Analysis Overview
SHA256
89a56b08fb4492af575d6f0f0478c992f1547f0d080b4f439f94228dc8baaa51
Threat Level: No (potentially) malicious behavior was detected
The file a47d8ecca5794dba96cf29eb0b05737b_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 07:47
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 07:47
Reported
2024-06-13 07:49
Platform
win7-20240221-en
Max time kernel
127s
Max time network
140s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9881" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007be0fceb16a32047b242023e8650ac7d00000000020000000000106600000001000020000000cc9c184d7b3ab6a1d37783b1a6dc866b5b9a7416fc36959faeee86b53fb18f62000000000e8000000002000020000000eac247a28fe4dc2aa9996d13063138fad619acdf7377293529ab0561ade22efc20000000952514913e2155833300eb9d04e6f33a083e78274d6bd7d70225b62a5a4ef0ef40000000306c7dfa60f6bdd461ab0b1d8a424aeee310f0d76ee57e604b866e8e4b38d003f582046ba69aac154ccd3d36f79f7eb6d2c2fe2d67f2618305827703774cbd04 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "12849" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "7284" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9453" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "7284" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "16246" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9881" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "19419" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 30486d0666bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "19419" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9947" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "7202" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "12849" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9947" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9947" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9963" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007be0fceb16a32047b242023e8650ac7d000000000200000000001066000000010000200000006c22f44c7e64655c552ca04f9a73cc45a482fef9e28e0c991863edd36aa74f53000000000e800000000200002000000075d0ff7bd72414c2f9294c2ad745eaacdf5795275da7d0d2f3abcff8885c761d9000000051fdfe4a79569ebbf0a2a449b6740c28f3bc7b4d9406bbfb94d602dc89a7f13a8cbe9b90862c7689532a7228babe1a4fc9b0a53b556919d9db8a2b642fa1ac31b0c53bb6b88d0590f9d9b64feffc2542479211ea030a5519c7c74dc658ca163fe3434810df44260c2b7349fe9cd697e514aadaea44c43ca4b5acc75f06c17ca6d88a8cded8a18228f46d7b672652870b400000009a355b835025b9d4845506d9c5aa3443ec8ba9416221e97dbd6c9da64828334611181ab1eca9e28956ec9867f3a7b50c95600a37f2242a7245f769ae383d05dc | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9453" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9963" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9453" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "7202" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "3806" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1756 wrote to memory of 2640 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1756 wrote to memory of 2640 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1756 wrote to memory of 2640 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1756 wrote to memory of 2640 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a47d8ecca5794dba96cf29eb0b05737b_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1756 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.147.35:80 | www.facebook.com | tcp |
| GB | 163.70.147.35:80 | www.facebook.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 216.58.212.214:443 | i.ytimg.com | tcp |
| GB | 216.58.212.214:443 | i.ytimg.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 4cf25a34ebad3bcea68b14795454cc36 |
| SHA1 | e655550bb943a8c273f15e19dc52d501385bd513 |
| SHA256 | 043ea676ff483f722d04f7b180a7703a86d3b5d09cd2851e38bdd6089112db40 |
| SHA512 | ba26fb38a061fd51cfaaa90fde55c997259ae35493d74f6c91f4bd05aa753a218ca9bef223285030871f08a1b2d8c0b986d84f7d6b5f5127064fecc0adec3926 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | cb85f3fcf86ef0de7ef258539cae87de |
| SHA1 | c73288fff07885a62f8c7033b348863ed3b8cad1 |
| SHA256 | 7430a96d94b1faa5363b7656b323ffa416fd262e0405e498bb143dc93443963f |
| SHA512 | dc152f2e8c8f7e316e84f7a1f3996e02c08d582d6d0e40b8bf7171e359ea952a80b7452e56690b30fe98b4655d4744e8529a930449ef1cd853e377f86294b2d2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 7a2ba330a731509bb8abeecdf2bfc0f0 |
| SHA1 | 83cfedd8b3cdca18e2f9494e2bf6a43721af4caa |
| SHA256 | a85c9d990fc91c37e48840b523273a1342aa4e435c445a3f0d2fecfc48492e09 |
| SHA512 | 8197fb733c31b1dbcd1f5ff95b4392a972a7021eecf0121e7b374e2467535c903130ad1f3176dc805e12364afb6105a1bb52d4925d7f96768f551fddb83ff08f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar29A7.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_89FBEB9EEBFF8AABF1EBFA20B87AFE7E
| MD5 | 93d7e215aefcf47b40168510056d72d6 |
| SHA1 | 5619bc9646b15b4cb48d1210def687ac858d8a78 |
| SHA256 | b4d2e1d102fceee374479c0ce2380e35042433027c7f73805293c397827a5165 |
| SHA512 | 64d96d61c1441eb72969956ffb034dd6198290d13dbf5051e76c21f781251762a0dc26674024a47391d6194299e4017a3aad2af191236778cb73173498db868e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_89FBEB9EEBFF8AABF1EBFA20B87AFE7E
| MD5 | 60c593c796591612a55accb66d6448da |
| SHA1 | 816aeadcd13ae6c0829aee7c247b5dde70c7af95 |
| SHA256 | 0a7ef74ec7fbf8eeee4907e58fe82af1928e84c8585a1684c3257db3ba58f40d |
| SHA512 | fc0b1b8d6d428ecdeb395894b6eda967b75f1835a81fa436abb6fe8b3a0d89b5bbd45292bad2eb5531155b4da048ce579b57b59c94338bce58501d60c8f4b176 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\www-embed-player[1].js
| MD5 | 8940a491297381a0ce25360e21b39bb5 |
| SHA1 | 43d7a4157e78777fc024415969c3a7bd550a4322 |
| SHA256 | afc766cb1c4a339c40d24ad926f05e8b4927eed7532b876291d0bd19adc9cf3e |
| SHA512 | 5772d7e7485db888676e69cbaf4c88af01872997338bc61e8e0344d5dba208c2909e167d54d8edcb782e17d1a2b4e9dba955baeb0ad0e43ba932b3bf25ae7dde |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\base[1].js
| MD5 | cb463df0a090cdfabc77af2691141830 |
| SHA1 | e3dde6a1f5c4803e69839154013496a781137473 |
| SHA256 | e09e2e8a3cfbcc88eea12d0b17161e1f2c8c75f1bb21100829c09f9858db3f24 |
| SHA512 | 099374f7b03a4635390b94525105884fa101d93a583eed0d92def7d2de3199d2bd57fc63d885e8e9af0863db40cf521d2fb770eb09400a4c6285f7c37ad88e8c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_7B6B0766585C28B689143E993A052643
| MD5 | a4f1ff88f1c4819543e78c57886a7121 |
| SHA1 | cac5a71476e14bfed1f747186ce724adb632a9de |
| SHA256 | 5e19bc4ac654b0f89b3c2e053888ccd3cfc56e4da5c1358b2a0349815099ff33 |
| SHA512 | 98fa0d3c44ec9f6db8d947b15370ebdffdf4b76b924f38da6a98a243f38ab54f37c945bf539293a49f567dd38a2489fab40c240aefa9d2821ae7f40a6d97fdf5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 0959e804979def8a892d88eb2f22101e |
| SHA1 | 84c443eff5ce369002525bb759cb1fa7fa538a2b |
| SHA256 | ab1697d2c6056981d0a68273b8bf980a6f4c5bc9c0b3d1b30a5c3880b9f2e136 |
| SHA512 | ec9c3b1bf359c23429feeff7b99cd994068f6625d10ba44514367bd62052c7eb24fc4ca7490a400a0925bcdb6e10b743c801b108f5fc6f14326a4787e93bbdd0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 15e676dd78f845958d69bb115a6ea7a1 |
| SHA1 | 37cc6272340756e9dc21eaa77027840e03cc7da8 |
| SHA256 | 06e086d31d7de98b50337e910981714c110f9c46f17885ecface728da5b7bef6 |
| SHA512 | 70b552f37dc9dc5e82413ae624d8c7093898e1c3bd2d6b6429f0a3b1f27c7bcdca3d96f65cb5084645e018df19838fc02da19e0e9ab6877b4f721ff6df2ecba8 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 708aee7b44d8d23601852c9d3a2c1279 |
| SHA1 | 5fbc53405dc7e1a53df7e93c5f57e941aad0bed2 |
| SHA256 | 21faba6f9efedb0dc5f6e40d4aa09e7bdc861c684d7d328eede01282389b65e9 |
| SHA512 | 2ba2da710a2025b08af5af43acb6614180d6c78c818019c5f75e810e081b0f6fd5e0b2e407fd3ef2eae0cf160d8af9b0d8a2f22ab0685254bdcd3ea380d57b64 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | a61db89929c7e7b6ecc08feb6f845deb |
| SHA1 | 827fd42e13532b8ef0c14f7b8c3ee51e2005a3e6 |
| SHA256 | b1340ff35fd69cb201b9216ee87e5d6d0fb11eecc4c56de9226d13551f05a1be |
| SHA512 | ef7cfe790a1b22ed00fbe04580506b01265c9d4b8e2d8ebceb777e95475d1658f0ab30e519889d01a870418895f642162a11e89e4568379bde8e2da70b1c870c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\embed[1].js
| MD5 | 14d69fc9da4a63c8ad5013b3d3781842 |
| SHA1 | e0272f8403d95fd27df22dff5fc014e2ab5d8a3d |
| SHA256 | e2a5632fec9da56d272ccdea5ecfa7000dc70659673c52a11966802e37a2140e |
| SHA512 | 0f85c67ae8969570f6cfa4d265013da7d4820ea11349b11b886d480d7d78df5c6aa1e7484724d6b21421db18678d22bae6d478d3d0e35506673fd609805d1976 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 0b9e01dc1d97b161285a1bfd6096851c |
| SHA1 | 1bf3ef713c607aafc47fc42f390db4fb69849f89 |
| SHA256 | ed515f2dbb905f56d055ff97640e60e1c099a9c914e9113c6588bcab3fd04996 |
| SHA512 | 5aca56e311dbf3b372326956b9e45432c327ec3953cdba872f0067511e7f34ad229b04f9b1542c6d069632dccbea74ad016c1290608042088a7ab6e89f55bc4e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 2771e9b22a76568710569c06abc365e4 |
| SHA1 | e7496e25938582181fe1552f587229a098054396 |
| SHA256 | 4d0d48d1a075a0e372c849cb3dd3f98d3ed72a5781d57a2bccf534a3a275e44a |
| SHA512 | 21683262e7ae14b5985ed95c99d366ff7525772e0e0fbba688ac62b10c6895940bc27ec65c608af2e37645f8ae68dbf3e9aab346e978a797176309c1b8ab896c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 288e6641482f1fb9d6b402a42bdf9473 |
| SHA1 | 5bc1b31339075b8cf3effab35f6abcd1e8ca3605 |
| SHA256 | 8fc7b1b66d96874487017fbc4970e87cec16b05612de3a281b47d78e4705391f |
| SHA512 | 53c79aa61d9dec395b4eb449f03ce91f4b23709d206e3910494712cc7f8dcae4cb91126e02994d60a4fc1db05b9d8a21908a33b155def6f76ff667ac219373bd |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 26e6384b7ec3a2c0e68429d8f2d8ffd5 |
| SHA1 | 2952ae3dbf0269994f057702ae998e2518ec19c2 |
| SHA256 | 25dac3321dafbb138f0ddc29a4a8e77045734d1f179e9d934707d924cd3b9b29 |
| SHA512 | c89c81d50e665ddf7a4fb8b8def9329a2352c930a8524e4893e20244be35572d45af1f93f41232a209dd88d049f267ec06dcc34a2dae112c39f39c7c0bd0d0f7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 4c2076b1b2cb963ef7fed031309789b2 |
| SHA1 | b96778f9e135e1e5ddc1de7fc8e77c877cf75775 |
| SHA256 | 7d756eec38103ed470c18dc71f0974ea5af88a25e9c15a1a3d629d8beed8304f |
| SHA512 | 6e97efddb2f862c4adeb3989735b384cd71095ae56e32727dfe8c6c78b34e79e0f8b65c889f3095b3694b618920886fe6c17508e08d74c814ab01b8f7c469d1b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | a4a6740f37bf9b972164b3092f67d38d |
| SHA1 | 1c6624a49a207bacf06d8eeb3046aad60a48da80 |
| SHA256 | 9c59c27770ba6f231009e9033455d4ee4af080972944524ba097dd36772eeae1 |
| SHA512 | ba4210f55525f3945fcc414a0311ec4784931cbb973db139e29f4faba3ecf59233a0565ccb3f1d8bedd7445c87b2028cd76f45aad0bce36aefeddcf0e43d37a0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 18b39e7fdfa11eb6cb0ef36f638f1f64 |
| SHA1 | 11ecb5d17df3b417bbff382f95aa14b39405c0ef |
| SHA256 | db3d270aff47fc8293741f5972f0c3475654a62296d05b8e1152ab654819e2cf |
| SHA512 | 118a0b920284be82bab608cd89072ff4cd5db5c16bd5d2a748975891ccf95248805f71999d7c30c2d20fe8e723f8615c6f4b94e839b357261f45dc993d7e9c75 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 88cb6842574897d97ed3d9fef02772c7 |
| SHA1 | eb2739f561802185f300bcef9cb81b395b93de24 |
| SHA256 | b61b03ad33c33f935f05a58c7b0d153cb9ebcb078a801c559b96a7bd25321caa |
| SHA512 | 19b9021c8b74d2d668946dac9d9d4a58636f5759a5407b7b13de73555b3db91bfc6013c9c9e53ea0940c62fe7be18f448ce5d01394e5fd067d5ef636c5cd523d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | f97e94a28a2c3c8dcbd4e72d12008a03 |
| SHA1 | 0da1d0d93a2e24998b5be7853fc0d056d9b07b9f |
| SHA256 | c551fba91b10f9d4f7cb95f68e34789d2904cda4b44c82ba640554f30d3ed7eb |
| SHA512 | 9f5fa98825bb64abe90f9a5447dc3930870cc1fc84b4867a2b945094b027fee6285b50050c8025546613753c61cefa32d48fa7575c0f7abea11d08f244fc7b52 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | f90b8c20d34981225c15ccfef8750eef |
| SHA1 | 2b90879c089a434b6da89cb56234dbb3e854e23c |
| SHA256 | 4eae4e6e32cbbc7cc4bb5f13e6034ff6a97ab33483e2cf6aa94ea96d33bef068 |
| SHA512 | 6f45a8b547a9e2a60467a8c375b02a3cf73c73e6e829ad35a8b281bdb3143e0333dd94f140242baeb176321824703c16268db019d729ef47736646e9cb74e32c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 3bbe09579b867f090642cbc24c99b5c6 |
| SHA1 | 5626b9a33a7ff4d8f0fe6af0cba254b9717305f7 |
| SHA256 | 70b7a3a55d505d3c1ed3f0b5b92ce934dcd374182beaa3984d825bf86798f138 |
| SHA512 | 4f4001463e42be2873ba613c6f0cd0a920e91593a32490c703c48ea153887ac94a1db94b0844e75a10a3c9431c234d51853fcd9c7c26e8eb1840da2ec17d3340 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 7a5a446bf99d4547dd6a15251738327c |
| SHA1 | de6c161100694070811210a2db010365a8540201 |
| SHA256 | 1e83eb3017ecf35e1447ae5d3b95c95d00490c24c9e6482ccf6b604e6e87cf61 |
| SHA512 | cf80dc5789adf772f5dcfc7f502f35c6333af801cef1625423c0915f613e6310e80efcc58b815b965a03123bab13011bd134ecf5f4df73acfb0f4819dd60fbde |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | c7d64339ff822289216326a9c79835e1 |
| SHA1 | 104d077786dff0b6e6d58b4dbf0cd25f0fd008c0 |
| SHA256 | df408e7c4dbb75cab3eeba9ca5ef5a5e3970f840a1c13f1a887297487978ede2 |
| SHA512 | 782fa440b5c1c4f6eea4d4787351490fb5a640a511b9ed2cc9f733587525a6dbd50ff3b31c9f9a28ef18246d07ee7b1bef6a4461b1ab74daa25cbcd2096f81a9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 8da5fdc2111dda82d84fc5a49700ac77 |
| SHA1 | 6b8480f6f10defdd6c95b573e3887cf44e614dd0 |
| SHA256 | e0f4a6bcc4db9065c86d96d35bb5b0b0b79a0be7bc498f837d850078975df9f7 |
| SHA512 | 314397c15c2ed1d7f13f21e092f82e1e998f85c0468990493a4139e54013ce6614053aa8385fcd2ea36811957f46465939b496cb4e8bf0529de1830a1e277980 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 9de3af827c2657e34fc28b6e9dfd5bee |
| SHA1 | 95fad1d2009d74af6acd1b59de77589d8e421e8c |
| SHA256 | fe36ba8d2fce98fa5cff6d3c200b2365f4488ce0867dd4ade4c0bd8b454c7a44 |
| SHA512 | df09e3e915efd18e9b90353c0ecf90ae9e8e6451fdd528a9380af9940bacf3ba7634e015bbe66895e4baaa72adc3f8db4edaed90f87a7c8299f3e308216b795f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 56f422bdef9c9f037fdfbe09a724dd0c |
| SHA1 | 1de54f450098391bf1d8890b1823738b65e3cd9b |
| SHA256 | 49a873dc5144443b93248f07d89b4b7bd359670b6d587d603945f855294e49a3 |
| SHA512 | 2955c1d29252a012050f2bc6e3984bcda28947490ba7b6a1ec7edf8fdf7d8b15c9d77a6f80a4abf0ac68a9c5239fea271e930d58cb8473d41a7cfd7ab930ccc5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | c5fce99990c529e450ac0864dfcf8b64 |
| SHA1 | d5078f86ec4dea7b0272255b8aa7b409c0c67986 |
| SHA256 | e3c67d78e121f7f4f6999f38e7cc73ed6df7186f1dab53d79d3a67ccc823c9c8 |
| SHA512 | 395e95cb95a65b0880b352676e148531595421c83c30d440c6ab89f8b579f297d3e2927b4b0ac872842d0c9ac159e1c6603fb612c1f2591e7bf6011666df7f8e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 9b90c27fe2b11550725392b51866e37a |
| SHA1 | ff7ac2d022257cb96187339d00606eaf4777adc5 |
| SHA256 | e4074bd901c0b706279d58137a25f968683b9119fe9e5c69be234b37ff1ac040 |
| SHA512 | 70675e702818d2c1bf2313ebf2c38c4b0a0ff618f05c67260be5dfcbeea8f973536b628ad3551faef3ea8b7d39516ccc111687beacc17770d22c4f2620c587f1 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 4066b240ff4b50f0f8e8fe406c2cce8f |
| SHA1 | 8438101b4a723398957429ab15008102805cdd1d |
| SHA256 | 7c860bd1d5a3b4ead24d834e6d554e51740e107f15e9968e29965afefba64f40 |
| SHA512 | 0e3be3add59a64aa21e2a24c691ed1d40a2846e915a2706dc0c8aeb9255101f5c8ca2d253291d9fcc3836e335f05a55a93e02a5be119396657f00e30cc83e02d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 7df9dee9f0e69293e46fa3cc6ad7483a |
| SHA1 | 0dde725b32905081dd8f07dfaf0992ef9c9fddd5 |
| SHA256 | 75e1f57fbcaa6ce4e6b553e793590e21c318f8c3260dc4c1c46b3bed3f52c7eb |
| SHA512 | bd14806007a0c9fbd1ecf8fb1bf7aa9eef4875e9ab38f1d1f9e6c517df6a2141036cd3b16f678e93f2e737a0e95659a975e57c4acf8293d0ae1b54935e19f1c0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 38cdda48b1742ada221e9b7977766e8b |
| SHA1 | b84caa53af3a1860a35640f523333a849b62c124 |
| SHA256 | ae151b440940d1cc066ff34d2ce03d196ea0321c323693f7bb9e8784f7de5b9d |
| SHA512 | 40a630994e30d5f4568c0c7024b7f85e55eb78b639428794ac4f202e84a9b10f48a27f9763d29ff37bbef7df20339dbac9d7139986cf0d342c98d70bb8fad384 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9659d46aac201f21f45f01e808992230 |
| SHA1 | a1ad6b9f7b305589108b986a47e28744b5bb475d |
| SHA256 | 095eb6b2ef7f206f125199130559d38539fb0456876f9f7c9905d39480ceb6da |
| SHA512 | a8427f7b42906f0b6e225aef50289e0cafd7da2802e1247df506c5290ae3d5edab9005cec6b264e6a9061cf63ce983c5af85175b82cf7039f50e89b7a3ffe176 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1687d9273f83cb7090475bcc1698eaf9 |
| SHA1 | 58dea55b807715361f3fb713f44dbbc870edeb71 |
| SHA256 | eb383d01d4e061e373f60da421ed5099e0689df2fd2463a2ebff2b8eb900c421 |
| SHA512 | 94b073a6394ed3765a40e3986c67355ac29c407d2d8cf3f9b302180a2958b252c37151ff3c9dca4c7c2a1993a2ca14eea2b8bb21de5b28514bdf841650f67336 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f5fc9cdcb5487da2640b4dba38af553a |
| SHA1 | b167ab5f6a09cd292473541e8b50344347c2e083 |
| SHA256 | 50a1d09aa4e7b3d0c7fde2d874fc3f18e946209fc209cced5271a36225c4775d |
| SHA512 | 1f6fbed3df5056d288583595beac86e8836264e6823ac9188dad12c858f0e87ab584441559035c6a9b791d23c494ff5c16f8bd589b468cf0d432b49d4e5e7ddb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1dfca6159c186d27fe2abac7d7497968 |
| SHA1 | 85a37ed7efbafbcf2e8d4e2bf9b36a0895bfdac9 |
| SHA256 | 879f4ea5c42432e25eb0d28b25f39c9e544969a4435d267c00cf8137aa10c282 |
| SHA512 | c3c8f8b44726be5db5540b941f9b5a3df08451b24832ff8ea6b2b7620bb7ff3b5e0b4de79d22b1cdd293e1dff80934c264fa51006724033f9b1238bb6673e400 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9cf2dab6f0f27980a40e9f3cd1b322c0 |
| SHA1 | 64987ab820198454f349db73621094508d7a2331 |
| SHA256 | 1c8e24fa884d8a7d08f7faf41ce92776dc9ff2f5a6a7b506618e1653549cd935 |
| SHA512 | 9216dea27b40dd7da287388e209f9d6635a1f256f71d389b16ff499417a42234bbd91f1af6cf32dc7aead922a57772d59a205cee7096d9cb62b51099d2aff400 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b19e597a9fe1e65723a1a3aa53e098a0 |
| SHA1 | 53c8b69cd70fe3174ecd8bc08201c17f7fc0c6c9 |
| SHA256 | 7a1baa4f7ba3e1e914e120376091b8b11745bca7995c8aed67cf9c98a6d70271 |
| SHA512 | 39fe611b3f9ddf74cf6540899df1b33437cbd0139152fb694c06e0f2696aa3a789a5ff41e91308ec0811ba1ed1d9715160e64c7c074ee22d05aca383db290a80 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2a47d6d4fd4e0423b55493252b840eb1 |
| SHA1 | 6fbc786f9f8849824923aabd63c2817f0e3e12b0 |
| SHA256 | c66f8724bba7c3a53b8389778857f10d25a76336772ec47757ed516ff50d8c26 |
| SHA512 | d268bc58b58446cc20c531b01adcdf0c438471bd49eaf378e7ad2a825735b3b328288c61c9c2938c86bd1748b05fb860fe0ec093810c6d05c0db5bc1ed3a769c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d9f923473aab93b942488c428ee0f764 |
| SHA1 | 76b0b57e89d727b2583af45f4deddb9c6f38649b |
| SHA256 | eaf035f152bf8d46c181137f4fd71318c7e999dbe4715bc16eeefae50937f901 |
| SHA512 | 38ff7aff887207c2d63b80727814b6b64519beb04d224b4f18a558f59d6a919b3844946d8e469be7e1d52ba7f8fea31d127e8510d96de080b581cd7f5fc6fead |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 231b8e9686612083e97584c54d9101cb |
| SHA1 | debd50a86cbd83af50f841cfee779f6f882fb5ef |
| SHA256 | f017f06ba78ca408578e994f803dab5c757f47a76a16095b0cecb37bf9f7a142 |
| SHA512 | ea5b4ba3b67f63fa850e0d3511a2cd9e2608c6890c3984d0fda9ac1e97ee00cdc4a5d687c7c9b2e44d7d6505d7421e65bc904626b6ad48f36fd887f9b7baa586 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | d565ddd3e27a01b0781d4f73ea81ccd0 |
| SHA1 | 8a4bd060a85cbc8c5ba184111711c413ed549233 |
| SHA256 | a1dc486d0c54dc77611cbf9aecefc1cebb66d9d0633b975f593985d27c5e4ab0 |
| SHA512 | 52ab7f90f47753bb59cb95f9e659ee08d643fcacb57d8b6052071fc5aff65692bd4652f4464a7fdb07ab12586dbc60c5feb639c14b4656a44961b63fd295ef71 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3PR34D8W\www.youtube[1].xml
| MD5 | 8b6076081a1ee020fbf7e18dfcbfceb1 |
| SHA1 | b6c3e990dbf4066b0e79d31daab4b9ac05c8b2ab |
| SHA256 | b0259f66b322277b1b9487a00411788926d463bf5d34e99e612d25d5f84933e1 |
| SHA512 | 68d36c31b92725db70d7777a78e9b9de7a62e88e9891eeb3e489b07d12922ca58591ed7c3a0d1a2f9009c0cfd94a5836c448841d019cecc846ee82675db6d913 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0a6af34763c79b5d0171c964240a1859 |
| SHA1 | e6d8a712234c6644e4153d03107a4d1a0c3ddc1e |
| SHA256 | 3a034c3ca1f122555ef284601e05161d57b2a816e3e1bf2f1dd823db450d1732 |
| SHA512 | b96b7f3f875336ff244e963ee46db150bd864de01eefeb67bea681c7dc8702aacb1d21e21f598bb3468cd5efc26af43dd8cc84db546c7a64ea71b4356740eb57 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e8a5b939933a78be28b349b576f2f06a |
| SHA1 | 73e3502db3de7de808f146f29be681f9f8ef14ce |
| SHA256 | a86ed2a73c188464aa80caee44055a81f7cc7926f4a6ea1c021e514a225eb9d1 |
| SHA512 | 1d09121a8c0edd8cc2b597c8fe221df29136b7c9d6fc0d7331d6d324aa76dde5ce978df127cbd9182908bb4445cf93abd6275272d8b0b9ed6a210b9815589663 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | e378bf4e8eeb8ef4f9fcc1a8f0159b0b |
| SHA1 | bdcc79fe05c042420f670b8c875f0b58a64c5bba |
| SHA256 | 85b3684f7ee04d829ac658082cd7cba311547356e902b25a526f4b56cfb17e8c |
| SHA512 | cd7367cd1b08433791666fb1bcc9a261d07c6d8440e85e200f1d4eaf42994748a5fe1109795ccf9f0c464aaf00324df7a0949d45ed6a07b1cf572e2eef2a6232 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f9ce787361e9d1adb2e0c1fe09da7a84 |
| SHA1 | e7517a01d3a54c3c32b6edaec0d4fd9bbb83f212 |
| SHA256 | b59fcbb4bb0f589109f0fc9de164a30afacca924c440325011196a8d40f88bf5 |
| SHA512 | c3c744c370058c33e254acdb4b72b9b32bdfc37faf5195d04525510a393cd291c567f78ea1544572393ee5bdc65f0e895a7a60582d18dfd3c07a1d101ef75556 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 06a4d43b836676a0c02298c24c59979a |
| SHA1 | 9480bf66364cf0e67c02b390fbe8a3a58375e05a |
| SHA256 | 1315720a4433ccbd49e7216e47be67892eeb6711aadc580a3a8e27feceb0376d |
| SHA512 | d83b4820f8461b346653d5dfbccc4608505fe81c6df56b911ced15853f29426fab00bdc2e4d4945c84cfa2c8e06bd35d0d15412ab312e61591bfa989319f611e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3bd307b9056d6bc5f5f669a6e44fcb12 |
| SHA1 | 910b482a951fba64bd2d491eee864e61cfcb4ea6 |
| SHA256 | 6f603cea0246190d6f92886e85b47db45680af43390084b26f9c4069d655576b |
| SHA512 | 486f635a869fe18833bcd93029a1f2a97a2ad216e5ebc7b28c6d2f052e9ee4236c3baa11169efb4c19b130aefef208833206a68533d389541ba0646d4de7629b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 256faf63ae37159a185291464eabae2c |
| SHA1 | 01612cf5c182aa078c8d9d41f17f438e68f85ea8 |
| SHA256 | 9ca5c5e0205b0cd9fa73df15208939827bdb80f5642812350e01f68f1011aff2 |
| SHA512 | 1f684f81776b28d0480df8eb32d5f2553526cdc96920fa4029becce10f8e779abe210494150302405654cde0281f472eb3a06a001be8319bd6ee2dbbb8900668 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 34675caa6ca37b64162e227f08c61192 |
| SHA1 | da2e3e2370873b4a9b57ce83d3fd26ef6b04cf63 |
| SHA256 | 374a4b0718d3e86b702fe0ae895121b82c025fd3279954f9d12e662e15dde500 |
| SHA512 | 96d5d8527f7818bdf490511d0d9792950ad133b9ed3d544311024fc41bd5196a2ad95ae9e5c1d73620b0c70f465ddd1954b16342824ab5ddf1261063fd41bda7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 627d228da7878016a2e638f8654dc887 |
| SHA1 | 8ca77a8277ced900e5a828868cf9e1f3a558e99a |
| SHA256 | bfbbf4798ce4941ff24fe7bf6b6a8ffc3e33528e99e5057e21698336306067d9 |
| SHA512 | a52ddfa144626fa514532ac5893b8bcba6e331698f7f8321978043c0f7744a459e5bd753e37b0e4f29fc4e1fa474288cdd4cf3df78b1b19b4c400d1105db3984 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | fc117008318f9bdbf3a6869b9603bb4d |
| SHA1 | 301b0db2e0e44b9482a24aff1e2f7a7f9bbb8be8 |
| SHA256 | 6c93f2ddd61bee69a1ddcdc4ed3d0dd33306e5abd8f6149fbd7679132425775b |
| SHA512 | cb8f430619a22e602025c8696da24599dcd8e6bb616eb4f4ce3f4bd2910fea36d824d380a3eac628e764417127cf609b52f8b049b33d1326d7c3618e511365b9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e7c1c4efde65c2bb4416d056f5ba1f8c |
| SHA1 | 10f5b50137591d10651aff4816615003a49bff81 |
| SHA256 | aa9ce032dadad43aa863ae7f00ecd8ed8d35966ec8bfb7103170692ec000add2 |
| SHA512 | 29a58a1fa4ca0c207dce967d886deaf039cd12b565a825ef3b837df86f7dca0d53f8827e1883ee5c4fedfbe6c76a63e85213474d74856adb2512dfe93a7109e0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bd47a4dda6c786c288c5e5574833b3d1 |
| SHA1 | abb1371fb9fce1305ab1a2717eaca4f29dc8fc48 |
| SHA256 | c5d7fc3fe60a752ed356f536ca1d48ef41892f4bf3c96292b669842f64afbe42 |
| SHA512 | 0d9ebd6a98fc9f3d52676cd62d7675cc0e4923934164eb9dee492ebda70bbe4ccd228f29e4a1919c0c65ce540c5354194b8238e1fe5d91a92cefd5c7ec3f3513 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 07:47
Reported
2024-06-13 07:49
Platform
win10v2004-20240611-en
Max time kernel
145s
Max time network
141s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a47d8ecca5794dba96cf29eb0b05737b_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc0d7546f8,0x7ffc0d754708,0x7ffc0d754718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5064 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5064 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,1869344954742632958,5395150361665697599,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1360 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| GB | 142.250.200.14:80 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.242.123.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.214:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| BE | 88.221.83.234:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| BE | 88.221.83.234:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 234.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b704c9ca0493bd4548ac9c69dc4a4f27 |
| SHA1 | a3e5e54e630dabe55ca18a798d9f5681e0620ba7 |
| SHA256 | 2ebd5229b9dc642afba36a27c7ac12d90196b1c50985c37e94f4c17474e15411 |
| SHA512 | 69c8116fb542b344a8c55e2658078bd3e0d3564b1e4c889b072dbc99d2b070dacbc4394dedbc22a4968a8cf9448e71f69ec71ded018c1bacc0e195b3b3072d32 |
\??\pipe\LOCAL\crashpad_4764_IAQUMFINAKRCBCBJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 477462b6ad8eaaf8d38f5e3a4daf17b0 |
| SHA1 | 86174e670c44767c08a39cc2a53c09c318326201 |
| SHA256 | e6bbd4933b9baa1df4bb633319174de07db176ec215e71c8568d27c5c577184d |
| SHA512 | a0acc2ef7fd0fcf413572eeb94d1e38aa6a682195cc03d6eaaaa0bc9e5f4b2c0033da0b835f4617aebc52069d0a10b52fc31ed53c2fe7943a480b55b7481dd4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fea161b335e47454f5cc3996470fb2bf |
| SHA1 | 292566a066ac6dc56e7dce2422a1549e24020cb7 |
| SHA256 | 19d7d4da6888e3dabaa70a10a473c66066dd75c2af7da60f72f951126176a161 |
| SHA512 | ac59fc24f100e75c51c9e9d49a8ad9e1ca0f013b23000fa0eded8d896037f4f5f27c4432ed61437d072d9f48d4280db7e9abafc8e58718fc8c7406fdaee7c3a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 38e74ed2bcbb3f51299f2368bf1f72f6 |
| SHA1 | 914bd05d1de99ce4b7b5c18eca1b52a289b773ad |
| SHA256 | 0c5544ee81979156d96be483313073260554f2a13cfeb21c047771f8bdc11e39 |
| SHA512 | 892e4357be29d518d3630c9b216478010c2c2781adb5e80846a1495728f0e46ea66aa7cc8159861bf5a8739619dc5e8060bd95999097f3234e68258a0410dee6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2228fa9828a9a37184ce1a47b0143ab8 |
| SHA1 | 16872adc117519d5322480be92e6ba66f91c2339 |
| SHA256 | d59e90bf4ba01db069a9441252bcbcff0a913798b043884c0dbe9f5fae3e7abc |
| SHA512 | 426181f412de2401c3609d0314cc87f3cd8b06ca289da2c0e4da1b5cdc9b86d27550abd46f280ca4ff4392d12b585908f250cf72bbc1e948cae24b8a3cd61ea8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c8f478afaf4a7fda620d7f2b2e02da14 |
| SHA1 | 1a16c6152c9727dc5d96ce98f87b52f2c5852d4a |
| SHA256 | 6b4e69bd86e5fd2bd7421d1d31693ece26634b2b9de1171b41d0a3c12db7e984 |
| SHA512 | b30c64005ab17f4ef111711b61c1f4a2c9465329089a662e6554a4c2c53257a78a4b2e2382667004459ce47d3ce0d30ada5ef2d110e86a1bde7e752a23f8578c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 61391f177d952df3a3d343de216073f3 |
| SHA1 | de2dd16ef8bc0b0b673067c4a6bd6adbf856987a |
| SHA256 | d345552dc39363039d5bc8bf6fc1d735811f12c2b55fbf501863e209e0356526 |
| SHA512 | 8da68c065a720c210366ba19c391f33ab530273d91d174a3c9c5358cbdfe24e3fd5b32e488c397cb78cfd60944c56a0b4b633c9c8c67caef2ceef04af5293e66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 588dfe3943b0a2561efa16beac15bb6a |
| SHA1 | f6c156d669725d2c77142aaf1bdaf7c9e752ceeb |
| SHA256 | 7be6bda58774f93c4cb935c5f63a28869c4cd07552a0bc826c1cd672076d40d8 |
| SHA512 | 58f237a952b2f0690ef0f63891c4590650c7edcce8527e1c854b862d18776da28c9b9e67b38a060ee244e11dd5a1c9a75064d7cee36145f65a07bccf2e03496b |