Analysis Overview
SHA256
f1bec1535c5c03afe5d30d7b3ce4bd65aa54e478c22525b217fd193ab16c9fea
Threat Level: No (potentially) malicious behavior was detected
The file a48dac87802f2e4d7aca5b830b042377_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 08:07
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 08:07
Reported
2024-06-13 08:09
Platform
win7-20231129-en
Max time kernel
146s
Max time network
139s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006440b42a5bf99e4e84f0f94a099ba4260000000002000000000010660000000100002000000071c35c5b1c95e083f627997c2cc0ba49f43a68e9d980736b403afc7dca3ca925000000000e80000000020000200000007c6429bff70f4877320777a3a02470f4f22abd496dd6e215ff8935e495db2ead200000004ffaf03071ec36acc6f7111081e63f9e801fbad4b832f30301db4f3592642b0440000000ccaee4316df7af4166d2b6332e1e74a8d0e8d52a9ddce349606bbde5296728d0375dd41a2584f793640a699c7127a798e025e62d0d97951db3cb543dd29403e6 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006440b42a5bf99e4e84f0f94a099ba4260000000002000000000010660000000100002000000004141f2a23a40155b38a86110dd21e6c7b5fac316887766782b09d50803f9cbd000000000e800000000200002000000029a0b956ccf13277835c00a1d4797b5b3638d76642047bd1344060a3facca9549000000028e2619ffb8871ab4b8c2e1f57e7eb5b66f457280ffc1e275de971ebadb9e2994f9759734a3df708d12afb0ea1a0a3e04f22888b6c2f90f396beaa44e2566a80fc33083b948a03dfd0a06894b263328899b49fded06c132f5f859143b0210f456ba68f3c15e1ebfc2fcbd5c180913ab9ad5a04f6bacfd6871ce65f1a44d3e150ff8fc47d45f89dcd888c7d0ef0a3602240000000c0498d2e6a41c18259d659229fb87becfb02c05a55b01c783a655b5f1d181d57081561ec5f39bca9f4c217dc9b7d634823e388a97d2e88da6adc6e0bbcc95312 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424427901" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 80c3720a69bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{F0F71C81-295B-11EF-8857-46361BFF2467} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2900 wrote to memory of 3012 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2900 wrote to memory of 3012 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2900 wrote to memory of 3012 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2900 wrote to memory of 3012 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a48dac87802f2e4d7aca5b830b042377_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2900 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.dheya.org | udp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | api1.websuccess-data.com | udp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| US | 104.26.0.65:443 | api1.websuccess-data.com | tcp |
| US | 104.26.0.65:443 | api1.websuccess-data.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| US | 162.214.80.88:80 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| NL | 23.62.61.160:80 | www.bing.com | tcp |
| NL | 23.62.61.160:80 | www.bing.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\CabDC6.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar103B.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 85d551d9f954447d768664254fb01d80 |
| SHA1 | 3f49d66c0b19089d8df3357afd468cf7cac9e868 |
| SHA256 | 7a4dffff3a5086ac23bd3b88b5e923775d6d8b70cf195ec400c9d7ec1f541f25 |
| SHA512 | 9d5a1c1992edca277c8b209827b1712117793caf9fb6f563a786222188ee87598175d7d4135844a0b513df412b3157e4fd68e674fa3ab5b33f2f76c2b077758f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | c8ad279b9765c08d0b30c090e61bba13 |
| SHA1 | ca0fc50e35adea37f94ca7b24f6003af89d3d3ce |
| SHA256 | a8cb7dc16600d9fcda991fd6610f352c4761bed69c3706106ed2313aa0ac719b |
| SHA512 | 59aaf789d4da804e15c277d20a2eb42510d76b39b48819dee3653a32874d68955a27f91197fa5449962df55bce9b67ae6195de54104bd4e59216860ea2982d52 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a9ffdade9a29bc4027919ccde8b0646b |
| SHA1 | 417bf91c1aee6aab991fb6f261d26bc7ba81feb4 |
| SHA256 | 6d898f5db6febb619300c469c3b251ce1b4c2e1a237d8dc9d15ae33084c9fb6f |
| SHA512 | dca2798c56dea3f6cab6c435f582480bdbe56baa971129439525810062363a711df52cc2b7f3bb7ac45f4d9dae37c2209d53c626fc1180d71260383b3fe46eaf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5165d3901a258c299367049e6b00fb4a |
| SHA1 | 191afd1f523ca7ef8abd06777cefa0b4353f024a |
| SHA256 | 92c44d7349ba43868a51e86c2e7f54ee899588ce2f7ecba266e23fd72829de88 |
| SHA512 | 0af52515d233250c03de12b89ffeef39ad275c8040e89c587ec34dff1613dc4deaff58abc657f556f43d11ddf9a2e4391756fdc00dcb79a5f8aefbf0c390bf69 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 494ed63042eba868182298485d270c9a |
| SHA1 | 617aa21230910e4351fe63e8bb338f485f6e3c82 |
| SHA256 | f7dd74cf6134609cd7d7b1f0b2bd2909fbb04d88dd85801c5fa98c14d8d74c47 |
| SHA512 | 5f5c378fd3ee00b845a9c437a970b8198fe5b28057e41bc5f2c7fe22f6409620a85d61520a0d6f1a2191408fc7a42f25c9d32538c965efa865290d6db883849f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\JPP8A3XG\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\JPP8A3XG\www.youtube[1].xml
| MD5 | da3b6454809e47b1bc1e9a0407ca3555 |
| SHA1 | f9f2089fc326f8b673037f316a02ae57584d5142 |
| SHA256 | 1f72c806309431eed8174fef55a279100bea889c1fc0809a426c46a0036e6677 |
| SHA512 | 034da36c745820c345bfd3f7e1d87243d840882e245be275fcd55c1555b5d5e63c77533b8faac14a7d2c944d0e99534fb0371abc32fcb1136109991fe855c4b5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\JPP8A3XG\www.youtube[1].xml
| MD5 | 1246a2f9f2d4155846ec56b4ed3674e5 |
| SHA1 | c8b351c010a6fd3060f6c9aa34ee815e7d1ec2a1 |
| SHA256 | a428499f71c4f584eb5300a83405f1c8cfdcea5c7c3dbe77bafe0481ff65a7a7 |
| SHA512 | 40d84639f3cb6773be80375fd8eca5eaa0785e376acca22092a6cf1f2e8152cd4c27cec06bca728671d3317b900144191a1a9dcf6a37fa76217582d60c94b85a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 204df30d0d9064755d42402f97714455 |
| SHA1 | ce18225ab8b5b6409c70b4409224335e3d9b8188 |
| SHA256 | aba5eb9ae77649ef35705e610cd94d6362f4dd12227bd5293d16fa39d52f5dfe |
| SHA512 | 5fbb6baabeac604dbe1506a35213287c114ae0268a34e458be19a0ed66a24a0f8ca5f1b3bf7195fc9a667017b8412cb8386839d6c914c455cea6283de58ff7fc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8f612f5eeb83458795636c473276edb1 |
| SHA1 | 9986a4388ed3030275590b5b77cd0f8f31dedae2 |
| SHA256 | 5d0a782b99e8eab8f9cc4fa34deada7b50285af0efe99e2ffe081d99baf28069 |
| SHA512 | 04aebf56123f24ff221d6d34573b473df0efdec9047596634939b78e6afa050d3f30119fc020d10287fb2cb3668e085f2844ff874b59179b222eed3c8b4f1870 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 61c138c11bbb335aa84aeb9f342c2937 |
| SHA1 | fa6ea8e49551b2bfe23e8c87c7182350620a8c2e |
| SHA256 | b4f4293ab3f0f528c4cc1c6707eeba5c27411d9a75e98b419597c3a04d45a26d |
| SHA512 | 1fcb734ba44c39d24ff534e42bce8c351d5c78d9361c0d978556a47ca58abc47a612920e4ed2007642ae1bc284a200aba644db57be4d6d583625b9c4381a1f67 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d4a7dfd5345d687b513a7eb38f15bd1b |
| SHA1 | 198e2079459b3a2c30b4a0947c702559f7fd2fb3 |
| SHA256 | 3c9b16108ab544fd0b31a1fb7494770662ee44da00c7f0569d29a7749ae9494e |
| SHA512 | 55a120cc838662f61a10423f70e356b84cc54371b9cecdb8ca0cc189782bde43c9acacecbd2770f8225193429fd6d49a4f577e5bc5c4252a25c09652f031f8a2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1fc4d50cd9a38883fda0701ea6e21d79 |
| SHA1 | 4cfc0051365bb2c3c505f75a51f4fd1dd50d11e6 |
| SHA256 | fd85ab14c5054094fa30d84b0a2407e11a3d08f145cc2dc8788a2a1a24e8ab80 |
| SHA512 | 16ac06f89ac2d6c27d3fd45baed27f6389cdce67e9ce957fdc93c740296cc0d830e71a38939e6f4341e4286b47684df245a4b3643114111c079dedddd6616d22 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d7e2f85478a331875e4f34a1e911ff70 |
| SHA1 | 4fb3f7caec80ff7a10a1c43295008c42b7e90abc |
| SHA256 | 83c865a9203b759295b1802e5a24a6fd21084629f315c771d47450ab2092fb04 |
| SHA512 | 7f3a7610658e7bf21d3072fab27c04103b22d623d08b0bdcc05ef7af0a201321e2e44bac9367ad373b9432ecb4fc956d5c23ac4fd5594d196465e01d5f72ebf6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0b8af27a5119501266b5d5a4d766704d |
| SHA1 | 54cac958f47de8d4f228093234d81ae332c637e1 |
| SHA256 | 5bef469fbc4b38fb5a9e594fc199c83688f3d3bc2168116842f8659d49923618 |
| SHA512 | f73a43d037b896b5b1612c5cc783e2be7c686b85ef6357296c6514ffd1ed5b514ee846fdf3d10ea4b7a98b3f340bf0126a2e8d09fc1161fc7ba6c22df3155198 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | f0cf68982ba9e23105c4115a021fdd4c |
| SHA1 | 4b935c15e224bcf3ed31f6d7c560505bbf496e57 |
| SHA256 | 8e937b47c03858b88affff1c2c8c4333cfcc44b5dd7d9073933ee3c752153bf3 |
| SHA512 | b39b0af012a516428ab8b075e29246efb7efa252b639827a261ebf1872488ee88045804e103259826be824c62c2c861b6645da44cd08313cbae8695435effa91 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d08907d5fbb9903f5bf31b54731e7686 |
| SHA1 | 7f2c114d2fa94d1bfd1d4666f748c2fff13489e3 |
| SHA256 | 1fbf9dc00647e59e3b72f4b30af759dc30e6e207f3ceab1d9b34122c043732d9 |
| SHA512 | f70e1fee7b01d6a318cac9449c308dc790d5d532cc180b5d0ef7a1d374e01485100ae0285f85d5a151d64aa043017604f6e8358066b238ac4f6184bc32e0a9fe |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0ea96ee189d504f949f3aac4f2574d68 |
| SHA1 | 936c683ef3a0a4c361c1afb86a214cd638fabd79 |
| SHA256 | 26d67afc50739cb0caddf7ef1d2393a1b90b97d73377d5821d148d7e764c4361 |
| SHA512 | 606717a3317014cd0394450e03a99e40da43a2e0c1f83a0e1924fbce1b73d95d1c0cd54353380122ba9277d64d9a20f053bd22a64be13bdfcd795c7e23cea398 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cffc28a20f3266c6c88fec4d321550da |
| SHA1 | 13103ec1c5f9d5da257bd2035cfc498119e3ec7b |
| SHA256 | adf6d2e9c3bcf06c8a2f73df572bafaf84fb72a79bb7507cc6e148bcb401972a |
| SHA512 | f022e0ee5c23927363e0105c6a4763055272caf6135276f9925d3cc22991ce20ed7c9b21939e843e331a87e992dc7126adde4464d6368e09c16c0e79f958d1a4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 86293f9cebd44cbce0021fc3b9f83e77 |
| SHA1 | ae7813788b6487bec120403ebbeff55d73d52f2f |
| SHA256 | 89d0f193fbde300df5a1a4127d8c0f28c7227620849e11ba38e397df92cc4282 |
| SHA512 | e944c23f8eaa91b47f9d9ea37671379fb18ea1421b3cc31d4d9afb360025b388815c215bf7fdb6df1f76d981989de7a811b7a8b1da3ec55350d2bb927caa4f19 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 21a2de57aa1552f1a5d0fbae389c3434 |
| SHA1 | 8c4042f00c6498cbee6741a9fe6d855752bcb7bb |
| SHA256 | 06af6d807cf13b0fcd113d3fd531c3692da21826e7853520efd9b484c49ccd16 |
| SHA512 | a92f0da46ae20e34bcc7b8768a5d8937081d7ebf1c38f6b1928cac474d5ce63c3ae5c4c02d71f548721985f8b80a3e37cbf092ebb7eb2ce04f78c9d0eca39c91 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b61bfd9625d12a3d119b37689ac11677 |
| SHA1 | 52a1399854eb2c37a168b6c37fa0d08cdbd25621 |
| SHA256 | f6ac987d8b73cdf1297b8c520612d2dfff1dd2a745d7d1f2c2e2294a13e7cd3b |
| SHA512 | 044e998b7e4369e23fc1763384336fa589f41138881ac7817a78dede9a32691a8696f0c45a7e9559137a456a9744f22bf61b7d04fa1ec70668e7044a5b3ef65d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 462df5f230516796a043d69f9cf8fe90 |
| SHA1 | 45e7e6c4cecf2134825f377c2e62245dfd5c18da |
| SHA256 | 655d9da27e8be77392b5e546f044d8874fae4d702f1ca9ebc67acba901b446c5 |
| SHA512 | 4fba9efffcf210be75fcb9fc73c815f6b2664360e174018110ebe563d1adf0298f3665d20c5e15b5a031d80aae571a37bde2d2e27b3d94e90b749285e2b76a2d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6e1bc55f051774d76cdf7083a3c1f40e |
| SHA1 | 837fb307cf3e028cff55e3701ca9aad23e3603bc |
| SHA256 | 22d43d75167670dc96865c24db3c365a7a20645e7d0e67e5babd91a213360fdc |
| SHA512 | 7034bde7501f7c1e72ccb6900bcbbe3d970a35eb822b0f7cbeeb58c7f098746ee9695046c2b7596e4bda47cd159aef5499b737369e4879945568915f4713f9cb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6002baab52fc850039650f015cebb374 |
| SHA1 | 25e8a9fac345b8c1015fce5208406b6de3273457 |
| SHA256 | 94b3e010fe50212e7501fa1921900bad57a604b3ec85d5534c0b4aee27b71e01 |
| SHA512 | cdc57e164f10bf153ae99b5e9e9a831935db17f47476e34025cda4f088fb472b473d344e28c1fe83f6b36964b43924f8e056e66bec2c53d8f6b9712902796601 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3e22b2ea28213e4644dc8f864e83741e |
| SHA1 | 41647366a3fd7135df009185433e87bbe579671f |
| SHA256 | c7eead1febbc9e1494ea87670de22ebc9a8e1ef37766144740ba41bf454fb23a |
| SHA512 | 5e676a2044311d2e5ce6f318d66f95d78c4e72b80025c5ffc0b1bf2954e45bb240aaac2b3a9b0729b93d9e858a77919c33d9046e23a038b425d124474ab4b5b2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 45f96cc201dd28d3490c958a4230594d |
| SHA1 | 32dac9c3387eb5bec6d8f5527f3b244da0fa78b4 |
| SHA256 | 0cb494245afb53968a99383a96b6e3d4ed9d9662a31dcc54db025a00f656d3cb |
| SHA512 | 66d427081db8044d1d3286f0687e71c8a1ca3fb47e9f8efff264ff93acca35b72e977bbca8e1525d868ec686f6674973fb999863e6094098117b836c21f76707 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 43fe181e57b763094e84a3da28f6680c |
| SHA1 | f21440d1dac53c93ff62e5135b5f0bde252274a5 |
| SHA256 | ef772f1097b5a8ad18bca9152c7cef395915e66b6c2b37a4d0cc1fb5143134cd |
| SHA512 | 1791a13c75f5c77712416ba70f50c7be82094993fcc2cdbfb37775871d91e84185dd9e20a8f768fbdd93e5d81daadf792097a7b74ce7e886d8b650e7f3f1ee4a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c58c20a47019ba3f0d9a3876edd9c4b1 |
| SHA1 | 4f1392ad168dfa5d082eed232377eb9ff26b7425 |
| SHA256 | 723a4e4de4d778fd4a85eaa0cee9cf2e13eff6386e8d114d19d8c89d055aedfa |
| SHA512 | 22e54db2051d5b1d15e4e73501a02f8e35e691db6c0693b86982bd7b586fbe13f8ffd15f99efd84d33a61af4ae777322aff99b41e1fee803b87e2562aad9a240 |
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 08:07
Reported
2024-06-13 08:09
Platform
win10v2004-20240611-en
Max time kernel
148s
Max time network
150s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a48dac87802f2e4d7aca5b830b042377_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7ffb325c46f8,0x7ffb325c4708,0x7ffb325c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,12786014305371194831,3094146132817127329,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2936 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.dheya.org | udp |
| US | 8.8.8.8:53 | s.w.org | udp |
| US | 162.214.80.88:445 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | www.dheya.org | udp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | 16.43.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.53.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.80.214.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| NL | 23.62.61.121:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.61.62.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 162.214.80.88:80 | www.dheya.org | tcp |
| GB | 172.217.169.78:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | api1.websuccess-data.com | udp |
| US | 172.67.72.116:443 | api1.websuccess-data.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| US | 162.214.80.88:80 | www.dheya.org | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.78:443 | www.youtube.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.72.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7ixtke6ehh.execute-api.us-east-1.amazonaws.com | udp |
| FR | 18.164.52.40:443 | 7ixtke6ehh.execute-api.us-east-1.amazonaws.com | tcp |
| US | 8.8.8.8:53 | 40.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.201.222.52.in-addr.arpa | udp |
| US | 162.214.80.88:443 | www.dheya.org | tcp |
| GB | 142.250.200.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.173.189.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b4a74bc775caf3de7fc9cde3c30ce482 |
| SHA1 | c6ed3161390e5493f71182a6cb98d51c9063775d |
| SHA256 | dfad4e020a946f85523604816a0a9781091ee4669c870db2cabab027f8b6f280 |
| SHA512 | 55578e254444a645f455ea38480c9e02599ebf9522c32aca50ff37aad33976db30e663d35ebe31ff0ecafb4007362261716f756b3a0d67ac3937ca62ff10e25f |
\??\pipe\LOCAL\crashpad_4576_XALSXPPVRCZCDKES
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c5abc082d9d9307e797b7e89a2f755f4 |
| SHA1 | 54c442690a8727f1d3453b6452198d3ec4ec13df |
| SHA256 | a055d69c6aba59e97e632d118b7960a5fdfbe35cfdfaa0de14f194fc6f874716 |
| SHA512 | ad765cddbf89472988de5356db5e0ee254ca3475491c6034fba1897c373702ab7cfa4bd21662ab862eebb48a757c3eb86b1f8ed58629751f71863822a59cd26c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 54027edcc570689c77083e2891421dda |
| SHA1 | 81c9f89dc293e214c90ca26ddaf8daab6394f7f8 |
| SHA256 | 6c061e1d33b960008f7379499060273b06ab3dab2baa5495d4a194f1d6af1c22 |
| SHA512 | 5573e578410769260cd9b79f847d4022cddf69a9607e9e65aacdd9f6d3e78417c45a0957ca1c23b9e69549679df7fe50bff7d6ed56e3cf75dcd103115f28762b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d26f1b1f62ab0be9fc44f848274e9b1d |
| SHA1 | 2a8dd86ceb8b4cdb84fc39a15fee254031d7297b |
| SHA256 | 05cdfbfa072c1aee5611117329d07b2055542e3421b1ad7088b5dd11583eef01 |
| SHA512 | 858281d8e92050b1dd445de89d62987fb5a2bc8d63121e82d6354282461d3e9546a467d78eff43ef2aeea9f43997fd96c83ede87027f0193b034f6209f9273e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9817dcecc92b65c9aa61544c9de85a91 |
| SHA1 | 692ccb4d234074d17045d67ab1fd94633907ec73 |
| SHA256 | 606d5203ff88606fc410e100fb186c7fe4b4581ea62e9b40560ef952f1bf209a |
| SHA512 | e73ae4e032130a61f71a4fcd5cbc1d914b1dfeac8aa462d9e4387de997094292a3cce5210c09838a21f6e786c9c4e3ad1b560af97b065e509839d75a18378c58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 807419ca9a4734feaf8d8563a003b048 |
| SHA1 | a723c7d60a65886ffa068711f1e900ccc85922a6 |
| SHA256 | aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631 |
| SHA512 | f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 91b8289d5f496d9f0620ee6d85d93e0c |
| SHA1 | 0b63393bd89f14b11add6e803bb8a4ea53f5fb5e |
| SHA256 | beaf41a4d72aa62e63534da0aa7b3ac7436d6217fe029d8b1e1b40e1e0266558 |
| SHA512 | 3d3f452584cf320b9639ccd6785869a32141b8511c53170957d6844e9355fb971ed27c61d14e9d06ed441a86e8d33ed7e6c036401c9c837d570b8de0195956aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 793412cbd07be9ebe156d08d191efa55 |
| SHA1 | d78edc75c539ddcf2a12ffa9925b5d075119ae32 |
| SHA256 | 29045374f28124fc1f50482562207db610cb4b4976ca3a83bc9869396b8a3328 |
| SHA512 | 46dcb064e1211d88a57fea378b43360f05acf24fa2aa8bb51e7423176b3c9174d1c26219475ea7fb479f85b0e5ccd6a979282d6e9682da77c5bdc21bc54bf256 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d793.TMP
| MD5 | 8c86e6c37ef34856f4b4ee0159b64f74 |
| SHA1 | 6d66eb834089700205774daa628f15d4a06b432a |
| SHA256 | 2167ff20f9e9c8826a580fda290e4db7b5302cbf07e0c4db5f73cb8181b2db16 |
| SHA512 | c666b065c94ed60f45543a9a02eaa3f028e158d31492c07e9661b0db5f6f9bf2d237d46c124ae4db8d749594aaee6fd743899607d3b1ac7280c3a7d3744d7ef1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0713315b933f97e23e4387c229ad9cac |
| SHA1 | daa4bf47b361c4f85846e52477c9a60268f0d78c |
| SHA256 | e5555a482edb15a4f1ead804b91c60c1e9b89c43d7de4fa8e6258195d7ef42bc |
| SHA512 | 7d32ec05e744d6826d50d42260ffbf883dfd28652a7671cb2f4b5eb7a0d6e59a27e74906519d5b9ba3809ca00cd6bb2e5b37c3fd0efc70019ba0530b73f86213 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7e03b155adb2984eb08f9ecafdd787a5 |
| SHA1 | 2d3fcb770c459a3cf197d32891ec054f65121790 |
| SHA256 | cf33f481b0551aa93dc653f7eadc3388a19080538fed861e32e1e870338c7dcf |
| SHA512 | f3bb9bdd7169403decd2180008971c38f10dc73819ef21c8e6eab4fbf395782f080f8f639938b5148af10f8db9c94a37a418214151f9f175a5c2f5258926e05a |