Malware Analysis Report

2025-01-18 01:58

Sample ID 240613-jn8jnstfjm
Target a47fc65b0fe6f50bd0757c58dfd6feee_JaffaCakes118
SHA256 17432e577c519c93888301b6eb4270780d94ec7c3aa042c8a19ba295ae90b204
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

17432e577c519c93888301b6eb4270780d94ec7c3aa042c8a19ba295ae90b204

Threat Level: No (potentially) malicious behavior was detected

The file a47fc65b0fe6f50bd0757c58dfd6feee_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 07:50

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 07:50

Reported

2024-06-13 07:52

Platform

win7-20240221-en

Max time kernel

129s

Max time network

140s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a47fc65b0fe6f50bd0757c58dfd6feee_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a030a96266bdda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000001076a31199e1c64e90f8c7cbe476f42e00000000020000000000106600000001000020000000a899a94b6083c8fe2d1f52e7d10c21b326c661145ec5817d60680473ef9b5c99000000000e8000000002000020000000c4305603fc05c11bdccb596c6e80480450a6df2a0f1c192501eeeea9b4565ebd900000000a6694706d85aba6d85ebaf3cd2afebe786ecc9810dc7253e3083a7e775b1c43d8d0c58619e9e6791a0ee063f5023876832e3a9890fed9e7247ec4d8490f386a57a1a32ec9487bab6b72e4f3b36cc465747130269b5b74df0a7b938d5587cb5e436fc54eb89fd7c6a84c8be7bd8adefb8203982e269fc1d572ca2e21b3ef289f02930f4bafc1ea00d4ab2c11a2673c1b4000000050c84bcafbcbe1aa4e8c296a4b6d62af6007c42a993e8705139cb0e93d21c36970db6000593f57c438cb9ff3c71b672a376b824a43badb8a00e80d2e40a02648 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424426870" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{8A68F081-2959-11EF-B238-4AE872E97954} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000001076a31199e1c64e90f8c7cbe476f42e00000000020000000000106600000001000020000000667815201d17b18386f1df04218ea0e8bbb2c4d3577562bf1eb9f1bffd04c0ea000000000e8000000002000020000000d41ef8532d82dc42482e4ca6000046ed55f366530c16620c3219bd60ced0239120000000c6421fd1a9c356e0c336fcf1cdf9cd50a7fa7aa57c3e4fc4ba743cbdc419e39a40000000f1e9951c5caa3cef7b37648ccaf742a5abb93e145b0b9b5aff30ea2eb416b758a449075a622d1627f37acf5e444591651bd116623b97aff45a1b30088e2ad55c C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a47fc65b0fe6f50bd0757c58dfd6feee_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1936 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 mybloggertricks.googlecode.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 nwidget.networkedblogs.com udp
US 8.8.8.8:53 static.networkedblogs.com udp
US 8.8.8.8:53 www.clickwinks.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 yourjavascript.com udp
US 8.8.8.8:53 badge.facebook.com udp
US 8.8.8.8:53 s10.histats.com udp
US 8.8.8.8:53 feedjit.com udp
US 8.8.8.8:53 www.ontoplist.com udp
US 8.8.8.8:53 feeds.feedburner.com udp
US 8.8.8.8:53 www.auto-ping.com udp
US 8.8.8.8:53 melayang.googlecode.com udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 widgets.twimg.com udp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
NL 142.250.102.82:80 melayang.googlecode.com tcp
GB 199.232.56.157:80 platform.twitter.com tcp
NL 142.250.102.82:80 melayang.googlecode.com tcp
GB 199.232.56.157:80 platform.twitter.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 13.248.169.48:80 yourjavascript.com tcp
US 13.248.169.48:80 yourjavascript.com tcp
GB 172.217.16.238:443 apis.google.com tcp
GB 172.217.16.238:443 apis.google.com tcp
US 104.20.18.71:80 s10.histats.com tcp
US 104.20.18.71:80 s10.histats.com tcp
GB 163.70.151.21:80 connect.facebook.net tcp
GB 163.70.151.21:80 connect.facebook.net tcp
DE 94.130.218.80:80 www.auto-ping.com tcp
GB 163.70.151.23:80 badge.facebook.com tcp
DE 94.130.218.80:80 www.auto-ping.com tcp
GB 163.70.151.23:80 badge.facebook.com tcp
US 192.185.189.52:80 www.clickwinks.com tcp
US 192.185.189.52:80 www.clickwinks.com tcp
GB 142.250.187.206:80 feeds.feedburner.com tcp
GB 142.250.187.206:80 feeds.feedburner.com tcp
US 104.26.10.22:80 www.widgeo.net tcp
US 104.26.10.22:80 www.widgeo.net tcp
NL 142.250.102.82:80 melayang.googlecode.com tcp
NL 142.250.102.82:80 melayang.googlecode.com tcp
US 8.12.18.87:80 www.ontoplist.com tcp
US 8.12.18.87:80 www.ontoplist.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
GB 163.70.151.21:443 connect.facebook.net tcp
GB 163.70.151.23:443 badge.facebook.com tcp
US 8.12.18.87:443 www.ontoplist.com tcp
US 8.8.8.8:53 themes.googleusercontent.com udp
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.151.35:443 m.facebook.com tcp
GB 163.70.151.35:443 m.facebook.com tcp
GB 172.217.16.225:80 themes.googleusercontent.com tcp
GB 172.217.16.225:80 themes.googleusercontent.com tcp
US 8.8.8.8:53 www.blogblog.com udp
GB 142.250.178.9:80 www.blogblog.com tcp
GB 142.250.178.9:80 www.blogblog.com tcp
GB 172.217.16.225:443 themes.googleusercontent.com tcp
US 8.8.8.8:53 s4.histats.com udp
CA 54.39.128.162:443 s4.histats.com tcp
CA 54.39.128.162:443 s4.histats.com tcp
US 104.20.18.71:443 s10.histats.com tcp
US 8.8.8.8:53 apps.identrust.com udp
BE 23.14.90.73:80 apps.identrust.com tcp
US 8.8.8.8:53 www4.shoutmix.com udp
US 104.26.10.22:443 www.widgeo.net tcp
US 104.26.10.22:443 www.widgeo.net tcp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 developers.google.com udp
RU 87.250.250.119:443 mc.yandex.ru tcp
RU 87.250.250.119:443 mc.yandex.ru tcp
US 104.26.10.22:443 www.widgeo.net tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 104.21.64.34:80 www4.shoutmix.com tcp
US 104.21.64.34:80 www4.shoutmix.com tcp
GB 216.58.201.110:80 developers.google.com tcp
GB 216.58.201.110:80 developers.google.com tcp
GB 163.70.151.35:80 www.facebook.com tcp
GB 163.70.151.35:80 www.facebook.com tcp
GB 163.70.151.35:80 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 shoutmixcasinos.com udp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 172.67.196.83:443 shoutmixcasinos.com tcp
US 172.67.196.83:443 shoutmixcasinos.com tcp
GB 216.58.201.110:443 developers.google.com tcp
US 8.8.8.8:53 arvigorothan.com udp
US 104.21.30.34:443 arvigorothan.com tcp
US 104.21.30.34:443 arvigorothan.com tcp
GB 216.58.201.110:443 developers.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 x2.c.lencr.org udp
US 8.8.8.8:53 x2.c.lencr.org udp
US 8.8.8.8:53 c.pki.goog udp
BE 23.55.97.11:80 x2.c.lencr.org tcp
GB 172.217.169.67:80 c.pki.goog tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
GB 172.217.169.67:80 c.pki.goog tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
US 172.67.196.83:443 shoutmixcasinos.com tcp
US 172.67.196.83:443 shoutmixcasinos.com tcp
US 172.67.196.83:443 shoutmixcasinos.com tcp
US 172.67.196.83:443 shoutmixcasinos.com tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 ajax.aspnetcdn.com udp
US 152.199.19.160:443 ajax.aspnetcdn.com tcp
US 152.199.19.160:443 ajax.aspnetcdn.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 216.58.201.110:443 developers.google.com tcp
CA 54.39.128.162:443 s4.histats.com tcp
CA 54.39.128.162:443 s4.histats.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\Cab2435.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\Tar2448.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 921f281df9cdb1eb261bfe34d31f087d
SHA1 433a14d57e9fea28ab995e1fe779da4792583e90
SHA256 a3dc9a4622422235dc7f91e8224c4713ca0b3c3c8193c252470382267dfba7ba
SHA512 e2b1d95bfb8cbdcedb3999f71bac4c5dd384f698b6d9c4c93fcf0828bfe2b250b5bad7bedbce672c708708849ccc29a91a9216cd17c616e3758c125ee7cadb61

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 cb85f3fcf86ef0de7ef258539cae87de
SHA1 c73288fff07885a62f8c7033b348863ed3b8cad1
SHA256 7430a96d94b1faa5363b7656b323ffa416fd262e0405e498bb143dc93443963f
SHA512 dc152f2e8c8f7e316e84f7a1f3996e02c08d582d6d0e40b8bf7171e359ea952a80b7452e56690b30fe98b4655d4744e8529a930449ef1cd853e377f86294b2d2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 e6fc3fa8adfc08bb7afb33d91892aade
SHA1 2d55a86e3c366f5033e346400dcdc23731791d90
SHA256 b119add9ddf7ffdd1bc60be74fd0021fc5b8e377192ac647c5270e6dffb7efd0
SHA512 bf8e367ca0a51e9af066678cdf9221fcc938b938398e82c5b8304e1c1a1077c519ad05652774ce1bc91735f8e419efbff3bbf34ed667b57ce7ce33f77f5575d0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 635bde0472cd873abeb68d97ab89a858
SHA1 2993cd9bf6a21324e5202aa8bc106757e66eb0f6
SHA256 bf969644903bef5a5facd30df3cf0e6b09f6d7220c0e2521a5c4a66428da3b7c
SHA512 68c96c5f1df08ee64a2d5c94796bb4bbb614ac2c7f8649ebd60711ccc090402000df2b0225720a2d9b4a8b760bfb80ccd7ea9a206568a0d4733aca8b14ad3168

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295

MD5 c564e5fee04ab7e6ed7fc3d38f0e53c4
SHA1 dc9ad1e1b4cecc23db267ab93ff5666bb6cd3acf
SHA256 f60551a18b046aa518f0ac0fa78dc7c5fae8f06fbf3e8a97dca544c415b659d8
SHA512 12001c7358d9b21e4d1428b9ad2ba9787ef8563fbe4397c551db4b5aee701c5d92ecf82082734bec952a62020835d110b3ab2e47bafd95bcafd56ee45910c487

C:\Users\Admin\AppData\Local\Temp\Tar2538.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295

MD5 a4c3e4b3f212ccf9719236eaa8f728be
SHA1 e017a18974a9969ca60ca2499ac54b464d91a2ef
SHA256 0641546fbe6a6bf201d918796cf5efa992632208053037f369a6173cc2afd39a
SHA512 c4c229eec604f4022ab0d439eb8b95bbdbb554d809d4571745957f0da5dc740e4ecb13757273b9dcf9f431a5b1ca40d53a539e2ccfaadbf7c161dba6b8b2734f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a42dc5faa3eaec80da9356f97f8f2422
SHA1 45ec2a6623e5a70968ac7579b7ca7c269e4a8911
SHA256 c9f73a4d90034a67ec130b2d234861bab7e04f7630b830f7f406d349b73d45d3
SHA512 0bd4b0246760a747d03cbdebb7715f4781ee920e25aac3b9550b67bab94c613d6ffd9a2c35e3778d528c78c7cad1ac72620d4d3c359dfd89ad8278d664c642ca

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 eefe24ce931d393b2384473a3fa1205f
SHA1 a2718daaf50c994cf3a0c7da0842b83672830a32
SHA256 f1b7d874cc3beb64756fa8e593f72a26015586fc7f2da28aa3b3012b485155c3
SHA512 7dcf51ed4da788783061dbc7cefac1f7828c41a73fcc6ef873f7c39ecd685a42f24d3e60b7120b52bb2be6849b9d53dc95275bdb6d8e77ad41c3c06cdf32f6f8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 25eb8783adf0022344d99904e4e55da0
SHA1 d1f75bd0d68bf25286cdb6c41eec0b5eb8baf37e
SHA256 840675f2d52d6f9f0be331bce29b9f2997cf83130579cb93cacbfe0b63e5ac0e
SHA512 78ec0feb6fdb0185e01efd09bca5dd8bf85b1c1b4594d17cfe7509ec6f45054c99f8944906833f6c8f1d72cfc2c1c05ef77c88d159675ce9be5fe71840e15a3d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7817640e66c8ae408f19c0e341dbdc9f
SHA1 2d58cf28f0b5d40bbc45440314b941fc6065382e
SHA256 07f50bfc553fe8642afc879ce767c97a24955052396008a1accf3a5440d75e3b
SHA512 a3d237eb750c668b63f462c3a74f831b6ff8b9142d8b7bd20a04a838f669c418ec55a8f228108aa8746aade21ea5846b8da1bc25029b5a9e395f9569a53e064e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\all[1].js

MD5 c3fc04e847d68943aada8d0078a5df87
SHA1 b053e24585b393a120e5cf342567e2cfb3316673
SHA256 a4d062920c00fbba4fa6337f3293e68dcb6840b815591d7f66d3aa286f2c9be1
SHA512 380c619177e910bc0cfbe7aa5784c2d10df51c59eabd77216d8f8985a9676e06bce847b13004824ee5c77e7ebaf44088dd9d5b157902ea41639180ecdfd5559e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\platform_gapi.iframes.style.common[1].js

MD5 682c26af19b240f98d2cb951721fa54d
SHA1 18e58b652c7f82a55ab4b1910693686049e25d62
SHA256 96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980
SHA512 078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\cb=gapi[3].js

MD5 f9255a0dec7524a9a3e867a9f878a68b
SHA1 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b
SHA256 d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d
SHA512 d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8655998d35c2746a9173c562eae1ec5a
SHA1 c115f93dfad7ad79c434d1347c372a7b35c8bdaa
SHA256 8eaf46ada215dfca8906c9a32b634dd61365dfce8c6c941188b03285474147c0
SHA512 4ff720dfc4b7f8c63d3c2269eff3261f86dab4c97ef6317d4aa6232b7b00d9f07690f6bc15472a8b8369351f5f37842b28d8cf2b67b33dc54dffd124ede7360f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

MD5 963fb4767a3178b64f9d6a85b1be20c8
SHA1 accd3b2fa42e44a95334a871aedc4d5dcdb9f75e
SHA256 0856eac480fa22bc38f7e052b698db3126cfc9b86f8ce8df69be90f417fecf44
SHA512 bf61c2710f4f118402c230091a88b3829e221f38e02082dbd1665be06d71bc29e51e6421712950deaf9923b47e3ffd9c60adfa3e35c04f6603dc1a57c498f9a6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 178917874fb90ca9435ce19afca218ea
SHA1 c7e2336700dcc211d249d1ee75b139d66045d186
SHA256 7e0f6b3396d6b1f1c2d009a28118797485228b5db8ac263d89164e880a465749
SHA512 0e1abac0915e9c402895392ea15a94ee63b0dcdf24558d2613201d8f876c912a704b2fefa7eeb39d84c2b8812d2bb139621c24b56575be81833279b26ed76039

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 154ee29b260a45188e204e2b960d8f57
SHA1 f9fa3086cf95ddadd3ad3e69d3bf9c0349f02fdf
SHA256 b856bcc77d522c38114cf9cdcd0c8c711b50e3fcd1f0025368b49792681c9e60
SHA512 70ab6e77146997f39e083fdbb9fb61c2b7d548285e8b41c27868353317e592c27e4b6d94af0d0aa25d1047e143a3b5cd96590c1bd320cc7b788fd54b695dbf4b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 26cfd00f04e2a6c00d601b7af126accc
SHA1 b6e033ff8ecec0cf27337ff0c8cc287c85d0f394
SHA256 de7faabd84e0376b61793aa09458a327e9827f6f65537402b826c78cb25bd194
SHA512 2b4cab0d41ee7f8fb3f23bcc7eb8deddecf035ea0444361046d672a40386ffdf63234a62761673bc8fc61733188f834fa8a94b895645d1650ec772ede3e7eed9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 080f6cff319b23b8880a74da72f4bd75
SHA1 8d271204834a170d0ed09245171a3694da4ded50
SHA256 ab8bd24f03bdfc6e9e955fc2470f6fe4a8ed8cddacbc2430048503600417fcc0
SHA512 baa864d5f64759d8f4f9efd2cc189dd75fead783568b04634feb713dfda79f7356196ab2bfd79971e6287116592363f418a0fec6f065cadafc999f88e4c6e399

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c1153f4d3cdf4549009f66712b8741a7
SHA1 55f6ef8f88e2f8ee6577996224a5e63d7b22303b
SHA256 89f84d0e2d5ae57053a93711b74554a5a2dfaf1b0336cd3f3b8cd677981a108c
SHA512 01c6abf370383ae509ec3a71f0b7de6b6d10a1e135ffe05cbe7711605aa761842b28fbb499e0bacbd79c0b9bfe75aed2c6f372c9ce6f0ece036768359bc5f98d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3dffd055693611414911748689adef02
SHA1 7e42b0d77a836cede9808066de929ff6d4a02c2e
SHA256 f8880cc5eedab4429e75c4a9fffe35cafdcb39d8cf0c1386721b400756e72305
SHA512 097cc6da031ba243f54181a8053ecb109d13f3db834fef549ddedba247785adf6a8e7c79607053b23cb1997830bd08ab1fff851142e606d84ecc819e622cab3e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 071b6261927f3d83ff0b0751e758caa5
SHA1 ecef2b813b67cde5012a94a0187867d9cb1679aa
SHA256 f80de86413a40b4bcaa33fc159df527a313862b7774ff879ebae09e858cb0ea4
SHA512 a2a1b7aafa8b9a2eb489436708dcd4e8fa98d47c2bd17c5dcab7314b67ec6cb703c48737f8a4cda7a8941980da82afbb6eb897a957bcfd284e7dd347a19e237b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\errorPageStrings[1]

MD5 e3e4a98353f119b80b323302f26b78fa
SHA1 20ee35a370cdd3a8a7d04b506410300fd0a6a864
SHA256 9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66
SHA512 d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6f9d00221474951b62711efd216bfa00
SHA1 75b808812904a99924b83ba4ff9ce3ca6bb61a53
SHA256 2cd8c811dc7976d1725853731e8f41acfd088c88be524dffee5c40e2ddba151c
SHA512 d3329b137e863b5b1ba00f9416297536233df82eb1c5449adf541bfc8f8955e57e0bdcf07867da21b15caad8202a17891f5de0bfe3cf513f718a3d3f91efd127

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\httpErrorPagesScripts[1]

MD5 3f57b781cb3ef114dd0b665151571b7b
SHA1 ce6a63f996df3a1cccb81720e21204b825e0238c
SHA256 46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad
SHA512 8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 33e287ded5d61e6a98c0237440c60ccd
SHA1 4f07cde1924bcb02055062fd51f7283d9ec351cf
SHA256 c203e1801fca4993ef5cc9712e4fbe6751fceecdd375326cead690876ec8885d
SHA512 a0292a5e41f21bdaf8e1acdd3c7759f50b25ce85c44c180c43efe19391654f31939180f2075e4e86f79fbf09418738205e5dd9a813c1a094321e437a6e2407e4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8efe681c681e2ad67b59ec05d527f3fe
SHA1 84867991b3718d43f4f9940a07fffa4bb0b677e8
SHA256 caed8bd8f52630171cc1aead2fdb14896fd45fe08b9fc6c8a7db6707a8a01bbd
SHA512 c868c0e54bcba5217519d540f483d013b65c46e49224f30f5874101ca275a07fe4726d4f9f7a3c23190da5f0c3a6f8b3b8ecd92cd656b0c325b6b59d570a1aa0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 79e5be87b62a13b448f63a96050f44fd
SHA1 ac300ad6a62ff09c76a5ffe1c38c6490b895ad78
SHA256 cdc9501e9551d91322fa4961d5d1e8cabe1424a9531bc76cf3f5415d527c49e2
SHA512 a3c7e826547b9403ca89bc92f045530e9b204defd84990f44bab81512ea25b9f7f1306c26a65e8a958933d631ecd6b33a4b742e1f24f4cf77636cbb9f8104f1a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 86275e885b6406a4e921e5dfd56e8231
SHA1 4b048ccfc0ba406ec9f8ca28bc41aa09c6380187
SHA256 0bdd8db89de33f0b20c50a5f6da39cb0ebce18e9c2d9083d5a1a2290827ddb6e
SHA512 9f463a6c34cdf9d06b4225b6116d3ea1b35231ec4269ad1d52b06a9b13ecbb1135b24e711b30ab20093f5dc7e77ad6fa2530f192326bb32f6c8ad04436d4182f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 16693b439fcb9102fd62b5c2e3b7f8f8
SHA1 8a0af5d011414fba1e22efdd1ffbec6a5fcc48fd
SHA256 613238f704833d97e5ed6de3733df4550218ae0a1078d3f0e0936234d0c05c00
SHA512 fc1cf8ce431f89c60dedb71bbef0be28e3bea1de907c84e497038a5aa0d2ad1f8e5658244dbae9183a2134aba8f6956cb4e777952da6bb0351c26c9b1798e76f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 54fc31ebe64eeeba89eac1acb8d4fea5
SHA1 dfcb8d4c273dc9c53e57de2a7115e3fe9e844153
SHA256 dd359cfc39adbc17a20d474445ddad198a6bb7c83ee6d59e9f3e4924f0643e33
SHA512 3efbd6380d8a3418a4365a3e6861b4f67f4b4fda333b9b9919289a42881700c44d199326c6ad1cb3e368b1696a961b6af53af9c157552671e7c7c6126e72aa32

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 87a01bd9b132f190bc8e268a968135a7
SHA1 319fd9601bbaba14f43ab67c971e66294f324080
SHA256 97135216e47eb40514e5945dc997a8239188f6a41d6a28b098021e23969434ce
SHA512 b9dbcc7151007105141e2d9a00fdd3e30bb5f4bc49bb8caabb996984764958142a3dc28d64e193b7f886a9149db365104f876a7edccc134d58acd4b16bd61ba5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 79ab1b798ebd82f0c9689d136a2f3fa9
SHA1 92c4f70e9308ba683eb45eb37eddf735443c0941
SHA256 55fe0936f2232dacfb12dcf0953fb88cec13a88849c83c91221dd64733397ebd
SHA512 7a8408a377b49bf745b48ece2868e587fd60a8a4d774e090840d1614ed9925fe1de5bf55f52780c0bde70c033f900b6512198b4dd3d5bd254d722eebdfd5f604

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 030e382089b76fde835f02ddd1fae1c2
SHA1 5113431997919080b3a83b50811c703906298664
SHA256 8205264a6a1250747370d11d0ac60575e4c1927ffd5bb3d4d363e81108ce6081
SHA512 304d327eb34d740ebfd71068d404ce6937bc24248fba20d66c13931c3ac0fe16e03569122da17ca3d8ffc2bb87121ceefbc9f2a00497aaeeba020e24399d7633

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 291680482b81405cda4ee0120abbaaca
SHA1 f68952ef5ff302ed6dd7a5d6b7bc1d1a1b606676
SHA256 8995be4df9081b23a02e2b1b0b4289d31992a1c49e179d604771a31c5ce1471c
SHA512 f95d6badcaeb586ddf2f38c39d213f63b18a6e729d68a3b3b338fb3bb3177644570e16d40ed885e4f1e95d9d56098fc1ba614a387e258f9a1f8ee2cd55cc8b61

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f5d1bc30b1670e346751bd1300a8af55
SHA1 0ce0524a93398c9dab29c2515f06a5b828d9990e
SHA256 ec5fb9273de03b91bb3982f8000c84b745544cefe4116384d25904b0aa42d5ec
SHA512 25bbcfbc0c68a4a79aab1a734b3db58f47894d228141a9aa957e2530146930759ed39749618a4d284e53efbbe146ea9f35f720043ceb8579392e05afa22987b0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 691ee15ab90da6c9da6aeb2f78de9a08
SHA1 201db8b3ce718df298dfc30d01f35a67db5dd1c7
SHA256 2083db0e46005227801d49d55a2f8de9d7968142c223d3dafa03c931e1387520
SHA512 7f7e0baf73fd200353d6f86a8c21abe5ee760a9849cc49bbd490cbae815777ec43df7e09cf5012614cf5adcf3e215bd97e25693b7ccf7fec293183e1ac19932c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 ddf3649b44843fb693389365217a741c
SHA1 080d95b9d4d4c9c51981e2cc230bccc3e759bb69
SHA256 ddcfb5eb3f99f35cb494e632570d5780a946da2b0c7158a0006b7366ef33e6a1
SHA512 80b1ff1a44e6108ffb154e65557cf46ea80e63753a070503b30254ae62b5981f00ed21498c7ac8cab6984e035bf7f61e4c5d494192954b2bf4b817c0b14585a4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 11782dcf115e8336dff0d0ad6600b2ac
SHA1 af35fa31684c15b5eb71919700aac2eb6dbf51fe
SHA256 78db32a77371a478fc49cb7c53dcf846c0e863b0a87fa75b650ceb72ebd727d4
SHA512 91b016ddae33b6763a7f7bf15951376a029ed7312981ff8fdea71e6c654036bd19f018358dc37fc0443251a26ec8448f6ceb98c8e4059e1abb67765ff39543dd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c62381b20a0ccbbaa0e3ba2eaa6e82ad
SHA1 b31037f4b64e0bcf00e3ec963e3d8beb5e4f6624
SHA256 66f59acc606639b9bc93317224b4f3383f7bac1d2786ca77520a38c294c86097
SHA512 68369e216f61246a5f6076f509e4318a5ddbcd6ca3bb36ccd899ec7137665939e7c31fe81e63cd20dafa162416544406fae8e9b121f15e4dd46c61510f27e28a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2fca5a8661419eccd1b93cf2579f983f
SHA1 50fe889478bfc752988086067626980a83caac4c
SHA256 3966866d9ba0cf7bb1e89aaf783b4d1a4efb5b6c029c0991414d43eafb5a01f8
SHA512 f4c0406db415c9a53f76458f524defd568b1f70975febf2648c3194500c61bbbfce312f63357a6e902f764cfb35739fae608fe49dbc468d7991ad29924de912d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8128a94f9479b21652a54877d2947571
SHA1 2a8bc8b24acdab2d69a1e0dc4e4c092344fb1183
SHA256 4171d2b5ce42a49b32ced54e3b6ad782224c01e2ed06996458980afdb6495d31
SHA512 27852e5e1ec69019ccfc96353119ddb9361360650ee39140da164e20564e886e81cb7c2a1e3fbe524a2d6b343fcc588e24366cfc1057e9e3e9c0c2bc7ffdbd6d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e9b9c491a9658474f1d180ae9b663702
SHA1 792a7f834f8e17dece399922fb5ac8756507a457
SHA256 63eb4efc47be5ed893b5c1bd7f9fc5d66821a2207209dbd98ed5d2f4c458b43a
SHA512 618824b09680db1d937545dfd9048b6f5e9ad9a3cf2b2f39071de8474d6fbad52be87e7dee87ebc380188f4fe41971a210fdd9f8adabc8f1afa86e2a965175d6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 78cbf17a1ad00b5bdf6d6ebc725405ca
SHA1 269072c167ddc55e0439406d1a3cc8aa3ca9ea6f
SHA256 16cbb59d1713d4ce7945b6000c9f89d393f710013806f431e9393ced08a96cac
SHA512 302c9acf73a08e0d87d79f1bfe3a462f056847605a5f0fd6867b3eb7a3a11049acbc26e7d189a7e090a90bc4c576ffa0ab7791a2b0f503e5e63bfc93f80cd365

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3767d393d36e73be3b82a72f2f0a0945
SHA1 0bbae3a5d18cdd681eff86b55f4dbe8bda63e41c
SHA256 3471798be94b551451ee754e7ac884349f78b0b77e4fa440b045b3efaf609349
SHA512 c52c88aada1fce9ac631c528d377b0ad82bbf2b8025e76cff7769daf9cfe803e5542453f22a99920cdf78f5ce8e4d50fa2cdfe4d3cc5c21063e7171479fad1ab

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6b28ee3bd49bac35ff372a7ab9b43313
SHA1 fbbaee4db58e76bc208bdfa0b4f32a328780f07d
SHA256 2b2a0d223acb927ff18963c8242958312d9b121ed0e83b0846d4307a15ba7cab
SHA512 0948a9ae3fbc5b26ffc1e530c4980c6a5129ec4dd1dfd72744db7a836360bfa1049c5d3108aba1145b00fcbb74d525aed18ffaf7ce53161c7f827e8b65416525

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 706bf5b13e2b83adb7260eb05ddb1a1a
SHA1 ed5948b63f11b22169d123179871da58eb91155e
SHA256 206a9de616d93c4496393c0d3d89e99d2bfbc9c6eebffab2abd8b8448a4fc792
SHA512 67ecd08445a78980bf6149bea0550eb27195bbad01bab8be578d236250b3c76018814006ab14590a6ffd81412553c14d13f728f63fc387f240cee133d453b507

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\rpc_shindig_random[1].js

MD5 6a90a8e611705b6e5953757cc549ce8c
SHA1 3e7416db7afe4cfdf3980daba308df560b4bede6
SHA256 51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679
SHA512 583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\3604799710-postmessagerelay[1].js

MD5 40aaadf2a7451d276b940cddefb2d0ed
SHA1 b2fc8129a4f5e5a0c8cb631218f40a4230444d9e
SHA256 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2
SHA512 6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 07:50

Reported

2024-06-13 07:52

Platform

win10v2004-20240226-en

Max time kernel

146s

Max time network

151s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a47fc65b0fe6f50bd0757c58dfd6feee_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a47fc65b0fe6f50bd0757c58dfd6feee_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3716 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4820 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=560 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=4748 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5772 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=5732 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=6024 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6168 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=6304 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=6952 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=7084 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --mojo-platform-channel-handle=7252 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=7776 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
GB 13.87.96.169:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 mybloggertricks.googlecode.com udp
US 8.8.8.8:53 mybloggertricks.googlecode.com udp
US 8.8.8.8:53 static.networkedblogs.com udp
US 8.8.8.8:53 static.networkedblogs.com udp
US 8.8.8.8:53 nwidget.networkedblogs.com udp
US 8.8.8.8:53 nwidget.networkedblogs.com udp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 172.217.16.238:443 apis.google.com tcp
NL 142.250.102.82:80 mybloggertricks.googlecode.com tcp
US 8.8.8.8:53 nwidget.networkedblogs.com udp
US 8.8.8.8:53 static.networkedblogs.com udp
US 8.8.8.8:53 www.clickwinks.com udp
US 8.8.8.8:53 www.clickwinks.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 192.185.189.52:80 www.clickwinks.com tcp
PL 93.184.220.66:80 platform.twitter.com tcp
SE 23.34.233.128:443 www.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
SE 184.31.15.40:443 bzib.nelreports.net tcp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 connect.facebook.net udp
GB 163.70.151.21:443 connect.facebook.net tcp
US 8.8.8.8:53 76.234.34.23.in-addr.arpa udp
US 8.8.8.8:53 9.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 82.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 yourjavascript.com udp
US 8.8.8.8:53 yourjavascript.com udp
US 13.248.169.48:80 yourjavascript.com tcp
US 8.8.8.8:53 badge.facebook.com udp
US 8.8.8.8:53 badge.facebook.com udp
US 8.8.8.8:53 badge.facebook.com udp
US 8.8.8.8:53 badge.facebook.com udp
GB 163.70.151.23:443 badge.facebook.com udp
GB 163.70.151.23:443 badge.facebook.com tcp
US 8.8.8.8:53 s10.histats.com udp
US 8.8.8.8:53 s10.histats.com udp
US 8.8.8.8:53 feedjit.com udp
US 8.8.8.8:53 feedjit.com udp
GB 142.250.178.9:443 www.blogger.com udp
GB 172.217.16.238:443 apis.google.com udp
US 8.8.8.8:53 feedjit.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.ontoplist.com udp
US 8.8.8.8:53 www.ontoplist.com udp
US 8.8.8.8:53 www.auto-ping.com udp
US 8.8.8.8:53 www.auto-ping.com udp
US 8.8.8.8:53 melayang.googlecode.com udp
US 8.8.8.8:53 melayang.googlecode.com udp
US 8.8.8.8:53 widgets.twimg.com udp
US 8.8.8.8:53 widgets.twimg.com udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 themes.googleusercontent.com udp
US 8.8.8.8:53 themes.googleusercontent.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.12.18.87:80 www.ontoplist.com tcp
DE 94.130.218.80:80 www.auto-ping.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
NL 142.250.102.82:80 melayang.googlecode.com tcp
GB 172.217.16.225:80 themes.googleusercontent.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
US 8.8.8.8:53 www.blogblog.com udp
US 8.8.8.8:53 www.blogblog.com udp
GB 142.250.178.9:443 www.blogblog.com tcp
GB 163.70.151.21:443 connect.facebook.net udp
GB 142.250.178.9:443 www.blogblog.com tcp
GB 142.250.178.9:443 www.blogblog.com tcp
US 8.8.8.8:53 widgets.twimg.com udp
GB 142.250.178.9:80 www.blogblog.com tcp
US 8.8.8.8:53 feeds.feedburner.com udp
US 8.8.8.8:53 feeds.feedburner.com udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 themes.googleusercontent.com udp
US 8.8.8.8:53 themes.googleusercontent.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 s10.histats.com udp
US 8.8.8.8:53 s10.histats.com udp
GB 142.250.187.206:80 feeds.feedburner.com tcp
US 8.8.8.8:53 66.220.184.93.in-addr.arpa udp
US 104.26.10.22:443 www.widgeo.net udp
US 104.20.19.71:443 s10.histats.com tcp
GB 172.217.16.225:443 themes.googleusercontent.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 52.189.185.192.in-addr.arpa udp
US 8.8.8.8:53 128.233.34.23.in-addr.arpa udp
US 8.8.8.8:53 40.15.31.184.in-addr.arpa udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 48.169.248.13.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 23.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 80.218.130.94.in-addr.arpa udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 87.18.12.8.in-addr.arpa udp
GB 216.58.204.66:445 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 www.ontoplist.com udp
US 8.8.8.8:53 www.ontoplist.com udp
GB 142.250.178.9:443 www.blogger.com udp
US 8.12.18.87:443 www.ontoplist.com tcp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 71.19.20.104.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 22.10.26.104.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 172.217.16.238:443 apis.google.com tcp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
GB 216.58.204.66:139 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 s4.histats.com udp
US 8.8.8.8:53 s4.histats.com udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www4.shoutmix.com udp
US 8.8.8.8:53 www4.shoutmix.com udp
US 8.8.8.8:53 www4.shoutmix.com udp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 www.widgeo.net udp
US 104.26.10.22:445 www.widgeo.net tcp
US 8.8.8.8:53 www.widgeo.net udp
GB 172.217.16.238:443 apis.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 172.217.16.238:443 apis.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
NL 142.250.102.82:80 melayang.googlecode.com tcp
CA 142.4.219.198:443 s4.histats.com tcp
US 104.26.11.22:443 www.widgeo.net udp
GB 157.240.221.35:443 www.facebook.com tcp
RU 93.158.134.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 22.11.26.104.in-addr.arpa udp
US 8.8.8.8:53 198.219.4.142.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 119.134.158.93.in-addr.arpa udp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 104.26.11.22:445 www.widgeo.net tcp
US 172.67.69.193:445 www.widgeo.net tcp
US 8.8.8.8:53 www.widgeo.net udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 13.89.179.12:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 12.179.89.13.in-addr.arpa udp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 www4.shoutmix.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 www4.shoutmix.com udp
US 8.8.8.8:53 www4.shoutmix.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 104.21.64.34:443 www4.shoutmix.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
GB 157.240.221.35:443 www.facebook.com udp
PL 93.184.220.66:443 platform.twitter.com tcp
GB 216.58.201.110:80 developers.google.com tcp
US 104.21.64.34:443 www4.shoutmix.com tcp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 shoutmixcasinos.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 shoutmixcasinos.com udp
US 8.8.8.8:53 shoutmixcasinos.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 8.8.8.8:53 developers.google.com udp
US 172.67.196.83:443 shoutmixcasinos.com udp
GB 216.58.201.110:443 developers.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 151.101.188.157:443 platform.twitter.com tcp
US 8.8.8.8:53 arvigorothan.com udp
US 8.8.8.8:53 arvigorothan.com udp
US 151.101.188.157:443 platform.twitter.com tcp
US 8.8.8.8:53 syndication.twitter.com udp
US 8.8.8.8:53 syndication.twitter.com udp
US 104.244.42.136:443 syndication.twitter.com tcp
US 172.67.150.119:443 arvigorothan.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 steejiwoowu.net udp
US 8.8.8.8:53 steejiwoowu.net udp
NL 139.45.197.244:443 steejiwoowu.net tcp
US 8.8.8.8:53 34.64.21.104.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 83.196.67.172.in-addr.arpa udp
US 8.8.8.8:53 157.188.101.151.in-addr.arpa udp
US 8.8.8.8:53 119.150.67.172.in-addr.arpa udp
US 8.8.8.8:53 my.rtmark.net udp
US 8.8.8.8:53 my.rtmark.net udp
US 8.8.8.8:53 yonmewon.com udp
US 8.8.8.8:53 yonmewon.com udp
US 8.8.8.8:53 sr7pv7n5x.com udp
US 8.8.8.8:53 sr7pv7n5x.com udp
NL 139.45.195.8:443 my.rtmark.net tcp
US 8.8.8.8:53 www.blogblog.com udp
GB 142.250.178.9:445 www.blogblog.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 136.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 244.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 8.195.45.139.in-addr.arpa udp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
NL 212.117.190.201:443 sr7pv7n5x.com tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 ajax.aspnetcdn.com udp
US 8.8.8.8:53 ajax.aspnetcdn.com udp
GB 216.58.201.110:443 developers.google.com udp
NL 139.45.197.236:443 yonmewon.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
US 152.199.19.160:443 ajax.aspnetcdn.com tcp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 201.190.117.212.in-addr.arpa udp
US 8.8.8.8:53 236.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 160.19.199.152.in-addr.arpa udp
GB 163.70.151.21:443 scontent.xx.fbcdn.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 www.blogblog.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 64.253.107.13.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 calux123.blogspot.mx udp
US 8.8.8.8:53 calux123.blogspot.mx udp
GB 142.250.200.1:80 calux123.blogspot.mx tcp
US 8.8.8.8:53 calux123.blogspot.com udp
US 8.8.8.8:53 calux123.blogspot.com udp
GB 142.250.200.1:80 calux123.blogspot.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 1.200.250.142.in-addr.arpa udp
BE 88.221.83.250:443 www.bing.com tcp
US 8.8.8.8:53 250.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 144.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 22.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
BE 88.221.83.249:443 www.bing.com tcp
US 8.8.8.8:53 249.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 252.15.104.51.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp

Files

N/A