Analysis Overview
SHA256
17432e577c519c93888301b6eb4270780d94ec7c3aa042c8a19ba295ae90b204
Threat Level: No (potentially) malicious behavior was detected
The file a47fc65b0fe6f50bd0757c58dfd6feee_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 07:50
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 07:50
Reported
2024-06-13 07:52
Platform
win7-20240221-en
Max time kernel
129s
Max time network
140s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a030a96266bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000001076a31199e1c64e90f8c7cbe476f42e00000000020000000000106600000001000020000000a899a94b6083c8fe2d1f52e7d10c21b326c661145ec5817d60680473ef9b5c99000000000e8000000002000020000000c4305603fc05c11bdccb596c6e80480450a6df2a0f1c192501eeeea9b4565ebd900000000a6694706d85aba6d85ebaf3cd2afebe786ecc9810dc7253e3083a7e775b1c43d8d0c58619e9e6791a0ee063f5023876832e3a9890fed9e7247ec4d8490f386a57a1a32ec9487bab6b72e4f3b36cc465747130269b5b74df0a7b938d5587cb5e436fc54eb89fd7c6a84c8be7bd8adefb8203982e269fc1d572ca2e21b3ef289f02930f4bafc1ea00d4ab2c11a2673c1b4000000050c84bcafbcbe1aa4e8c296a4b6d62af6007c42a993e8705139cb0e93d21c36970db6000593f57c438cb9ff3c71b672a376b824a43badb8a00e80d2e40a02648 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424426870" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{8A68F081-2959-11EF-B238-4AE872E97954} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000001076a31199e1c64e90f8c7cbe476f42e00000000020000000000106600000001000020000000667815201d17b18386f1df04218ea0e8bbb2c4d3577562bf1eb9f1bffd04c0ea000000000e8000000002000020000000d41ef8532d82dc42482e4ca6000046ed55f366530c16620c3219bd60ced0239120000000c6421fd1a9c356e0c336fcf1cdf9cd50a7fa7aa57c3e4fc4ba743cbdc419e39a40000000f1e9951c5caa3cef7b37648ccaf742a5abb93e145b0b9b5aff30ea2eb416b758a449075a622d1627f37acf5e444591651bd116623b97aff45a1b30088e2ad55c | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1936 wrote to memory of 3024 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1936 wrote to memory of 3024 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1936 wrote to memory of 3024 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1936 wrote to memory of 3024 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a47fc65b0fe6f50bd0757c58dfd6feee_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1936 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | mybloggertricks.googlecode.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | nwidget.networkedblogs.com | udp |
| US | 8.8.8.8:53 | static.networkedblogs.com | udp |
| US | 8.8.8.8:53 | www.clickwinks.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| US | 8.8.8.8:53 | badge.facebook.com | udp |
| US | 8.8.8.8:53 | s10.histats.com | udp |
| US | 8.8.8.8:53 | feedjit.com | udp |
| US | 8.8.8.8:53 | www.ontoplist.com | udp |
| US | 8.8.8.8:53 | feeds.feedburner.com | udp |
| US | 8.8.8.8:53 | www.auto-ping.com | udp |
| US | 8.8.8.8:53 | melayang.googlecode.com | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | widgets.twimg.com | udp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| NL | 142.250.102.82:80 | melayang.googlecode.com | tcp |
| GB | 199.232.56.157:80 | platform.twitter.com | tcp |
| NL | 142.250.102.82:80 | melayang.googlecode.com | tcp |
| GB | 199.232.56.157:80 | platform.twitter.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| US | 104.20.18.71:80 | s10.histats.com | tcp |
| US | 104.20.18.71:80 | s10.histats.com | tcp |
| GB | 163.70.151.21:80 | connect.facebook.net | tcp |
| GB | 163.70.151.21:80 | connect.facebook.net | tcp |
| DE | 94.130.218.80:80 | www.auto-ping.com | tcp |
| GB | 163.70.151.23:80 | badge.facebook.com | tcp |
| DE | 94.130.218.80:80 | www.auto-ping.com | tcp |
| GB | 163.70.151.23:80 | badge.facebook.com | tcp |
| US | 192.185.189.52:80 | www.clickwinks.com | tcp |
| US | 192.185.189.52:80 | www.clickwinks.com | tcp |
| GB | 142.250.187.206:80 | feeds.feedburner.com | tcp |
| GB | 142.250.187.206:80 | feeds.feedburner.com | tcp |
| US | 104.26.10.22:80 | www.widgeo.net | tcp |
| US | 104.26.10.22:80 | www.widgeo.net | tcp |
| NL | 142.250.102.82:80 | melayang.googlecode.com | tcp |
| NL | 142.250.102.82:80 | melayang.googlecode.com | tcp |
| US | 8.12.18.87:80 | www.ontoplist.com | tcp |
| US | 8.12.18.87:80 | www.ontoplist.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| GB | 163.70.151.23:443 | badge.facebook.com | tcp |
| US | 8.12.18.87:443 | www.ontoplist.com | tcp |
| US | 8.8.8.8:53 | themes.googleusercontent.com | udp |
| US | 8.8.8.8:53 | m.facebook.com | udp |
| GB | 163.70.151.35:443 | m.facebook.com | tcp |
| GB | 163.70.151.35:443 | m.facebook.com | tcp |
| GB | 172.217.16.225:80 | themes.googleusercontent.com | tcp |
| GB | 172.217.16.225:80 | themes.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | www.blogblog.com | udp |
| GB | 142.250.178.9:80 | www.blogblog.com | tcp |
| GB | 142.250.178.9:80 | www.blogblog.com | tcp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | s4.histats.com | udp |
| CA | 54.39.128.162:443 | s4.histats.com | tcp |
| CA | 54.39.128.162:443 | s4.histats.com | tcp |
| US | 104.20.18.71:443 | s10.histats.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| BE | 23.14.90.73:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | www4.shoutmix.com | udp |
| US | 104.26.10.22:443 | www.widgeo.net | tcp |
| US | 104.26.10.22:443 | www.widgeo.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| US | 104.26.10.22:443 | www.widgeo.net | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 104.21.64.34:80 | www4.shoutmix.com | tcp |
| US | 104.21.64.34:80 | www4.shoutmix.com | tcp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | shoutmixcasinos.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 172.67.196.83:443 | shoutmixcasinos.com | tcp |
| US | 172.67.196.83:443 | shoutmixcasinos.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| US | 8.8.8.8:53 | arvigorothan.com | udp |
| US | 104.21.30.34:443 | arvigorothan.com | tcp |
| US | 104.21.30.34:443 | arvigorothan.com | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| GB | 172.217.169.67:80 | c.pki.goog | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| GB | 172.217.169.67:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| US | 172.67.196.83:443 | shoutmixcasinos.com | tcp |
| US | 172.67.196.83:443 | shoutmixcasinos.com | tcp |
| US | 172.67.196.83:443 | shoutmixcasinos.com | tcp |
| US | 172.67.196.83:443 | shoutmixcasinos.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | ajax.aspnetcdn.com | udp |
| US | 152.199.19.160:443 | ajax.aspnetcdn.com | tcp |
| US | 152.199.19.160:443 | ajax.aspnetcdn.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| CA | 54.39.128.162:443 | s4.histats.com | tcp |
| CA | 54.39.128.162:443 | s4.histats.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab2435.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\Local\Temp\Tar2448.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 921f281df9cdb1eb261bfe34d31f087d |
| SHA1 | 433a14d57e9fea28ab995e1fe779da4792583e90 |
| SHA256 | a3dc9a4622422235dc7f91e8224c4713ca0b3c3c8193c252470382267dfba7ba |
| SHA512 | e2b1d95bfb8cbdcedb3999f71bac4c5dd384f698b6d9c4c93fcf0828bfe2b250b5bad7bedbce672c708708849ccc29a91a9216cd17c616e3758c125ee7cadb61 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | cb85f3fcf86ef0de7ef258539cae87de |
| SHA1 | c73288fff07885a62f8c7033b348863ed3b8cad1 |
| SHA256 | 7430a96d94b1faa5363b7656b323ffa416fd262e0405e498bb143dc93443963f |
| SHA512 | dc152f2e8c8f7e316e84f7a1f3996e02c08d582d6d0e40b8bf7171e359ea952a80b7452e56690b30fe98b4655d4744e8529a930449ef1cd853e377f86294b2d2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | e6fc3fa8adfc08bb7afb33d91892aade |
| SHA1 | 2d55a86e3c366f5033e346400dcdc23731791d90 |
| SHA256 | b119add9ddf7ffdd1bc60be74fd0021fc5b8e377192ac647c5270e6dffb7efd0 |
| SHA512 | bf8e367ca0a51e9af066678cdf9221fcc938b938398e82c5b8304e1c1a1077c519ad05652774ce1bc91735f8e419efbff3bbf34ed667b57ce7ce33f77f5575d0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 635bde0472cd873abeb68d97ab89a858 |
| SHA1 | 2993cd9bf6a21324e5202aa8bc106757e66eb0f6 |
| SHA256 | bf969644903bef5a5facd30df3cf0e6b09f6d7220c0e2521a5c4a66428da3b7c |
| SHA512 | 68c96c5f1df08ee64a2d5c94796bb4bbb614ac2c7f8649ebd60711ccc090402000df2b0225720a2d9b4a8b760bfb80ccd7ea9a206568a0d4733aca8b14ad3168 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295
| MD5 | c564e5fee04ab7e6ed7fc3d38f0e53c4 |
| SHA1 | dc9ad1e1b4cecc23db267ab93ff5666bb6cd3acf |
| SHA256 | f60551a18b046aa518f0ac0fa78dc7c5fae8f06fbf3e8a97dca544c415b659d8 |
| SHA512 | 12001c7358d9b21e4d1428b9ad2ba9787ef8563fbe4397c551db4b5aee701c5d92ecf82082734bec952a62020835d110b3ab2e47bafd95bcafd56ee45910c487 |
C:\Users\Admin\AppData\Local\Temp\Tar2538.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295
| MD5 | a4c3e4b3f212ccf9719236eaa8f728be |
| SHA1 | e017a18974a9969ca60ca2499ac54b464d91a2ef |
| SHA256 | 0641546fbe6a6bf201d918796cf5efa992632208053037f369a6173cc2afd39a |
| SHA512 | c4c229eec604f4022ab0d439eb8b95bbdbb554d809d4571745957f0da5dc740e4ecb13757273b9dcf9f431a5b1ca40d53a539e2ccfaadbf7c161dba6b8b2734f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a42dc5faa3eaec80da9356f97f8f2422 |
| SHA1 | 45ec2a6623e5a70968ac7579b7ca7c269e4a8911 |
| SHA256 | c9f73a4d90034a67ec130b2d234861bab7e04f7630b830f7f406d349b73d45d3 |
| SHA512 | 0bd4b0246760a747d03cbdebb7715f4781ee920e25aac3b9550b67bab94c613d6ffd9a2c35e3778d528c78c7cad1ac72620d4d3c359dfd89ad8278d664c642ca |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eefe24ce931d393b2384473a3fa1205f |
| SHA1 | a2718daaf50c994cf3a0c7da0842b83672830a32 |
| SHA256 | f1b7d874cc3beb64756fa8e593f72a26015586fc7f2da28aa3b3012b485155c3 |
| SHA512 | 7dcf51ed4da788783061dbc7cefac1f7828c41a73fcc6ef873f7c39ecd685a42f24d3e60b7120b52bb2be6849b9d53dc95275bdb6d8e77ad41c3c06cdf32f6f8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 25eb8783adf0022344d99904e4e55da0 |
| SHA1 | d1f75bd0d68bf25286cdb6c41eec0b5eb8baf37e |
| SHA256 | 840675f2d52d6f9f0be331bce29b9f2997cf83130579cb93cacbfe0b63e5ac0e |
| SHA512 | 78ec0feb6fdb0185e01efd09bca5dd8bf85b1c1b4594d17cfe7509ec6f45054c99f8944906833f6c8f1d72cfc2c1c05ef77c88d159675ce9be5fe71840e15a3d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7817640e66c8ae408f19c0e341dbdc9f |
| SHA1 | 2d58cf28f0b5d40bbc45440314b941fc6065382e |
| SHA256 | 07f50bfc553fe8642afc879ce767c97a24955052396008a1accf3a5440d75e3b |
| SHA512 | a3d237eb750c668b63f462c3a74f831b6ff8b9142d8b7bd20a04a838f669c418ec55a8f228108aa8746aade21ea5846b8da1bc25029b5a9e395f9569a53e064e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\all[1].js
| MD5 | c3fc04e847d68943aada8d0078a5df87 |
| SHA1 | b053e24585b393a120e5cf342567e2cfb3316673 |
| SHA256 | a4d062920c00fbba4fa6337f3293e68dcb6840b815591d7f66d3aa286f2c9be1 |
| SHA512 | 380c619177e910bc0cfbe7aa5784c2d10df51c59eabd77216d8f8985a9676e06bce847b13004824ee5c77e7ebaf44088dd9d5b157902ea41639180ecdfd5559e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\platform_gapi.iframes.style.common[1].js
| MD5 | 682c26af19b240f98d2cb951721fa54d |
| SHA1 | 18e58b652c7f82a55ab4b1910693686049e25d62 |
| SHA256 | 96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980 |
| SHA512 | 078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\cb=gapi[3].js
| MD5 | f9255a0dec7524a9a3e867a9f878a68b |
| SHA1 | 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b |
| SHA256 | d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d |
| SHA512 | d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8655998d35c2746a9173c562eae1ec5a |
| SHA1 | c115f93dfad7ad79c434d1347c372a7b35c8bdaa |
| SHA256 | 8eaf46ada215dfca8906c9a32b634dd61365dfce8c6c941188b03285474147c0 |
| SHA512 | 4ff720dfc4b7f8c63d3c2269eff3261f86dab4c97ef6317d4aa6232b7b00d9f07690f6bc15472a8b8369351f5f37842b28d8cf2b67b33dc54dffd124ede7360f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
| MD5 | 963fb4767a3178b64f9d6a85b1be20c8 |
| SHA1 | accd3b2fa42e44a95334a871aedc4d5dcdb9f75e |
| SHA256 | 0856eac480fa22bc38f7e052b698db3126cfc9b86f8ce8df69be90f417fecf44 |
| SHA512 | bf61c2710f4f118402c230091a88b3829e221f38e02082dbd1665be06d71bc29e51e6421712950deaf9923b47e3ffd9c60adfa3e35c04f6603dc1a57c498f9a6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 178917874fb90ca9435ce19afca218ea |
| SHA1 | c7e2336700dcc211d249d1ee75b139d66045d186 |
| SHA256 | 7e0f6b3396d6b1f1c2d009a28118797485228b5db8ac263d89164e880a465749 |
| SHA512 | 0e1abac0915e9c402895392ea15a94ee63b0dcdf24558d2613201d8f876c912a704b2fefa7eeb39d84c2b8812d2bb139621c24b56575be81833279b26ed76039 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 154ee29b260a45188e204e2b960d8f57 |
| SHA1 | f9fa3086cf95ddadd3ad3e69d3bf9c0349f02fdf |
| SHA256 | b856bcc77d522c38114cf9cdcd0c8c711b50e3fcd1f0025368b49792681c9e60 |
| SHA512 | 70ab6e77146997f39e083fdbb9fb61c2b7d548285e8b41c27868353317e592c27e4b6d94af0d0aa25d1047e143a3b5cd96590c1bd320cc7b788fd54b695dbf4b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 26cfd00f04e2a6c00d601b7af126accc |
| SHA1 | b6e033ff8ecec0cf27337ff0c8cc287c85d0f394 |
| SHA256 | de7faabd84e0376b61793aa09458a327e9827f6f65537402b826c78cb25bd194 |
| SHA512 | 2b4cab0d41ee7f8fb3f23bcc7eb8deddecf035ea0444361046d672a40386ffdf63234a62761673bc8fc61733188f834fa8a94b895645d1650ec772ede3e7eed9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 080f6cff319b23b8880a74da72f4bd75 |
| SHA1 | 8d271204834a170d0ed09245171a3694da4ded50 |
| SHA256 | ab8bd24f03bdfc6e9e955fc2470f6fe4a8ed8cddacbc2430048503600417fcc0 |
| SHA512 | baa864d5f64759d8f4f9efd2cc189dd75fead783568b04634feb713dfda79f7356196ab2bfd79971e6287116592363f418a0fec6f065cadafc999f88e4c6e399 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c1153f4d3cdf4549009f66712b8741a7 |
| SHA1 | 55f6ef8f88e2f8ee6577996224a5e63d7b22303b |
| SHA256 | 89f84d0e2d5ae57053a93711b74554a5a2dfaf1b0336cd3f3b8cd677981a108c |
| SHA512 | 01c6abf370383ae509ec3a71f0b7de6b6d10a1e135ffe05cbe7711605aa761842b28fbb499e0bacbd79c0b9bfe75aed2c6f372c9ce6f0ece036768359bc5f98d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3dffd055693611414911748689adef02 |
| SHA1 | 7e42b0d77a836cede9808066de929ff6d4a02c2e |
| SHA256 | f8880cc5eedab4429e75c4a9fffe35cafdcb39d8cf0c1386721b400756e72305 |
| SHA512 | 097cc6da031ba243f54181a8053ecb109d13f3db834fef549ddedba247785adf6a8e7c79607053b23cb1997830bd08ab1fff851142e606d84ecc819e622cab3e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 071b6261927f3d83ff0b0751e758caa5 |
| SHA1 | ecef2b813b67cde5012a94a0187867d9cb1679aa |
| SHA256 | f80de86413a40b4bcaa33fc159df527a313862b7774ff879ebae09e858cb0ea4 |
| SHA512 | a2a1b7aafa8b9a2eb489436708dcd4e8fa98d47c2bd17c5dcab7314b67ec6cb703c48737f8a4cda7a8941980da82afbb6eb897a957bcfd284e7dd347a19e237b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\errorPageStrings[1]
| MD5 | e3e4a98353f119b80b323302f26b78fa |
| SHA1 | 20ee35a370cdd3a8a7d04b506410300fd0a6a864 |
| SHA256 | 9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66 |
| SHA512 | d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6f9d00221474951b62711efd216bfa00 |
| SHA1 | 75b808812904a99924b83ba4ff9ce3ca6bb61a53 |
| SHA256 | 2cd8c811dc7976d1725853731e8f41acfd088c88be524dffee5c40e2ddba151c |
| SHA512 | d3329b137e863b5b1ba00f9416297536233df82eb1c5449adf541bfc8f8955e57e0bdcf07867da21b15caad8202a17891f5de0bfe3cf513f718a3d3f91efd127 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\httpErrorPagesScripts[1]
| MD5 | 3f57b781cb3ef114dd0b665151571b7b |
| SHA1 | ce6a63f996df3a1cccb81720e21204b825e0238c |
| SHA256 | 46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad |
| SHA512 | 8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 33e287ded5d61e6a98c0237440c60ccd |
| SHA1 | 4f07cde1924bcb02055062fd51f7283d9ec351cf |
| SHA256 | c203e1801fca4993ef5cc9712e4fbe6751fceecdd375326cead690876ec8885d |
| SHA512 | a0292a5e41f21bdaf8e1acdd3c7759f50b25ce85c44c180c43efe19391654f31939180f2075e4e86f79fbf09418738205e5dd9a813c1a094321e437a6e2407e4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8efe681c681e2ad67b59ec05d527f3fe |
| SHA1 | 84867991b3718d43f4f9940a07fffa4bb0b677e8 |
| SHA256 | caed8bd8f52630171cc1aead2fdb14896fd45fe08b9fc6c8a7db6707a8a01bbd |
| SHA512 | c868c0e54bcba5217519d540f483d013b65c46e49224f30f5874101ca275a07fe4726d4f9f7a3c23190da5f0c3a6f8b3b8ecd92cd656b0c325b6b59d570a1aa0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 79e5be87b62a13b448f63a96050f44fd |
| SHA1 | ac300ad6a62ff09c76a5ffe1c38c6490b895ad78 |
| SHA256 | cdc9501e9551d91322fa4961d5d1e8cabe1424a9531bc76cf3f5415d527c49e2 |
| SHA512 | a3c7e826547b9403ca89bc92f045530e9b204defd84990f44bab81512ea25b9f7f1306c26a65e8a958933d631ecd6b33a4b742e1f24f4cf77636cbb9f8104f1a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 86275e885b6406a4e921e5dfd56e8231 |
| SHA1 | 4b048ccfc0ba406ec9f8ca28bc41aa09c6380187 |
| SHA256 | 0bdd8db89de33f0b20c50a5f6da39cb0ebce18e9c2d9083d5a1a2290827ddb6e |
| SHA512 | 9f463a6c34cdf9d06b4225b6116d3ea1b35231ec4269ad1d52b06a9b13ecbb1135b24e711b30ab20093f5dc7e77ad6fa2530f192326bb32f6c8ad04436d4182f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 16693b439fcb9102fd62b5c2e3b7f8f8 |
| SHA1 | 8a0af5d011414fba1e22efdd1ffbec6a5fcc48fd |
| SHA256 | 613238f704833d97e5ed6de3733df4550218ae0a1078d3f0e0936234d0c05c00 |
| SHA512 | fc1cf8ce431f89c60dedb71bbef0be28e3bea1de907c84e497038a5aa0d2ad1f8e5658244dbae9183a2134aba8f6956cb4e777952da6bb0351c26c9b1798e76f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 54fc31ebe64eeeba89eac1acb8d4fea5 |
| SHA1 | dfcb8d4c273dc9c53e57de2a7115e3fe9e844153 |
| SHA256 | dd359cfc39adbc17a20d474445ddad198a6bb7c83ee6d59e9f3e4924f0643e33 |
| SHA512 | 3efbd6380d8a3418a4365a3e6861b4f67f4b4fda333b9b9919289a42881700c44d199326c6ad1cb3e368b1696a961b6af53af9c157552671e7c7c6126e72aa32 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 87a01bd9b132f190bc8e268a968135a7 |
| SHA1 | 319fd9601bbaba14f43ab67c971e66294f324080 |
| SHA256 | 97135216e47eb40514e5945dc997a8239188f6a41d6a28b098021e23969434ce |
| SHA512 | b9dbcc7151007105141e2d9a00fdd3e30bb5f4bc49bb8caabb996984764958142a3dc28d64e193b7f886a9149db365104f876a7edccc134d58acd4b16bd61ba5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 79ab1b798ebd82f0c9689d136a2f3fa9 |
| SHA1 | 92c4f70e9308ba683eb45eb37eddf735443c0941 |
| SHA256 | 55fe0936f2232dacfb12dcf0953fb88cec13a88849c83c91221dd64733397ebd |
| SHA512 | 7a8408a377b49bf745b48ece2868e587fd60a8a4d774e090840d1614ed9925fe1de5bf55f52780c0bde70c033f900b6512198b4dd3d5bd254d722eebdfd5f604 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 030e382089b76fde835f02ddd1fae1c2 |
| SHA1 | 5113431997919080b3a83b50811c703906298664 |
| SHA256 | 8205264a6a1250747370d11d0ac60575e4c1927ffd5bb3d4d363e81108ce6081 |
| SHA512 | 304d327eb34d740ebfd71068d404ce6937bc24248fba20d66c13931c3ac0fe16e03569122da17ca3d8ffc2bb87121ceefbc9f2a00497aaeeba020e24399d7633 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 291680482b81405cda4ee0120abbaaca |
| SHA1 | f68952ef5ff302ed6dd7a5d6b7bc1d1a1b606676 |
| SHA256 | 8995be4df9081b23a02e2b1b0b4289d31992a1c49e179d604771a31c5ce1471c |
| SHA512 | f95d6badcaeb586ddf2f38c39d213f63b18a6e729d68a3b3b338fb3bb3177644570e16d40ed885e4f1e95d9d56098fc1ba614a387e258f9a1f8ee2cd55cc8b61 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f5d1bc30b1670e346751bd1300a8af55 |
| SHA1 | 0ce0524a93398c9dab29c2515f06a5b828d9990e |
| SHA256 | ec5fb9273de03b91bb3982f8000c84b745544cefe4116384d25904b0aa42d5ec |
| SHA512 | 25bbcfbc0c68a4a79aab1a734b3db58f47894d228141a9aa957e2530146930759ed39749618a4d284e53efbbe146ea9f35f720043ceb8579392e05afa22987b0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 691ee15ab90da6c9da6aeb2f78de9a08 |
| SHA1 | 201db8b3ce718df298dfc30d01f35a67db5dd1c7 |
| SHA256 | 2083db0e46005227801d49d55a2f8de9d7968142c223d3dafa03c931e1387520 |
| SHA512 | 7f7e0baf73fd200353d6f86a8c21abe5ee760a9849cc49bbd490cbae815777ec43df7e09cf5012614cf5adcf3e215bd97e25693b7ccf7fec293183e1ac19932c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | ddf3649b44843fb693389365217a741c |
| SHA1 | 080d95b9d4d4c9c51981e2cc230bccc3e759bb69 |
| SHA256 | ddcfb5eb3f99f35cb494e632570d5780a946da2b0c7158a0006b7366ef33e6a1 |
| SHA512 | 80b1ff1a44e6108ffb154e65557cf46ea80e63753a070503b30254ae62b5981f00ed21498c7ac8cab6984e035bf7f61e4c5d494192954b2bf4b817c0b14585a4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 11782dcf115e8336dff0d0ad6600b2ac |
| SHA1 | af35fa31684c15b5eb71919700aac2eb6dbf51fe |
| SHA256 | 78db32a77371a478fc49cb7c53dcf846c0e863b0a87fa75b650ceb72ebd727d4 |
| SHA512 | 91b016ddae33b6763a7f7bf15951376a029ed7312981ff8fdea71e6c654036bd19f018358dc37fc0443251a26ec8448f6ceb98c8e4059e1abb67765ff39543dd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c62381b20a0ccbbaa0e3ba2eaa6e82ad |
| SHA1 | b31037f4b64e0bcf00e3ec963e3d8beb5e4f6624 |
| SHA256 | 66f59acc606639b9bc93317224b4f3383f7bac1d2786ca77520a38c294c86097 |
| SHA512 | 68369e216f61246a5f6076f509e4318a5ddbcd6ca3bb36ccd899ec7137665939e7c31fe81e63cd20dafa162416544406fae8e9b121f15e4dd46c61510f27e28a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2fca5a8661419eccd1b93cf2579f983f |
| SHA1 | 50fe889478bfc752988086067626980a83caac4c |
| SHA256 | 3966866d9ba0cf7bb1e89aaf783b4d1a4efb5b6c029c0991414d43eafb5a01f8 |
| SHA512 | f4c0406db415c9a53f76458f524defd568b1f70975febf2648c3194500c61bbbfce312f63357a6e902f764cfb35739fae608fe49dbc468d7991ad29924de912d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8128a94f9479b21652a54877d2947571 |
| SHA1 | 2a8bc8b24acdab2d69a1e0dc4e4c092344fb1183 |
| SHA256 | 4171d2b5ce42a49b32ced54e3b6ad782224c01e2ed06996458980afdb6495d31 |
| SHA512 | 27852e5e1ec69019ccfc96353119ddb9361360650ee39140da164e20564e886e81cb7c2a1e3fbe524a2d6b343fcc588e24366cfc1057e9e3e9c0c2bc7ffdbd6d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e9b9c491a9658474f1d180ae9b663702 |
| SHA1 | 792a7f834f8e17dece399922fb5ac8756507a457 |
| SHA256 | 63eb4efc47be5ed893b5c1bd7f9fc5d66821a2207209dbd98ed5d2f4c458b43a |
| SHA512 | 618824b09680db1d937545dfd9048b6f5e9ad9a3cf2b2f39071de8474d6fbad52be87e7dee87ebc380188f4fe41971a210fdd9f8adabc8f1afa86e2a965175d6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 78cbf17a1ad00b5bdf6d6ebc725405ca |
| SHA1 | 269072c167ddc55e0439406d1a3cc8aa3ca9ea6f |
| SHA256 | 16cbb59d1713d4ce7945b6000c9f89d393f710013806f431e9393ced08a96cac |
| SHA512 | 302c9acf73a08e0d87d79f1bfe3a462f056847605a5f0fd6867b3eb7a3a11049acbc26e7d189a7e090a90bc4c576ffa0ab7791a2b0f503e5e63bfc93f80cd365 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3767d393d36e73be3b82a72f2f0a0945 |
| SHA1 | 0bbae3a5d18cdd681eff86b55f4dbe8bda63e41c |
| SHA256 | 3471798be94b551451ee754e7ac884349f78b0b77e4fa440b045b3efaf609349 |
| SHA512 | c52c88aada1fce9ac631c528d377b0ad82bbf2b8025e76cff7769daf9cfe803e5542453f22a99920cdf78f5ce8e4d50fa2cdfe4d3cc5c21063e7171479fad1ab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6b28ee3bd49bac35ff372a7ab9b43313 |
| SHA1 | fbbaee4db58e76bc208bdfa0b4f32a328780f07d |
| SHA256 | 2b2a0d223acb927ff18963c8242958312d9b121ed0e83b0846d4307a15ba7cab |
| SHA512 | 0948a9ae3fbc5b26ffc1e530c4980c6a5129ec4dd1dfd72744db7a836360bfa1049c5d3108aba1145b00fcbb74d525aed18ffaf7ce53161c7f827e8b65416525 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 706bf5b13e2b83adb7260eb05ddb1a1a |
| SHA1 | ed5948b63f11b22169d123179871da58eb91155e |
| SHA256 | 206a9de616d93c4496393c0d3d89e99d2bfbc9c6eebffab2abd8b8448a4fc792 |
| SHA512 | 67ecd08445a78980bf6149bea0550eb27195bbad01bab8be578d236250b3c76018814006ab14590a6ffd81412553c14d13f728f63fc387f240cee133d453b507 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\rpc_shindig_random[1].js
| MD5 | 6a90a8e611705b6e5953757cc549ce8c |
| SHA1 | 3e7416db7afe4cfdf3980daba308df560b4bede6 |
| SHA256 | 51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679 |
| SHA512 | 583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\3604799710-postmessagerelay[1].js
| MD5 | 40aaadf2a7451d276b940cddefb2d0ed |
| SHA1 | b2fc8129a4f5e5a0c8cb631218f40a4230444d9e |
| SHA256 | 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2 |
| SHA512 | 6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 07:50
Reported
2024-06-13 07:52
Platform
win10v2004-20240226-en
Max time kernel
146s
Max time network
151s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a47fc65b0fe6f50bd0757c58dfd6feee_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3716 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4820 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=560 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=4748 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5772 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=5732 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=6024 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6168 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=6304 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=6952 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=7084 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --mojo-platform-channel-handle=7252 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=7776 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 13.87.96.169:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | mybloggertricks.googlecode.com | udp |
| US | 8.8.8.8:53 | mybloggertricks.googlecode.com | udp |
| US | 8.8.8.8:53 | static.networkedblogs.com | udp |
| US | 8.8.8.8:53 | static.networkedblogs.com | udp |
| US | 8.8.8.8:53 | nwidget.networkedblogs.com | udp |
| US | 8.8.8.8:53 | nwidget.networkedblogs.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| NL | 142.250.102.82:80 | mybloggertricks.googlecode.com | tcp |
| US | 8.8.8.8:53 | nwidget.networkedblogs.com | udp |
| US | 8.8.8.8:53 | static.networkedblogs.com | udp |
| US | 8.8.8.8:53 | www.clickwinks.com | udp |
| US | 8.8.8.8:53 | www.clickwinks.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 192.185.189.52:80 | www.clickwinks.com | tcp |
| PL | 93.184.220.66:80 | platform.twitter.com | tcp |
| SE | 23.34.233.128:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| SE | 184.31.15.40:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| US | 8.8.8.8:53 | badge.facebook.com | udp |
| US | 8.8.8.8:53 | badge.facebook.com | udp |
| US | 8.8.8.8:53 | badge.facebook.com | udp |
| US | 8.8.8.8:53 | badge.facebook.com | udp |
| GB | 163.70.151.23:443 | badge.facebook.com | udp |
| GB | 163.70.151.23:443 | badge.facebook.com | tcp |
| US | 8.8.8.8:53 | s10.histats.com | udp |
| US | 8.8.8.8:53 | s10.histats.com | udp |
| US | 8.8.8.8:53 | feedjit.com | udp |
| US | 8.8.8.8:53 | feedjit.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| GB | 172.217.16.238:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | feedjit.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.ontoplist.com | udp |
| US | 8.8.8.8:53 | www.ontoplist.com | udp |
| US | 8.8.8.8:53 | www.auto-ping.com | udp |
| US | 8.8.8.8:53 | www.auto-ping.com | udp |
| US | 8.8.8.8:53 | melayang.googlecode.com | udp |
| US | 8.8.8.8:53 | melayang.googlecode.com | udp |
| US | 8.8.8.8:53 | widgets.twimg.com | udp |
| US | 8.8.8.8:53 | widgets.twimg.com | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | themes.googleusercontent.com | udp |
| US | 8.8.8.8:53 | themes.googleusercontent.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.12.18.87:80 | www.ontoplist.com | tcp |
| DE | 94.130.218.80:80 | www.auto-ping.com | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| NL | 142.250.102.82:80 | melayang.googlecode.com | tcp |
| GB | 172.217.16.225:80 | themes.googleusercontent.com | tcp |
| GB | 142.250.178.9:443 | www.blogger.com | tcp |
| US | 8.8.8.8:53 | www.blogblog.com | udp |
| US | 8.8.8.8:53 | www.blogblog.com | udp |
| GB | 142.250.178.9:443 | www.blogblog.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| GB | 142.250.178.9:443 | www.blogblog.com | tcp |
| GB | 142.250.178.9:443 | www.blogblog.com | tcp |
| US | 8.8.8.8:53 | widgets.twimg.com | udp |
| GB | 142.250.178.9:80 | www.blogblog.com | tcp |
| US | 8.8.8.8:53 | feeds.feedburner.com | udp |
| US | 8.8.8.8:53 | feeds.feedburner.com | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | themes.googleusercontent.com | udp |
| US | 8.8.8.8:53 | themes.googleusercontent.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | s10.histats.com | udp |
| US | 8.8.8.8:53 | s10.histats.com | udp |
| GB | 142.250.187.206:80 | feeds.feedburner.com | tcp |
| US | 8.8.8.8:53 | 66.220.184.93.in-addr.arpa | udp |
| US | 104.26.10.22:443 | www.widgeo.net | udp |
| US | 104.20.19.71:443 | s10.histats.com | tcp |
| GB | 172.217.16.225:443 | themes.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.189.185.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.15.31.184.in-addr.arpa | udp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.169.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.218.130.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.18.12.8.in-addr.arpa | udp |
| GB | 216.58.204.66:445 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | www.ontoplist.com | udp |
| US | 8.8.8.8:53 | www.ontoplist.com | udp |
| GB | 142.250.178.9:443 | www.blogger.com | udp |
| US | 8.12.18.87:443 | www.ontoplist.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.19.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.10.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 142.250.178.9:443 | resources.blogblog.com | tcp |
| GB | 216.58.204.66:139 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | s4.histats.com | udp |
| US | 8.8.8.8:53 | s4.histats.com | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www4.shoutmix.com | udp |
| US | 8.8.8.8:53 | www4.shoutmix.com | udp |
| US | 8.8.8.8:53 | www4.shoutmix.com | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 104.26.10.22:445 | www.widgeo.net | tcp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| GB | 172.217.16.238:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 172.217.16.238:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| NL | 142.250.102.82:80 | melayang.googlecode.com | tcp |
| CA | 142.4.219.198:443 | s4.histats.com | tcp |
| US | 104.26.11.22:443 | www.widgeo.net | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | 22.11.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.219.4.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 104.26.11.22:445 | www.widgeo.net | tcp |
| US | 172.67.69.193:445 | www.widgeo.net | tcp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 13.89.179.12:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 12.179.89.13.in-addr.arpa | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | www4.shoutmix.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | www4.shoutmix.com | udp |
| US | 8.8.8.8:53 | www4.shoutmix.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 104.21.64.34:443 | www4.shoutmix.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| GB | 216.58.201.110:80 | developers.google.com | tcp |
| US | 104.21.64.34:443 | www4.shoutmix.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | shoutmixcasinos.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | shoutmixcasinos.com | udp |
| US | 8.8.8.8:53 | shoutmixcasinos.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 172.67.196.83:443 | shoutmixcasinos.com | udp |
| GB | 216.58.201.110:443 | developers.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 151.101.188.157:443 | platform.twitter.com | tcp |
| US | 8.8.8.8:53 | arvigorothan.com | udp |
| US | 8.8.8.8:53 | arvigorothan.com | udp |
| US | 151.101.188.157:443 | platform.twitter.com | tcp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 104.244.42.136:443 | syndication.twitter.com | tcp |
| US | 172.67.150.119:443 | arvigorothan.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | steejiwoowu.net | udp |
| US | 8.8.8.8:53 | steejiwoowu.net | udp |
| NL | 139.45.197.244:443 | steejiwoowu.net | tcp |
| US | 8.8.8.8:53 | 34.64.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.196.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.188.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.150.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | my.rtmark.net | udp |
| US | 8.8.8.8:53 | my.rtmark.net | udp |
| US | 8.8.8.8:53 | yonmewon.com | udp |
| US | 8.8.8.8:53 | yonmewon.com | udp |
| US | 8.8.8.8:53 | sr7pv7n5x.com | udp |
| US | 8.8.8.8:53 | sr7pv7n5x.com | udp |
| NL | 139.45.195.8:443 | my.rtmark.net | tcp |
| US | 8.8.8.8:53 | www.blogblog.com | udp |
| GB | 142.250.178.9:445 | www.blogblog.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 136.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.195.45.139.in-addr.arpa | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| NL | 212.117.190.201:443 | sr7pv7n5x.com | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | ajax.aspnetcdn.com | udp |
| US | 8.8.8.8:53 | ajax.aspnetcdn.com | udp |
| GB | 216.58.201.110:443 | developers.google.com | udp |
| NL | 139.45.197.236:443 | yonmewon.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 152.199.19.160:443 | ajax.aspnetcdn.com | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | 201.190.117.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.19.199.152.in-addr.arpa | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | www.blogblog.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.253.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | calux123.blogspot.mx | udp |
| US | 8.8.8.8:53 | calux123.blogspot.mx | udp |
| GB | 142.250.200.1:80 | calux123.blogspot.mx | tcp |
| US | 8.8.8.8:53 | calux123.blogspot.com | udp |
| US | 8.8.8.8:53 | calux123.blogspot.com | udp |
| GB | 142.250.200.1:80 | calux123.blogspot.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| BE | 88.221.83.250:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 250.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 88.221.83.249:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 249.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.15.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |