Analysis Overview
SHA256
7e50ea26e080d3a155d697c8d77fac2ed592a279582f9b6c18b2adf5652a45bb
Threat Level: No (potentially) malicious behavior was detected
The file a48b1a179a3d4fe83cfa5ae753e6bf0c_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 08:04
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 08:04
Reported
2024-06-13 08:06
Platform
win7-20240221-en
Max time kernel
145s
Max time network
147s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424427711" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000009867333e3a4d5e4fb4a2e62516a2aa7200000000020000000000106600000001000020000000ed91fbdd2b6086dc7fd0e57022e61e2e3cbd78ca920153c580b8d603dcd3d5b3000000000e8000000002000020000000faa6d8feba1a33578d4ba89eaeaf490f18c9ed2739074173e274d87dd53e6f8f200000005d08b79b7c352701b551fcad35d28f51dd1ce6677b947ad4825c2d6c7ad7d63e40000000fd7aa4e2997623fd5375d35cc9ab25e32a496a61b97f4ebf4b4fa2e4d621e4d3381d2107f650562cf085d5204b6ff79b8a182a3b2d139d50b9ca1822779a1e28 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000009867333e3a4d5e4fb4a2e62516a2aa72000000000200000000001066000000010000200000001922b05e33bb3ed7e8d087374e4de812404914a68fd4601a2c8f9000b2335e75000000000e80000000020000200000006ba3e78ceea1158037b36542ec41fb36b77bd33e70fa0a94bbd392cd496ba92a9000000014ebb279f32fc7f91e94fc3dfcbc59c1da12c03a256dd75d0489e7bc995cbfea1fc0a153ee855763c3aaa9f9ae2e8ecc990277be12089ab2578b593674365da318e097be1ff8d87302383023861e53ca87ae1981637e8c76431f1c9cd20c3b385226369f946024e957ef69367051bccd7fff634fa0bf3e6983b956f62b64462557351e29567628df0a988ebef807376c400000006fd4f37061cb079864fd7aaba8090564077ddebc5ba16a2e97463bdd1704d77652af5da771a2ff5d83df387bffd2199088ab3074f43cb768f9e7c84b8ee08222 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7FBC6AC1-295B-11EF-8442-DE62917EBCA6} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50db725568bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2088 wrote to memory of 2184 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2088 wrote to memory of 2184 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2088 wrote to memory of 2184 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2088 wrote to memory of 2184 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a48b1a179a3d4fe83cfa5ae753e6bf0c_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | i.ebayimg.com | udp |
| US | 8.8.8.8:53 | electricdruid.net | udp |
| US | 8.8.8.8:53 | assets.boomkat.com | udp |
| US | 8.8.8.8:53 | img1.1tv.ru | udp |
| RU | 178.248.233.188:80 | img1.1tv.ru | tcp |
| RU | 178.248.233.188:80 | img1.1tv.ru | tcp |
| GB | 91.194.74.40:443 | electricdruid.net | tcp |
| US | 151.101.2.206:443 | i.ebayimg.com | tcp |
| GB | 91.194.74.40:443 | electricdruid.net | tcp |
| FR | 52.222.201.12:443 | assets.boomkat.com | tcp |
| FR | 52.222.201.12:443 | assets.boomkat.com | tcp |
| US | 151.101.2.206:443 | i.ebayimg.com | tcp |
| US | 8.8.8.8:53 | liveruswiss.netlify.com | udp |
| DE | 3.70.101.28:443 | liveruswiss.netlify.com | tcp |
| DE | 3.70.101.28:443 | liveruswiss.netlify.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab2685.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\Local\Temp\Tar269A.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar27DD.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b6a8e106e79ff7bff128c775c777b35d |
| SHA1 | bce76d597a455d88575d26d3b77eef2720ba4e7e |
| SHA256 | a3ce4253235b3053e6feccf39bdb6436d95f58fa3c3246ca9a6f3117aef30f5d |
| SHA512 | 4d4bfbcf30ac47769981b5264a46690bfea414e8aa22abff5d87971b682e49825ec711b17dd39993056a3747dfc86e3765abb88510cb7c4b41902c8786fe695a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 763d078382b650f0a460cf117b234c0b |
| SHA1 | 44e834b6ff6c74c332ed02f87dd6c133f8ba7150 |
| SHA256 | 8e1f1e16104822449a7ffc9025a0bd6918c86b30347c89ca0fae90dc077559ec |
| SHA512 | 45541f6ecd0668b6adb68095308257871f9babd6fe53c145e5881614e89d8c261c21b833cd183326e29c74eaea7e941a7de838d96b07ea96aac995801d38408e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4bfcf734ad31c86e6ae6f790a7dd7dcd |
| SHA1 | c277b4cc1403fc07ed1db587bb169eff47eeab18 |
| SHA256 | 6fd84591b618bfb812edfffa961d82cb11b2ec499f9e1e0c5f736882bcf131e9 |
| SHA512 | fc0cfc5a26c9e968eda54cb8995744d0d72114c37ad4b0cc92b23bbe80009d434abca625a5c223740d066f0deff590db7ccce44883557c1cd6fb333d73483fde |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ee2d090b3d72c03f71f3b1d9495819db |
| SHA1 | 612594f9e2984933bd9badfe404afa27eb4f3d31 |
| SHA256 | 65a1f133142f8bc04e4d25e03baca1054aa8cf3d04a740f22afaaa5dfe9f4531 |
| SHA512 | d035df475927e6edeba187ef5d89022fc0edcacc6f609c597fee13763500456566a20772ee35fdebb25d84412e2d6b1398e37264fb23271e2db9810f4472b965 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
| MD5 | a5fda18b48249ef61dd5ed8938ce06ee |
| SHA1 | 735e8dc336f94b4ff4edd50091436f76b8af1331 |
| SHA256 | 40d6beab76b72d146035b92c01443a1f041187cfa3964b713fffa69c68e59b49 |
| SHA512 | dd62383e818d52ce3746eace6b3450f19ac6cfa53263845a898981613d41a64d3405e829588a871b10870b3bb52c155dfe96866beaa39db09708eb8813708b0b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 78464ccb146a01ff2d7656d4b9989d44 |
| SHA1 | 0bbf215001c428988950141f5bd4c60c135b84b8 |
| SHA256 | b62966bdf4788c952ed2c921245a0c6fa23e9660429a41c8628cdb2ee5ac90af |
| SHA512 | f6b378fb396cd0a7ab093dd587d8ea4f1db9b909fa032f91f663bdc76c27fd8b37a005b397f0d3014217e3f1aa30f09a826eb39807f765ae628a39f010ef09a5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 917e2a6b2f255cc5f008dba514f29eb9 |
| SHA1 | 5fc5298bde2bfc76aed454742ccc532b2510102d |
| SHA256 | 769fd8c5a33778123172cd29a6dc2143476b1f811d518d942ff1ab23e49445d9 |
| SHA512 | 6a39a07fa28d2df566d665f08b369c6b710a6c6dc027107d37acfae4ec480a793f75975dd5f92ed78e4741b6814bbac6e719718afec1c3b7c22bf5a6cd9a607a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f1465aa60d8cda5be769079dc79ac746 |
| SHA1 | ad68b419075c2179fd41299d49da70d8a3a19969 |
| SHA256 | 40b0c9ef8ecdbc2461e3f8af697ab03333de5db22d4ca92ff00857ff0f87b8f2 |
| SHA512 | ed61c9006eadeffd3e8b3274cdea6b8b505e0f853f33c08dbc933aa26a153179add64a88784fec6ef3ec0fb05bc469814293ea97129b506b0d1c42379b0a01a3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dc36c0acea21aef031227098bd2042c7 |
| SHA1 | 14f8ac169a9e46ea0ba6a07d487bc2ae444e2189 |
| SHA256 | a7792ab2d553c2d5da9550426509c752c54b67c7f1aee147d60441af07b18dba |
| SHA512 | 119fc6648dbcfcb0f9a6141708fb01579e588de3feb6eb65c11955b5b93f0968e5a10a5001edf3015773818c33d5e0938f52efd9f1ea590dc71f503f35c9bd12 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a07d6fb77d471e2c548a57991ee9b150 |
| SHA1 | c8cdf3f1c47c0753c7af95919158139b73fa3e18 |
| SHA256 | 2d63570ccd5313dfe91c3f1f425d32d44cee9b75acefd7d8fb2b88f3db70a4d2 |
| SHA512 | 05ded73522558131c16e043af0e68d4db092d8379e3647e3e52e8b5d1dc88b841f02b3aa5b2c0f4bc1d4125b35510eb1732c58da41655126686412a34c44cace |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7f406f2e80d0548c37801ec28fd2917a |
| SHA1 | 20a503cf3ff73dd2ddf0e13c1dd9502a90f2d4aa |
| SHA256 | 8e44d8ece951ebf71f60726fd2d4846eeeb1472f24292c37555f81a11bbb2cc8 |
| SHA512 | 03f9532b21356b62c6ba7d9eab88ee5d2f32fb46a3cfb6bb00fe8f245454649545da62a49b66dd3931059a244e412ee9f0fd4558897476fca26a822e244273a7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8e25972c510b582c32327fb79d902d43 |
| SHA1 | adff0b4de8b916fa273dd5d254227bc842fe1ee1 |
| SHA256 | c5a50faaa12f4425103ee3936b1e692f827ddf2d286f3e50b5596cc8c5d7e8ed |
| SHA512 | a3bbf49585c851043a615922d5922bb31599b6af4ff247a62b326217dbeabce0f661892003e0c01ca6f0eea3aa8814af8042aaae0217ef8d0c5806afedec8532 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9b53dbc4280108db652f0aadb8ef159d |
| SHA1 | 770b0b5b5c6b7e388f315d73de61636f4735dd76 |
| SHA256 | 049c6b845100abe4e8a82d389540c187e70f1906ad5824acae023dbcf3abef84 |
| SHA512 | 1430f14830295f7e5e238f7803431b88d2a5381fe67627666831dd7c01ca09b7e74f628493e7fe0ca9b5b7d681f4aa15704a8eac433943cb24e592a890bd31ea |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9a22d46b5ca4a009fce5bb7bd20485d6 |
| SHA1 | 029cc1f24a82c13e4a3cb820de8cfb75ec7031a7 |
| SHA256 | fd405f08e6c72967bd70143ff5da6a7efabae0e291cdcf15ec6321ca0205a7f1 |
| SHA512 | 462c7f1af6808e180ff852e5d55d7b9149fe1ab8b60baa4dbc7c9ee0ea8138121d1f91db8dd2ce99acb421aafd82c6122d1b198a27494d081f1b55896783c15b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c854da3587ff68734df0ae872509c17f |
| SHA1 | f9cc91d9bb923a6111517a497d4b8d81efb15590 |
| SHA256 | 3f964ef553237b85f714cf59e0fed307294d7b53b95598bbdb788efafdd7f80d |
| SHA512 | bc7f0f4ed7622693ca09187516c093d94c23442fd20ffbdb6cef91aaf61ca396c687a3bcbfe3c048eb7b989f11279a1096eccfe79e3b19e255d41e7583021ca3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9847406a17cd639449fb530c3ff7cd62 |
| SHA1 | 929b59620f87802071edcfe875740bc8247a417b |
| SHA256 | 60bbcad4ae2e69d72a7b47bf3815d7a4a22f70c72de8f680674a3fb80a133bf9 |
| SHA512 | 3dffd0a73accdddb80b544ff77f7115ced00d6a655dd4f4a5ae90f119d748f2b9e45a61a0299bce5d8a76d40777b7ff4a8037d454e9f0bbcaa02951541c74b72 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 34e9a4e79f640997c6e10de8bf8c8229 |
| SHA1 | 1456b8f52604c51fe5593c21c703018c8886d25c |
| SHA256 | c1273f0e12c58ff07f1e574d802c0ecc407893fbf0837c31927b5aef7c39734c |
| SHA512 | ac2b48801b840a87f495a1c26d6d5fbf87071c17095b56ab628f8239161e70399f7fd6b91eef4b7e345b40582ec018a6a88923f001c558e143147a4b838f35ed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a19d39e845a69a7e66d784baa01a2b60 |
| SHA1 | a96a1efd4535caa5ce8bb5b8381aee85c1be4da5 |
| SHA256 | 4b4de169318b691a1f32f40a0d54ce6bbbcd3a849516942740202b74723918a6 |
| SHA512 | c7d5fa9284b934685d58a7d10d6f628545fdef85883114ebd2097efb2d5f4400930cef2f163898bc6b5132967b6566860002a7f08533d5626a7f1088cb08ebd1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 036f3c4b869eb8acf733e4fbbd5f99aa |
| SHA1 | 9969f38f0a256bc38fcfa68e25f66702a302cd59 |
| SHA256 | 533fc314be543f875f6a065e0e68ddee2ad321553bf5802f429da7527488fc0f |
| SHA512 | 0edbabaf4065ae23f8e01d93a5590265bbe8d5187cb20439b9e7e0d5d7fe050b18184244c576365beadbf412dec40c21b61870d178748e6f35a57faf704a753a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b898b76a3b44badf6acb6e6f6493cdf4 |
| SHA1 | c3b9a11a2271fd1fb25a36d6786c748020b09487 |
| SHA256 | 2901182bad9767974a650beb5bdf6d1f03b72ffae585db9be3552eb3094e9ab0 |
| SHA512 | 4536eefb13f95358df45ecfe28dcda0809de9a63e6a0b89daeec2db1d1af22a253635ae0a256eef8d98aaaf91da1b887fe3bc4bdd0a128331c08050d0f2eb1ee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5ad53b1a7fb8e94161e622c66be42f86 |
| SHA1 | b36dbc637830d0893b54bb9fc49e1e13991e2ff1 |
| SHA256 | e91611f6ef5f0b8b4b66303e0b9eeade6b167729d9a3986b710c0a55807de15e |
| SHA512 | 652f352d9291488ef05a67bbc9a2c0460ab1de932e61e85a0f57cf63e4c381b0ed39bbf18d26b71bec781d5f4e88b51779945b49f0e9d4f2b19cb788b85dae01 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | ee39391aec1d64ee237ee50e72a8a288 |
| SHA1 | 80c03c3ef860a6991935d225b31259a2b8ec0df0 |
| SHA256 | 934f3ceebbc59974d66f530dda1558046ba4f51ffa183c473c82b1d8f2affccd |
| SHA512 | 1fddfac551c4f34d0f268fe5f8f86e473bf894ada3d404913ca1e250beca9fec1b076c06478f02395956e71f257d2f5aa0dc44fedb921c0b0df8da772d466f57 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2cbd143ab4c608649cbe43b2c88a1670 |
| SHA1 | c2c12164c55ca7c196fadf0993d2c4c6b19bc779 |
| SHA256 | 9bbf0673e7cddb6bf71ee21d04ad67b2de6a474b99a1700482d2b39bd3c7d9af |
| SHA512 | 5df5b3d4df49f389d3e2efe0e378eeb1905e6dea4ba732f726b02679d5bcbbb0c00674e74acde25996c184f6e9e6f1c2c280e9e129849aaed4c2043590422dc9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 80012fd97223ae5d4eb83586618e6c0d |
| SHA1 | e7d9698bdf65bac7d6b86762247d5bd94c079626 |
| SHA256 | 8529bbcb8eef6c4925f8e45d9ff8157320b5da60cc6f43ba06f09b45c1894b4b |
| SHA512 | 82ede64849d498392212e0aecd18cb2d8dc8958f209cf35e3b6867342da18c53bb2afe3223c4602a9ad38957c0a39620b39169e5aa4bfcd6d01cc2af6c698e21 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0fcca18b86a50549ba1e93e63b51c27a |
| SHA1 | 20d6973723b06d910a65e89f0e5a171dce5a4a52 |
| SHA256 | b4e9181506e2f7c64dde8c9ea29f828f9319c6401cc5e8c5537156a332e6f728 |
| SHA512 | f448f44a8580fd7dff8c3c3a019a3effdfef84e713e8ed068273588e541bb993c8b89a5bf0f5fe98f86ba7dd58cd23622fcdca55265bbc693371047ed8898d6c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ee3e013bd155dea338df5f01b508b51d |
| SHA1 | 1d238d80b42a53e8aa52529617fd19d971bfb4c3 |
| SHA256 | c1f27dbdf2b007a980c142f289809966612f083260063826f4c339e4e844e75a |
| SHA512 | f86777cd05b378adaffba266d7b5fad92b3128a8e2cb4c4accc7387fcd73fedc219adaffc4d0fa076cec0325f6f3826a8484c0f4bb1455550fae157b482d22b5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4ab414f7c106cdb096010ce255f0ec67 |
| SHA1 | 3fbfb5b7218e650e69f2a94aba6bb78fa9aef12e |
| SHA256 | 7fca34a2c16a9bc4ec2888c37cbda430153b38d7f40255af4e5ed4d2461277ce |
| SHA512 | 667adac432ed210228b326c09b3077e72e432ee5852bf5219315b01e1d2a0abfc3a0166310e65ee841b41b662910ee511666a011fa15f1d5ed67dc57e0ec1175 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 507c11aaeaf339fbaf6f358b62b9c431 |
| SHA1 | 18c141a958a74d893ad9c549f4ebe1f996cb275f |
| SHA256 | 8a91fb1922105380c9456c3ba44338c410643b2390626570bcce7767d50bbd54 |
| SHA512 | 46eeebff5e28789f72d71836488a4341577ccba07873e1b91f26f133c8dbe7d5fb3cc35b09c622a4fc39dab29bbe6d7c010976831a7534ad283a028f6b784ac4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 94303a19c91772d9d0503285fccb71fb |
| SHA1 | 6195697e4597fd2e5c2bc9f89b033d33cac44719 |
| SHA256 | cee672a10616d46d3c65ecca673e2f848fb994d92e541f80a09e79683d550b93 |
| SHA512 | 3b92321d3dc5858a04093a8fab85bc59929dd62dce00f6ab3f403c3ca5180ea533ba57c4e5a02d4eec259aa383ab5a24f5f0aec9fefa54c16537a070684ad8bb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 1ce1f3679e595c64d62af3b5f6c3658b |
| SHA1 | 077f7d619f0ac5a40c2b977fa8c610fa629ac2cb |
| SHA256 | 6712b67f816618ae0737d331fb0fd896c023fb75401047d91e6717a816a6b70b |
| SHA512 | 9e712e15bcd7d32de38c4efed294455160d5ee2e92aa90030442c8e0bb3d8ba9e4811f54b65bf9659f01981cd0bf906419b0719e07b3ff64c1c95e1d842eef3b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bded1dde7cfeb977a3c3a7491c2edf65 |
| SHA1 | 8bea09f1d74257d816783fdf92f50dd4edb93af3 |
| SHA256 | c56a85e7053852457a345ec774b71debc172c3407cc44e0f704123453db2b659 |
| SHA512 | e222bac1d32164fa5d83486b2a7a43781d03e1fddd19413d643e6bf6ff6de12eaae0f13fea48eb5f59ce2ad6276cecf95e5df169adb05ea96d01166c314cf60f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cdc8b6c2167f346a2c38b7418d2a3806 |
| SHA1 | cb9a6b74337718b957ee7346e5177c7f49a9794b |
| SHA256 | 7c91742cd3794abdd31b612945bb1452ff2fd9ab38074153864428d0baf6f11e |
| SHA512 | f9d81a062f13f63dea2eefcd06273ef4153d55a052717207b42e22705b67234579856d6d62c9e00c1c3cb3cd2e6486c8388e7c87a51b49152885b3d85c54b90f |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 08:04
Reported
2024-06-13 08:07
Platform
win10v2004-20240226-en
Max time kernel
141s
Max time network
154s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a48b1a179a3d4fe83cfa5ae753e6bf0c_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=5248 --field-trial-handle=2236,i,5367110156796017614,12594004256180761011,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=3908 --field-trial-handle=2236,i,5367110156796017614,12594004256180761011,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=2724 --field-trial-handle=2236,i,5367110156796017614,12594004256180761011,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5808 --field-trial-handle=2236,i,5367110156796017614,12594004256180761011,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=4500 --field-trial-handle=2236,i,5367110156796017614,12594004256180761011,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=2724 --field-trial-handle=2236,i,5367110156796017614,12594004256180761011,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5784 --field-trial-handle=2236,i,5367110156796017614,12594004256180761011,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 13.87.96.169:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | liveruswiss.netlify.com | udp |
| US | 8.8.8.8:53 | liveruswiss.netlify.com | udp |
| US | 8.8.8.8:53 | liveruswiss.netlify.com | udp |
| DE | 35.156.224.161:443 | liveruswiss.netlify.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | i.ebayimg.com | udp |
| US | 8.8.8.8:53 | i.ebayimg.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | img1.1tv.ru | udp |
| US | 8.8.8.8:53 | img1.1tv.ru | udp |
| US | 13.107.9.158:443 | business.bing.com | tcp |
| BE | 104.90.25.175:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | electricdruid.net | udp |
| US | 8.8.8.8:53 | electricdruid.net | udp |
| US | 8.8.8.8:53 | liveruswiss.netlify.com | udp |
| US | 8.8.8.8:53 | liveruswiss.netlify.com | udp |
| US | 8.8.8.8:53 | assets.boomkat.com | udp |
| US | 8.8.8.8:53 | assets.boomkat.com | udp |
| PL | 93.184.223.214:443 | i.ebayimg.com | tcp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| DE | 35.156.224.161:443 | liveruswiss.netlify.com | tcp |
| FR | 52.222.201.83:443 | assets.boomkat.com | tcp |
| GB | 91.194.74.40:443 | electricdruid.net | tcp |
| RU | 178.248.233.188:80 | img1.1tv.ru | tcp |
| RU | 178.248.233.188:80 | img1.1tv.ru | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| SE | 184.31.15.35:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | 169.96.87.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.224.156.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.25.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.223.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.9.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.74.194.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.233.248.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.253.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.42.65.92:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 92.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| BE | 88.221.83.226:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 226.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| NL | 23.62.61.121:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 121.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.173.189.20.in-addr.arpa | udp |