632d8c50da4f60cd97d24315 |
| SHA256 | 6eed71bc37ddbf20cd3564761d4513f813ec4c7ce418deeac8e48dd483dee757 |
| SHA512 | a751f9c74777b7a56891d236fb3d8bfc107b68eac58b9e92bc1bfc1c534b03adf49cd41c8f47dd5178e48a5b8a60f5952461c5c3fa7d068376c141b776a13447 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | e151d33ee0c6f0663c914104eece6b4e |
| SHA1 | 3af2215a5393ef0b036ecdb02ce12a6728832c79 |
| SHA256 | 82b087664aab8b809c090be7d5708d038e3cafd0cd6a56a53a0214ede4f21a56 |
| SHA512 | d946f197f1fce6c495557414af02edddd8891278f4a724bc3b63363a64587ee5862c66335cfbabbb323181f1a446fa758d4cd499689588971c02f3568f38781a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | a1f912e5a7a0e27b8af553216b80a311 |
| SHA1 | 80231d81b6c8d1e1119bf46177206e75055b98be |
| SHA256 | 42124cadb891729e6401d71d00e29367666777d111c75a1e1621f8fe06405a44 |
| SHA512 | e5ba23e5ae438489d120f24f435a220ea0468fe944da281251a599cccf457a38b26e5a1ac11f0f871877749a6dc4b88c9fdc304d0006f00691bdc12807a1314c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | d1aac428d17a47c0a1328cca1b3be423 |
| SHA1 | 55366e4601227659d30762e6264e450aa9957055 |
| SHA256 | 57206e49f12a5e23a1932e1a3e7be0cc220ed99a99392633698d548f5cb5e6bb |
| SHA512 | 824231e0789444429d0692d067f7e2179e369d93f04f1a5b21a1b814ec2083ddd5bf89e37c5cae3cdcb69414b7c5aedcc5a75be5fd36281a6fa43197b13f7f1c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 5129675f7f79ba660b7dd0f3166c78d2 |
| SHA1 | db0ba3474b61dda91a45519ac2d28a2bc114c23f |
| SHA256 | f2b9672dcdacbfd471c23870909e848a3a6f90a52c6180f74a6393631e5cf0f3 |
| SHA512 | 18fe86d65fb0bd1817aba915bf1c279ec8b039c5078267f214e21bfd4deba8ea4c64a9f976b66e04ccda4c42f9df5896a0251b09fc49c218c6f576b7ee626d19 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 00a8b6eb993fb91588fa11eed17d41fd |
| SHA1 | a0b922b4adecc213b68ea1d966eecdcb0894b61a |
| SHA256 | 72f8723e6a48e6e2364586ec10dd6667b9619820b370f77b797369743be5e301 |
| SHA512 | a78b41e43436b346f8893bbabd853b37741b4eabcffbaea1bcf493ad9f8b46735e2c85b30668639b8c9da1617aa36d69af05bd2b80ec38647c1554678b1a975a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 3ed25efb4fe0cfd8c1f09d70ac0adcba |
| SHA1 | 9ac35609e806c3767535794839cd98c5e58292d4 |
| SHA256 | bdf048c63d279e536fb4e7ef9d275dc367b0c72c501dd9a8ac7d47d14a2f0eff |
| SHA512 | 1b343a515a69ce51abdc145c719a75becf0f38465883fabaab427f087424fb3c8649e70820475c79475d2fe23434b274dac2b9dc02c42f18d375d2b927fe2097 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 57fecaa38e30d287d035eb2fd6a89654 |
| SHA1 | 4cb1a7fef04598d391904622ae64b7490652ce27 |
| SHA256 | bd78b3fee858d822bb1056e96604c6f234e323306e8a55de56292667a205faa5 |
| SHA512 | 21d330de3947e1252e7978464aa56983587734379d0f9dc2f813a272b57596ec67fbd40f361fabd26cd59fe6048b4e3ccaa62458d4ea13e9eab8f4e364593f42 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e5f265f63f65a6c3971567902afeed83 |
| SHA1 | 79d417f452314f54610d078d229867cdec7e1520 |
| SHA256 | 58a11abd37c7435b5aac69d13b8466f2ec0c45df6d44c3c8733eeff7b5f28201 |
| SHA512 | dc79f592abc40b9d23fa1fa8b145e5c68c4354750793e031827cd89a4969380f7bbde7c3847e395d4eedcd0cd22c4230ad06f49b720436abc93b6f63904bb805 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3e4633861404896690550fc22bb20eb8 |
| SHA1 | 7c8244a9908dc947d54d8f81a443d84335892166 |
| SHA256 | 478851b82e6bbdfe02d6940526d440f30d8e8ac9e80861d997aef9cd2ae650f1 |
| SHA512 | 66d4d013b73f3a05ff024f0363eee90789c5653799e63373127ef1a0246a13433cb68dc979a16b4f86028bb115353a1ab6a1c0a1e966cf508bd9363429b1fcf2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a9a486cf3c75d8774c2a7cf0deb5d930 |
| SHA1 | 35dab0cd9320d5950268a47f8c8466b3da44f767 |
| SHA256 | 60f84391f37dfd9f512007f585617414fe4d3f0bef502bdf31b57833b9821064 |
| SHA512 | 40332fa5360d4e38b06433dbda2dcf7707d896cd9ef2254edcdee89b4159a3b73fa5b6d47890e6b68e1096d79b21ad6fe681ff13e1d7b2a0e56f6eee1e20f3da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1b8c0fc10e3bb1d49e6cf6ab7c6d0ee4 |
| SHA1 | e73cfec2245374d38df0d937e528b4d7e5b499e7 |
| SHA256 | 52c2d1ac0e1ccf92cae16ac39271e7339c02de48e302d38adc93cb0d7f9e4072 |
| SHA512 | 4daa69d81e8816b769930e2d0a28190e8b018840586a4565e2c093b6a6a3554a202f8fc9482ff0ed3db93a00e093f1e117fabcf4a401fb9d356fea242771907b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2852a8fc347fafa42f7fa326d1beaf19 |
| SHA1 | 266c35776452577e6a60b512a03b6f08de82673b |
| SHA256 | 52ad63c8096f9e11649fdb880de8234ccadd9625e10cb5e014d00aa5008d57b6 |
| SHA512 | 61c581bc2acb06dfdec756c9fe192b0ec086f964045e49b3192ee3fd9d44a2cf6c9c4dbfd095324e5df27ed33ce51d794f8bbd385171fb625b9f81ee2706f7be |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 58e7aed274e1484cdaa19e606f820fb9 |
| SHA1 | d70e79f6d4d02434b9b54104df146e561e98a646 |
| SHA256 | f903d947cd762b44444385c34e965c21e061cc122299039dfcee522797c15c95 |
| SHA512 | 065019b8dd2dd91866dc1bfc4970a6be05991596648fd963aec8e85d1348c630dd6b76b115212a1dd0d3cf2ab3ad74640078aaef21a1768070d65add53f2c04f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | ec18f31498bdd00850003cafc2ea0806 |
| SHA1 | 6d06a17f9d85642dccf36645cc2f408fce28872e |
| SHA256 | 83a4c7e5911e6a6087285ec624e16a2b8db6d9b4d0c4403d60874a6db4c51091 |
| SHA512 | 415ee9aeaea2b8842203cff0e8dea742b29fd8b9e63b814927a86093c6efe7d9d05b6fff68a3c739d0f083c8f3adddb11bb6c21381f87955462c2c9a1a9a3da0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | c5272f0ce5418932fcf1662f55f6dc07 |
| SHA1 | f575746abc5d9e3d29543d3a66111b62e3d8a99c |
| SHA256 | d9b0cafb5770875ccfb9e3bd8133b16bf238a0b7a7d8b05a52431d8f80d31a05 |
| SHA512 | 0467921d0786f3234e1169019cb00bd2aa88befdf9b9096b9ae7aa17e1d9dd3ccff169c194b87a95422f7ba2b3af4447b87e479a0bf07bfe3f283682eb541524 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 57d5c5f56656e62f1478a789c26b8303 |
| SHA1 | cb5f7d8a08469272043cc694c40a767b6bbd99be |
| SHA256 | cb20c3bac269b32619f634787fba5149f67a74a9de3a316fc8a9f05b93fd8aff |
| SHA512 | 80d86d6e10749f4314f24f4d6e20ae65d3c0aa9434662f1b317191519832cb33a2383fcab17453e2299b43764933915834f53267343890163d70236d5457d838 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 090505754635a11c1503f026dbeed71c |
| SHA1 | b5c8373408e46062f386f8eec4e25243b0bf445c |
| SHA256 | fa2657f219de4b2e9992d44c53615b8806f8f7a0396748f7ce0c7a75f145f867 |
| SHA512 | 6743d01c921e4464f43e84263b47fe2134347bf5d1bd2b439d0465e5cea53e0e294b57708a7adfec22736dba8a9ec95261a137b97f8b84317e26d7fdf8fd50d5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8ae148c38821e1ccdc50a6f7c431efdd |
| SHA1 | 414f59da9695958b3af7cf8797c254eca69fbfc8 |
| SHA256 | fb8e7a5a700cede2f5230e1ab1ab423c2fe504f7a3a8f164b5b827d54c0862dd |
| SHA512 | 1c1042eafc8ab86645bdca290d3702ea3e891b943c89140e26e73f78a51e363771fbcc10cb98a465cd0ec97742157065577e57d734fdd018ce40962df42f19d9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4b718a724fc06b98103a86c3766efc77 |
| SHA1 | 08e3a2c94741c5469ffb8b53f684d80b17ad39c8 |
| SHA256 | 3f3f1e7fb0d4836f1ca5165eea836332a816bfe1da054fcd1811d153782b5831 |
| SHA512 | 0e036f6db2997f6b562afe99e8537ee561a09f07e4d22f2e57ec0c5fa2e8d40f70f1a6e572d71cf8b236e9a8685e16a26db79cad6e657094e254414e3437fe5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c1f7b8cf1820134fad6e064db55c9ea0 |
| SHA1 | d3a853886e833912983dc998772784dea020fc15 |
| SHA256 | 2fc99bba199da702a3417c5e97afcef7d9bd8f56452e5764cee27b307e8ec483 |
| SHA512 | c3cdbf9ed4f2f47ce0fe60c16632d27d5ad2e2ab76cb9db52967f3717a3c3b83111e7bc6f557eb86a7f6e10d1efa0ef046a2007f2d042ebb8082bac1c540cc63 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | e95790c91446a881359880804df31343 |
| SHA1 | 4c9fbf58089f7c63549e4a64a7788561eae7c180 |
| SHA256 | d17bb10ab4d25ba1c3ad6ee99bab9e97812ec31cf09ad06201678e71b682dac8 |
| SHA512 | becfe42c440b2ee1af3005ed20cc065ba613200cabb449127abdcc54687f535fb22bf2cceddeb0d94166d71feded20ff0e9f7ff69ee4062f828fd26d35a345dd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5a950a53df7e75e635093fda5db0dd9f |
| SHA1 | 7f2675bae5ead3b59225da2da9340fe1ed5c4529 |
| SHA256 | f4e21c9e95d5cced95c07414dd8dfd9f4dd5d43f25f8c9c0c5531191d6a39ad9 |
| SHA512 | ccc92e40c166794a903705d1b5d56400e251b9a44d7841c702b9c5b7403c9f17bf41ac9dc2370fff2e8869b0f965666da421dbd3235b349338f36379f8185acf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | faa5ac7fffcf65c460469a617de56cf9 |
| SHA1 | ff1745ff8bcaac0bc281eb9b09ca6624eb652ec1 |
| SHA256 | 1947342166d79496904a895ef47fb973976e8057943a41264b685723fc18b719 |
| SHA512 | 5a7006b7c412e66b3a65b62e14e4cb11bf911c204d5372b0fd4b8a91fd434aeb43b5b72444cf1de685985af2b02a06173f74eedfe7911d8f27cbb43debdbe8ef |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a19ddc43acb17ca6cd56088a4f8c87da |
| SHA1 | 6434fb33b63692f4246931f40e6d497378858d35 |
| SHA256 | 90fd482cb358a746cdb2fdadb6f72d16488304ff5e692937f98393daed09a423 |
| SHA512 | 31fc1a92e17feeb46b5b6314375ffa1a4dbe3f7a81fca3d2378ac8674f9f1762e0bcf541c9f1e085104f585fbb32acf640ca60650fe466610b0da8791f7f66ba |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d65dfffb7e32f26de6ab714aeb22383e |
| SHA1 | f9c428eb8556fbf9bdf430b35ecd5bd7345e0f87 |
| SHA256 | 1e29a70ff6d3d26af1006aada501320d96190ffdca2a776ae68322845540c66f |
| SHA512 | 7528d08431ea36eba29c1113153f0f0cc9e06da7beade8938d9959e97aa12872fdbc99fc99923e23c68be2919e3001c7f7db187d99aedba215e70a3689745fb6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eb3184a486c11420cd9a3eda7243ffbc |
| SHA1 | 617f494c9a2c9780763abf9c09e80ea486835ecf |
| SHA256 | 110a36055bbe8e38b703e546519ae7e56f79e1a2dc1a5d76bf79c283e20eefd0 |
| SHA512 | 5efa9c488a72a230e7dbf43525a7851150e0a51b2787ef3c19faa55d80c23e2b7b8860e845a803758407132bf8484657498aaed3903feb49470ed01df244faba |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 008197bda4e2cb2d98b1c526d8ac71fa |
| SHA1 | 823416a274a96778d76c7ff864fc7dd4067f0df4 |
| SHA256 | bf6fbe23ca70d35b6a7197c19ceb098ed7c180d2360ce7dbff8e992b6b8007ec |
| SHA512 | 98572196a248fda661b89583075dfbc3ae84d6688b222ee5fe2447c341dc0e493342566ae160f084457526e9bd0532a40779eb3835dd410bcae6a045b7ee8af6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 53270585c71c90db634d22206c085d21 |
| SHA1 | d9ef21bfdb755300616dc50bc26bb12dd9de56ad |
| SHA256 | 50d6a1b26c5dc1d05926509467c4180030f2c3dd8b9b3ed8127049ec67a5b2ea |
| SHA512 | b6e8a5ab5fe758fa69016a815f7456342d1fa21bb0dc6f1e2f3a5bdeb0548a63fada7a4d6e7a57bd19374fe68d8d6e35b5f84640fa52189c353a393b051e0fd1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2c2808b3f556a3cbd702ef6c1e046e56 |
| SHA1 | b43a65a7ef5617a285dead3c26c9b226ddfd9929 |
| SHA256 | 60045f73c282feb1476da9879a45aef474c945b97763791c66d081a999b6c9c4 |
| SHA512 | a4c9b5ece78197c3378d8f90a25afb1cdf47c3a98fa4ba28ccff67b7820b06d59a1d7b6583657c455e121423863ccb6cf298ea8d7fbf201dd9f01056e3ddad77 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 62793d3240a63915e75e480d7421b113 |
| SHA1 | 125bfe07489a19deca68d44244ec75f1545dbbb8 |
| SHA256 | 5865b5e1a1e1a8086f0bd8b97f78eeca9a6d1e1e61e235cd8521935e531e9ecd |
| SHA512 | 3fb8decbb7b3beb8cb765ec2c725691ab725fa1901dcf8dcea41bfb96dfc5622f95feaf9056f11792c449af7f1f9911368121be2d9a93f3c6ee35389bef211c0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 83b7f07c684c90ebb3c3f394060655be |
| SHA1 | 5068db2e01f91500819a594075a0bc32a12f0d37 |
| SHA256 | 9686a7888dab9205b34f1851c7cd5284e0b4f34cb30e5a07e25ee7722ec12d8a |
| SHA512 | 2ee666992ea0cbcfe6d27bae5ad59b9a945dfae036cd2b040e5dc28cb3c70e9e1a444c88d2fd7b4a0130d8dbe7571afdc84628c19a5b8751a2316c318fac4f6d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 93aabe7e93830146056ba499204a17d4 |
| SHA1 | fb208833fefe48e045183501ca3d24f2079655bc |
| SHA256 | 99a1392ac336db5251d26efb6b8010aac26ce5d07aafd3d684634c2bc7fc1119 |
| SHA512 | cc76206df9cce4b5d541191b3794b708246016ac6307e0d3cb341f62aa7d637af1762331c2645e17fa1dca1ada02409292ca3359f7edf5278733520b12bc59b9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SGVFLQJ6\www.youtube[1].xml
| MD5 | 29afd6f6e56c053d387ad9c2e76c104c |
| SHA1 | bab08ef796e50646db02a217e916850e81303be9 |
| SHA256 | a7fca51223c5186bf38519bed8870f1389b8f64d9a8d8da0b85a19ee7dcf24cb |
| SHA512 | f271686e1b4d417f350f112d57e1d55d94b8b0af49077d6f6e3fb7602f9fb3b5e6dbfc4fd3c17808aea8ef245829c1264af1d39f16e07cc53f31b73441ac4c9c |