Malware Analysis Report

2025-01-18 01:35

Sample ID 240613-jz2v9svakm
Target a48dac87802f2e4d7aca5b830b042377_JaffaCakes118
SHA256 f1bec1535c5c03afe5d30d7b3ce4bd65aa54e478c22525b217fd193ab16c9fea
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

f1bec1535c5c03afe5d30d7b3ce4bd65aa54e478c22525b217fd193ab16c9fea

Threat Level: No (potentially) malicious behavior was detected

The file a48dac87802f2e4d7aca5b830b042377_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 08:07

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 08:07

Reported

2024-06-13 08:09

Platform

win7-20231129-en

Max time kernel

146s

Max time network

139s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a48dac87802f2e4d7aca5b830b042377_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "233" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006440b42a5bf99e4e84f0f94a099ba4260000000002000000000010660000000100002000000071c35c5b1c95e083f627997c2cc0ba49f43a68e9d980736b403afc7dca3ca925000000000e80000000020000200000007c6429bff70f4877320777a3a02470f4f22abd496dd6e215ff8935e495db2ead200000004ffaf03071ec36acc6f7111081e63f9e801fbad4b832f30301db4f3592642b0440000000ccaee4316df7af4166d2b6332e1e74a8d0e8d52a9ddce349606bbde5296728d0375dd41a2584f793640a699c7127a798e025e62d0d97951db3cb543dd29403e6 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "331" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006440b42a5bf99e4e84f0f94a099ba4260000000002000000000010660000000100002000000004141f2a23a40155b38a86110dd21e6c7b5fac316887766782b09d50803f9cbd000000000e800000000200002000000029a0b956ccf13277835c00a1d4797b5b3638d76642047bd1344060a3facca9549000000028e2619ffb8871ab4b8c2e1f57e7eb5b66f457280ffc1e275de971ebadb9e2994f9759734a3df708d12afb0ea1a0a3e04f22888b6c2f90f396beaa44e2566a80fc33083b948a03dfd0a06894b263328899b49fded06c132f5f859143b0210f456ba68f3c15e1ebfc2fcbd5c180913ab9ad5a04f6bacfd6871ce65f1a44d3e150ff8fc47d45f89dcd888c7d0ef0a3602240000000c0498d2e6a41c18259d659229fb87becfb02c05a55b01c783a655b5f1d181d57081561ec5f39bca9f4c217dc9b7d634823e388a97d2e88da6adc6e0bbcc95312 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "331" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424427901" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 80c3720a69bdda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "325" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "331" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "233" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "233" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "325" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F0F71C81-295B-11EF-8857-46361BFF2467} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "325" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a48dac87802f2e4d7aca5b830b042377_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2900 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.dheya.org udp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 api1.websuccess-data.com udp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
US 104.26.0.65:443 api1.websuccess-data.com tcp
US 104.26.0.65:443 api1.websuccess-data.com tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.153:80 apps.identrust.com tcp
NL 23.63.101.153:80 apps.identrust.com tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
GB 172.217.169.46:443 www.youtube.com tcp
US 162.214.80.88:80 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 8.8.8.8:53 x2.c.lencr.org udp
US 8.8.8.8:53 x2.c.lencr.org udp
BE 23.55.97.11:80 x2.c.lencr.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.10:443 jnn-pa.googleapis.com tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 216.58.212.246:443 i.ytimg.com tcp
GB 216.58.212.246:443 i.ytimg.com tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 8.8.8.8:53 fe0.google.com udp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
NL 23.62.61.160:80 www.bing.com tcp
NL 23.62.61.160:80 www.bing.com tcp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp

Files

C:\Users\Admin\AppData\Local\Temp\CabDC6.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar103B.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 85d551d9f954447d768664254fb01d80
SHA1 3f49d66c0b19089d8df3357afd468cf7cac9e868
SHA256 7a4dffff3a5086ac23bd3b88b5e923775d6d8b70cf195ec400c9d7ec1f541f25
SHA512 9d5a1c1992edca277c8b209827b1712117793caf9fb6f563a786222188ee87598175d7d4135844a0b513df412b3157e4fd68e674fa3ab5b33f2f76c2b077758f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 c8ad279b9765c08d0b30c090e61bba13
SHA1 ca0fc50e35adea37f94ca7b24f6003af89d3d3ce
SHA256 a8cb7dc16600d9fcda991fd6610f352c4761bed69c3706106ed2313aa0ac719b
SHA512 59aaf789d4da804e15c277d20a2eb42510d76b39b48819dee3653a32874d68955a27f91197fa5449962df55bce9b67ae6195de54104bd4e59216860ea2982d52

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a9ffdade9a29bc4027919ccde8b0646b
SHA1 417bf91c1aee6aab991fb6f261d26bc7ba81feb4
SHA256 6d898f5db6febb619300c469c3b251ce1b4c2e1a237d8dc9d15ae33084c9fb6f
SHA512 dca2798c56dea3f6cab6c435f582480bdbe56baa971129439525810062363a711df52cc2b7f3bb7ac45f4d9dae37c2209d53c626fc1180d71260383b3fe46eaf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5165d3901a258c299367049e6b00fb4a
SHA1 191afd1f523ca7ef8abd06777cefa0b4353f024a
SHA256 92c44d7349ba43868a51e86c2e7f54ee899588ce2f7ecba266e23fd72829de88
SHA512 0af52515d233250c03de12b89ffeef39ad275c8040e89c587ec34dff1613dc4deaff58abc657f556f43d11ddf9a2e4391756fdc00dcb79a5f8aefbf0c390bf69

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 494ed63042eba868182298485d270c9a
SHA1 617aa21230910e4351fe63e8bb338f485f6e3c82
SHA256 f7dd74cf6134609cd7d7b1f0b2bd2909fbb04d88dd85801c5fa98c14d8d74c47
SHA512 5f5c378fd3ee00b845a9c437a970b8198fe5b28057e41bc5f2c7fe22f6409620a85d61520a0d6f1a2191408fc7a42f25c9d32538c965efa865290d6db883849f

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\JPP8A3XG\www.youtube[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\JPP8A3XG\www.youtube[1].xml

MD5 da3b6454809e47b1bc1e9a0407ca3555
SHA1 f9f2089fc326f8b673037f316a02ae57584d5142
SHA256 1f72c806309431eed8174fef55a279100bea889c1fc0809a426c46a0036e6677
SHA512 034da36c745820c345bfd3f7e1d87243d840882e245be275fcd55c1555b5d5e63c77533b8faac14a7d2c944d0e99534fb0371abc32fcb1136109991fe855c4b5

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\JPP8A3XG\www.youtube[1].xml

MD5 1246a2f9f2d4155846ec56b4ed3674e5
SHA1 c8b351c010a6fd3060f6c9aa34ee815e7d1ec2a1
SHA256 a428499f71c4f584eb5300a83405f1c8cfdcea5c7c3dbe77bafe0481ff65a7a7
SHA512 40d84639f3cb6773be80375fd8eca5eaa0785e376acca22092a6cf1f2e8152cd4c27cec06bca728671d3317b900144191a1a9dcf6a37fa76217582d60c94b85a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 204df30d0d9064755d42402f97714455
SHA1 ce18225ab8b5b6409c70b4409224335e3d9b8188
SHA256 aba5eb9ae77649ef35705e610cd94d6362f4dd12227bd5293d16fa39d52f5dfe
SHA512 5fbb6baabeac604dbe1506a35213287c114ae0268a34e458be19a0ed66a24a0f8ca5f1b3bf7195fc9a667017b8412cb8386839d6c914c455cea6283de58ff7fc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8f612f5eeb83458795636c473276edb1
SHA1 9986a4388ed3030275590b5b77cd0f8f31dedae2
SHA256 5d0a782b99e8eab8f9cc4fa34deada7b50285af0efe99e2ffe081d99baf28069
SHA512 04aebf56123f24ff221d6d34573b473df0efdec9047596634939b78e6afa050d3f30119fc020d10287fb2cb3668e085f2844ff874b59179b222eed3c8b4f1870

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 61c138c11bbb335aa84aeb9f342c2937
SHA1 fa6ea8e49551b2bfe23e8c87c7182350620a8c2e
SHA256 b4f4293ab3f0f528c4cc1c6707eeba5c27411d9a75e98b419597c3a04d45a26d
SHA512 1fcb734ba44c39d24ff534e42bce8c351d5c78d9361c0d978556a47ca58abc47a612920e4ed2007642ae1bc284a200aba644db57be4d6d583625b9c4381a1f67

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d4a7dfd5345d687b513a7eb38f15bd1b
SHA1 198e2079459b3a2c30b4a0947c702559f7fd2fb3
SHA256 3c9b16108ab544fd0b31a1fb7494770662ee44da00c7f0569d29a7749ae9494e
SHA512 55a120cc838662f61a10423f70e356b84cc54371b9cecdb8ca0cc189782bde43c9acacecbd2770f8225193429fd6d49a4f577e5bc5c4252a25c09652f031f8a2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1fc4d50cd9a38883fda0701ea6e21d79
SHA1 4cfc0051365bb2c3c505f75a51f4fd1dd50d11e6
SHA256 fd85ab14c5054094fa30d84b0a2407e11a3d08f145cc2dc8788a2a1a24e8ab80
SHA512 16ac06f89ac2d6c27d3fd45baed27f6389cdce67e9ce957fdc93c740296cc0d830e71a38939e6f4341e4286b47684df245a4b3643114111c079dedddd6616d22

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d7e2f85478a331875e4f34a1e911ff70
SHA1 4fb3f7caec80ff7a10a1c43295008c42b7e90abc
SHA256 83c865a9203b759295b1802e5a24a6fd21084629f315c771d47450ab2092fb04
SHA512 7f3a7610658e7bf21d3072fab27c04103b22d623d08b0bdcc05ef7af0a201321e2e44bac9367ad373b9432ecb4fc956d5c23ac4fd5594d196465e01d5f72ebf6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0b8af27a5119501266b5d5a4d766704d
SHA1 54cac958f47de8d4f228093234d81ae332c637e1
SHA256 5bef469fbc4b38fb5a9e594fc199c83688f3d3bc2168116842f8659d49923618
SHA512 f73a43d037b896b5b1612c5cc783e2be7c686b85ef6357296c6514ffd1ed5b514ee846fdf3d10ea4b7a98b3f340bf0126a2e8d09fc1161fc7ba6c22df3155198

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 f0cf68982ba9e23105c4115a021fdd4c
SHA1 4b935c15e224bcf3ed31f6d7c560505bbf496e57
SHA256 8e937b47c03858b88affff1c2c8c4333cfcc44b5dd7d9073933ee3c752153bf3
SHA512 b39b0af012a516428ab8b075e29246efb7efa252b639827a261ebf1872488ee88045804e103259826be824c62c2c861b6645da44cd08313cbae8695435effa91

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d08907d5fbb9903f5bf31b54731e7686
SHA1 7f2c114d2fa94d1bfd1d4666f748c2fff13489e3
SHA256 1fbf9dc00647e59e3b72f4b30af759dc30e6e207f3ceab1d9b34122c043732d9
SHA512 f70e1fee7b01d6a318cac9449c308dc790d5d532cc180b5d0ef7a1d374e01485100ae0285f85d5a151d64aa043017604f6e8358066b238ac4f6184bc32e0a9fe

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0ea96ee189d504f949f3aac4f2574d68
SHA1 936c683ef3a0a4c361c1afb86a214cd638fabd79
SHA256 26d67afc50739cb0caddf7ef1d2393a1b90b97d73377d5821d148d7e764c4361
SHA512 606717a3317014cd0394450e03a99e40da43a2e0c1f83a0e1924fbce1b73d95d1c0cd54353380122ba9277d64d9a20f053bd22a64be13bdfcd795c7e23cea398

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cffc28a20f3266c6c88fec4d321550da
SHA1 13103ec1c5f9d5da257bd2035cfc498119e3ec7b
SHA256 adf6d2e9c3bcf06c8a2f73df572bafaf84fb72a79bb7507cc6e148bcb401972a
SHA512 f022e0ee5c23927363e0105c6a4763055272caf6135276f9925d3cc22991ce20ed7c9b21939e843e331a87e992dc7126adde4464d6368e09c16c0e79f958d1a4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 86293f9cebd44cbce0021fc3b9f83e77
SHA1 ae7813788b6487bec120403ebbeff55d73d52f2f
SHA256 89d0f193fbde300df5a1a4127d8c0f28c7227620849e11ba38e397df92cc4282
SHA512 e944c23f8eaa91b47f9d9ea37671379fb18ea1421b3cc31d4d9afb360025b388815c215bf7fdb6df1f76d981989de7a811b7a8b1da3ec55350d2bb927caa4f19

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 21a2de57aa1552f1a5d0fbae389c3434
SHA1 8c4042f00c6498cbee6741a9fe6d855752bcb7bb
SHA256 06af6d807cf13b0fcd113d3fd531c3692da21826e7853520efd9b484c49ccd16
SHA512 a92f0da46ae20e34bcc7b8768a5d8937081d7ebf1c38f6b1928cac474d5ce63c3ae5c4c02d71f548721985f8b80a3e37cbf092ebb7eb2ce04f78c9d0eca39c91

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b61bfd9625d12a3d119b37689ac11677
SHA1 52a1399854eb2c37a168b6c37fa0d08cdbd25621
SHA256 f6ac987d8b73cdf1297b8c520612d2dfff1dd2a745d7d1f2c2e2294a13e7cd3b
SHA512 044e998b7e4369e23fc1763384336fa589f41138881ac7817a78dede9a32691a8696f0c45a7e9559137a456a9744f22bf61b7d04fa1ec70668e7044a5b3ef65d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 462df5f230516796a043d69f9cf8fe90
SHA1 45e7e6c4cecf2134825f377c2e62245dfd5c18da
SHA256 655d9da27e8be77392b5e546f044d8874fae4d702f1ca9ebc67acba901b446c5
SHA512 4fba9efffcf210be75fcb9fc73c815f6b2664360e174018110ebe563d1adf0298f3665d20c5e15b5a031d80aae571a37bde2d2e27b3d94e90b749285e2b76a2d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6e1bc55f051774d76cdf7083a3c1f40e
SHA1 837fb307cf3e028cff55e3701ca9aad23e3603bc
SHA256 22d43d75167670dc96865c24db3c365a7a20645e7d0e67e5babd91a213360fdc
SHA512 7034bde7501f7c1e72ccb6900bcbbe3d970a35eb822b0f7cbeeb58c7f098746ee9695046c2b7596e4bda47cd159aef5499b737369e4879945568915f4713f9cb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6002baab52fc850039650f015cebb374
SHA1 25e8a9fac345b8c1015fce5208406b6de3273457
SHA256 94b3e010fe50212e7501fa1921900bad57a604b3ec85d5534c0b4aee27b71e01
SHA512 cdc57e164f10bf153ae99b5e9e9a831935db17f47476e34025cda4f088fb472b473d344e28c1fe83f6b36964b43924f8e056e66bec2c53d8f6b9712902796601

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3e22b2ea28213e4644dc8f864e83741e
SHA1 41647366a3fd7135df009185433e87bbe579671f
SHA256 c7eead1febbc9e1494ea87670de22ebc9a8e1ef37766144740ba41bf454fb23a
SHA512 5e676a2044311d2e5ce6f318d66f95d78c4e72b80025c5ffc0b1bf2954e45bb240aaac2b3a9b0729b93d9e858a77919c33d9046e23a038b425d124474ab4b5b2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 45f96cc201dd28d3490c958a4230594d
SHA1 32dac9c3387eb5bec6d8f5527f3b244da0fa78b4
SHA256 0cb494245afb53968a99383a96b6e3d4ed9d9662a31dcc54db025a00f656d3cb
SHA512 66d427081db8044d1d3286f0687e71c8a1ca3fb47e9f8efff264ff93acca35b72e977bbca8e1525d868ec686f6674973fb999863e6094098117b836c21f76707

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 43fe181e57b763094e84a3da28f6680c
SHA1 f21440d1dac53c93ff62e5135b5f0bde252274a5
SHA256 ef772f1097b5a8ad18bca9152c7cef395915e66b6c2b37a4d0cc1fb5143134cd
SHA512 1791a13c75f5c77712416ba70f50c7be82094993fcc2cdbfb37775871d91e84185dd9e20a8f768fbdd93e5d81daadf792097a7b74ce7e886d8b650e7f3f1ee4a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c58c20a47019ba3f0d9a3876edd9c4b1
SHA1 4f1392ad168dfa5d082eed232377eb9ff26b7425
SHA256 723a4e4de4d778fd4a85eaa0cee9cf2e13eff6386e8d114d19d8c89d055aedfa
SHA512 22e54db2051d5b1d15e4e73501a02f8e35e691db6c0693b86982bd7b586fbe13f8ffd15f99efd84d33a61af4ae777322aff99b41e1fee803b87e2562aad9a240

C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

MD5 da597791be3b6e732f0bc8b20e38ee62
SHA1 1125c45d285c360542027d7554a5c442288974de
SHA256 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
SHA512 d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 08:07

Reported

2024-06-13 08:09

Platform

win10v2004-20240611-en

Max time kernel

148s

Max time network

150s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a48dac87802f2e4d7aca5b830b042377_JaffaCakes118.html

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4576 wrote to memory of 4588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4576 wrote to memory of 4424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a48dac87802f2e4d7aca5b830b042377_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7ffb325c46f8,0x7ffb325c4708,0x7ffb325c4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2936 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.dheya.org udp
US 8.8.8.8:53 s.w.org udp
US 162.214.80.88:445 www.dheya.org tcp
US 8.8.8.8:53 www.dheya.org udp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 162.214.80.88:443 www.dheya.org tcp
US 8.8.8.8:53 16.43.107.13.in-addr.arpa udp
US 8.8.8.8:53 19.53.126.40.in-addr.arpa udp
US 8.8.8.8:53 88.80.214.162.in-addr.arpa udp
US 8.8.8.8:53 144.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
NL 23.62.61.121:443 www.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 121.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 162.214.80.88:80 www.dheya.org tcp
GB 172.217.169.78:443 www.youtube.com tcp
US 8.8.8.8:53 api1.websuccess-data.com udp
US 172.67.72.116:443 api1.websuccess-data.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.153:80 apps.identrust.com tcp
US 162.214.80.88:80 www.dheya.org tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.78:443 www.youtube.com udp
GB 142.250.200.22:443 i.ytimg.com tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 116.72.67.172.in-addr.arpa udp
US 8.8.8.8:53 153.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 22.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 7ixtke6ehh.execute-api.us-east-1.amazonaws.com udp
FR 18.164.52.40:443 7ixtke6ehh.execute-api.us-east-1.amazonaws.com tcp
US 8.8.8.8:53 40.52.164.18.in-addr.arpa udp
US 8.8.8.8:53 17.201.222.52.in-addr.arpa udp
US 162.214.80.88:443 www.dheya.org tcp
GB 142.250.200.22:443 i.ytimg.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.173.189.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b4a74bc775caf3de7fc9cde3c30ce482
SHA1 c6ed3161390e5493f71182a6cb98d51c9063775d
SHA256 dfad4e020a946f85523604816a0a9781091ee4669c870db2cabab027f8b6f280
SHA512 55578e254444a645f455ea38480c9e02599ebf9522c32aca50ff37aad33976db30e663d35ebe31ff0ecafb4007362261716f756b3a0d67ac3937ca62ff10e25f

\??\pipe\LOCAL\crashpad_4576_XALSXPPVRCZCDKES

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 c5abc082d9d9307e797b7e89a2f755f4
SHA1 54c442690a8727f1d3453b6452198d3ec4ec13df
SHA256 a055d69c6aba59e97e632d118b7960a5fdfbe35cfdfaa0de14f194fc6f874716
SHA512 ad765cddbf89472988de5356db5e0ee254ca3475491c6034fba1897c373702ab7cfa4bd21662ab862eebb48a757c3eb86b1f8ed58629751f71863822a59cd26c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 54027edcc570689c77083e2891421dda
SHA1 81c9f89dc293e214c90ca26ddaf8daab6394f7f8
SHA256 6c061e1d33b960008f7379499060273b06ab3dab2baa5495d4a194f1d6af1c22
SHA512 5573e578410769260cd9b79f847d4022cddf69a9607e9e65aacdd9f6d3e78417c45a0957ca1c23b9e69549679df7fe50bff7d6ed56e3cf75dcd103115f28762b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d26f1b1f62ab0be9fc44f848274e9b1d
SHA1 2a8dd86ceb8b4cdb84fc39a15fee254031d7297b
SHA256 05cdfbfa072c1aee5611117329d07b2055542e3421b1ad7088b5dd11583eef01
SHA512 858281d8e92050b1dd445de89d62987fb5a2bc8d63121e82d6354282461d3e9546a467d78eff43ef2aeea9f43997fd96c83ede87027f0193b034f6209f9273e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9817dcecc92b65c9aa61544c9de85a91
SHA1 692ccb4d234074d17045d67ab1fd94633907ec73
SHA256 606d5203ff88606fc410e100fb186c7fe4b4581ea62e9b40560ef952f1bf209a
SHA512 e73ae4e032130a61f71a4fcd5cbc1d914b1dfeac8aa462d9e4387de997094292a3cce5210c09838a21f6e786c9c4e3ad1b560af97b065e509839d75a18378c58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 807419ca9a4734feaf8d8563a003b048
SHA1 a723c7d60a65886ffa068711f1e900ccc85922a6
SHA256 aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631
SHA512 f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 91b8289d5f496d9f0620ee6d85d93e0c
SHA1 0b63393bd89f14b11add6e803bb8a4ea53f5fb5e
SHA256 beaf41a4d72aa62e63534da0aa7b3ac7436d6217fe029d8b1e1b40e1e0266558
SHA512 3d3f452584cf320b9639ccd6785869a32141b8511c53170957d6844e9355fb971ed27c61d14e9d06ed441a86e8d33ed7e6c036401c9c837d570b8de0195956aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 793412cbd07be9ebe156d08d191efa55
SHA1 d78edc75c539ddcf2a12ffa9925b5d075119ae32
SHA256 29045374f28124fc1f50482562207db610cb4b4976ca3a83bc9869396b8a3328
SHA512 46dcb064e1211d88a57fea378b43360f05acf24fa2aa8bb51e7423176b3c9174d1c26219475ea7fb479f85b0e5ccd6a979282d6e9682da77c5bdc21bc54bf256

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d793.TMP

MD5 8c86e6c37ef34856f4b4ee0159b64f74
SHA1 6d66eb834089700205774daa628f15d4a06b432a
SHA256 2167ff20f9e9c8826a580fda290e4db7b5302cbf07e0c4db5f73cb8181b2db16
SHA512 c666b065c94ed60f45543a9a02eaa3f028e158d31492c07e9661b0db5f6f9bf2d237d46c124ae4db8d749594aaee6fd743899607d3b1ac7280c3a7d3744d7ef1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0713315b933f97e23e4387c229ad9cac
SHA1 daa4bf47b361c4f85846e52477c9a60268f0d78c
SHA256 e5555a482edb15a4f1ead804b91c60c1e9b89c43d7de4fa8e6258195d7ef42bc
SHA512 7d32ec05e744d6826d50d42260ffbf883dfd28652a7671cb2f4b5eb7a0d6e59a27e74906519d5b9ba3809ca00cd6bb2e5b37c3fd0efc70019ba0530b73f86213

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 7e03b155adb2984eb08f9ecafdd787a5
SHA1 2d3fcb770c459a3cf197d32891ec054f65121790
SHA256 cf33f481b0551aa93dc653f7eadc3388a19080538fed861e32e1e870338c7dcf
SHA512 f3bb9bdd7169403decd2180008971c38f10dc73819ef21c8e6eab4fbf395782f080f8f639938b5148af10f8db9c94a37a418214151f9f175a5c2f5258926e05a