Analysis Overview
SHA256
e331e946acf85ba7d7e81f48cff06ac5c012ea018bfba1caeb26c128d1ef4e03
Threat Level: No (potentially) malicious behavior was detected
The file a500083a93d243874ec6b431f9b55d59_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 10:06
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 10:06
Reported
2024-06-13 10:09
Platform
win7-20240611-en
Max time kernel
118s
Max time network
128s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10081" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9490" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424435062" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "400" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "28575" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "28575" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "19582" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19080" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10087" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "19494" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10087" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19494" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "19582" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "19080" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19576" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "288" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9490" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10738" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9999" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10081" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9999" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10853" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10738" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "19576" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2812790648-3157963462-487717889-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2440 wrote to memory of 2724 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2440 wrote to memory of 2724 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2440 wrote to memory of 2724 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2440 wrote to memory of 2724 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a500083a93d243874ec6b431f9b55d59_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 216.58.201.110:80 | www.youtube.com | tcp |
| GB | 216.58.201.110:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.110:80 | www.youtube.com | tcp |
| GB | 216.58.201.110:80 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 142.250.187.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.187.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\CabDDB4.tmp
| MD5 | 2d3dcf90f6c99f47e7593ea250c9e749 |
| SHA1 | 51be82be4a272669983313565b4940d4b1385237 |
| SHA256 | 8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4 |
| SHA512 | 9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1df85e0519a89b5c718045635c2fdd6b |
| SHA1 | fe5f77d92454c6d306826647d15ac49b8578fa57 |
| SHA256 | a28ca024faf86f7fbefafe54eeb0a9f894f067323084492f915b3133e813d75e |
| SHA512 | 7ef6aa0c0de1c43cdac98c62b06bb007bd44237863ae30dc64c05cfb7f897ed4479913f27593f6f715b57e1004579614df73700e70f6660c3c8a04dc6a2ba412 |
C:\Users\Admin\AppData\Local\Temp\TarDE38.tmp
| MD5 | 7186ad693b8ad9444401bd9bcd2217c2 |
| SHA1 | 5c28ca10a650f6026b0df4737078fa4197f3bac1 |
| SHA256 | 9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed |
| SHA512 | 135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 9ae2e1aac85133b169afb89e3fd53250 |
| SHA1 | 90076b878bac2542e2f3eacc071d0b1977c45200 |
| SHA256 | aa1ff749b776df4e45aefe6cf1895d48b70f62082c5007f8d8698391dd30b2a8 |
| SHA512 | 6195448b31840e4590e1ef88348b2da2aa22b1ec14211476daefcbee61aaa98ca87c31e689bef0926137e9a84310007b65de2c7b0c4484cdd3228692f936b4d2 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M46YZP1\www-player[1].css
| MD5 | 69958caec43c10f1d36a71ce83ac69e8 |
| SHA1 | d363274a0f568e4bfe98e978eae59441fc17a1fa |
| SHA256 | d24493147c49a7b5d1a21c66aa87d11a0c976cd4e9392b89add880139aa2b1ff |
| SHA512 | 8a57bb5c5a1f7a91057493bad34133f7a2da0b7322ea84638a82e4df13045a584b11a0bc5beb90c018e9d5fecd323bc73cb35e2c322804ddd74ab0e4967bb84a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R54TGSS0\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R54TGSS0\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M46YZP1\www-embed-player[1].js
| MD5 | 8940a491297381a0ce25360e21b39bb5 |
| SHA1 | 43d7a4157e78777fc024415969c3a7bd550a4322 |
| SHA256 | afc766cb1c4a339c40d24ad926f05e8b4927eed7532b876291d0bd19adc9cf3e |
| SHA512 | 5772d7e7485db888676e69cbaf4c88af01872997338bc61e8e0344d5dba208c2909e167d54d8edcb782e17d1a2b4e9dba955baeb0ad0e43ba932b3bf25ae7dde |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M46YZP1\base[1].js
| MD5 | cb463df0a090cdfabc77af2691141830 |
| SHA1 | e3dde6a1f5c4803e69839154013496a781137473 |
| SHA256 | e09e2e8a3cfbcc88eea12d0b17161e1f2c8c75f1bb21100829c09f9858db3f24 |
| SHA512 | 099374f7b03a4635390b94525105884fa101d93a583eed0d92def7d2de3199d2bd57fc63d885e8e9af0863db40cf521d2fb770eb09400a4c6285f7c37ad88e8c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M46YZP1\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 837d124e547060ecf8f9a2410faf9ca7 |
| SHA1 | 7e65e5caebf2d4cb5eb131bd099e1f3dc4281ebd |
| SHA256 | 9499656197b19876dcbaeb8de8d4ea3903ab504a3a48820e6ede89f86276f3b9 |
| SHA512 | 3ebb46b41b1efe4df0c916d33790ca85b4106cbf0d90c261cfbc98a84afa84cfc00c71b2cfb9beb17d5e6c3f4d736476eae6f5d9d613119e4ea50dc48b9d8852 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M46YZP1\embed[1].js
| MD5 | 14d69fc9da4a63c8ad5013b3d3781842 |
| SHA1 | e0272f8403d95fd27df22dff5fc014e2ab5d8a3d |
| SHA256 | e2a5632fec9da56d272ccdea5ecfa7000dc70659673c52a11966802e37a2140e |
| SHA512 | 0f85c67ae8969570f6cfa4d265013da7d4820ea11349b11b886d480d7d78df5c6aa1e7484724d6b21421db18678d22bae6d478d3d0e35506673fd609805d1976 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | d769fa9345e70f24783d33e5a72d3d5f |
| SHA1 | 99a46d79d7aa0d1ef99c62b487c0a6c003819146 |
| SHA256 | c5b837734955ac9ad057aa993ba2e8e1eb1c06ea9c953b4542d453d8118419f2 |
| SHA512 | e15572acb1434052a11b5010ae2044fd83f7901f917b3a40d8f26442c09b1fbe49b4966112999db77b36a1d2b49f3bd9624559d28aef867a4610a13ce44322be |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M46YZP1\57wTYcgCL9-06Mjz4he5vP6_4afBPjLl2lxgmn3azys[1].js
| MD5 | 856cbc9239ad5b22e09262a0772086b7 |
| SHA1 | f85c8823e31ee0445b52eaff81a312bf30a9de0a |
| SHA256 | e7bc1361c8022fdfb4e8c8f3e217b9bcfebfe1a7c13e32e5da5c609a7ddacf2b |
| SHA512 | 9a57544fc353802c2e7b209a025b39a79ee646393fd89ac7d0325940853033fa661a252da81a0e4ef391d0c3b6365fe9f77a6c3f5f73bb41ddc14459c627b745 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | fbe66645a31b224f4f37f805249f11d1 |
| SHA1 | 0eaee3231bf1fd08ba9efd019107335395737a32 |
| SHA256 | c8c0a63945208befed6de45aa80f57db020beee91ee0d970e7976b5798f003b8 |
| SHA512 | 90455362217acef6fd72ae46cd80b6ed465d2aa322dc42eba1dfa628baedfc2148ab87bd4cc133c34441dea40ac92f9c329201663a7c0baf9f49383e6f8af817 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | f66d980cdd77f0d8416c07b060f47209 |
| SHA1 | f014abd8ead8536301baf315c1a00c31de0e4ee7 |
| SHA256 | a4a55a5b9f613680e35b0d137453ce743e4a668324d8522460bed25a059eafa1 |
| SHA512 | 6200d49893786e1dca4f97acdb5c7e9ee9729d6d33c3ec5ceb9682f8ce46304f0e60a0bd09787ab76ac81f6655f6142d45425b53359403131271dec4d9f46b83 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | fba379ee767bd1f31420150d74812794 |
| SHA1 | 158e9f32e8db39db25131e6bbbf487730f0c18da |
| SHA256 | 3727b732d96dbe8a81ab856bb4797b5d6108c0e747be831ddda5547d8c5892d2 |
| SHA512 | d0780416347a1484260be177eb3c625468dd5394b1374cb8c4cd584ad097a4e61720b459d7bb1999ea5a1a82676ce06ed259a8cb3db68c348e89df4134b90f4e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R54TGSS0\remote[1].js
| MD5 | 122e83be4335ed0b6b270ff458ce45fc |
| SHA1 | 4cb88bf4d9efe3759b45d01dbdf258ab8b4147e1 |
| SHA256 | 13bace7cd8fc970632b82a7f1614ffff8f8f9f8dee7d5072d633c4ad5f7cadc5 |
| SHA512 | 188863a2f4c41b81179f8039874f989163a3c61ad4a6d766dc86aacac71f80add476682b6686f8c95f6be031ad78bf5767ca48544aa64ffd303f522888b558aa |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 0656cbffd81191cfbd41d0b28b81f1ec |
| SHA1 | dfd19449a96a8814b4ca7e40249f94856342f92b |
| SHA256 | 20b3d911b19151fc65740d8060ecc794e3c7458947c51be23e0ecd088f5822d2 |
| SHA512 | 148b1f577fcd841dddc0d5220d3f3757abd9bbffb4c6666909b2a0389642e21309c427a7ace1af1871227a37065c4a57535f8fbefca3eafaab5a33ed0c73b074 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 814b41b21ac7e1e2646989665c1d0b0a |
| SHA1 | 53dac7db250169fb6192b3517fcfe6d2e1ced4e2 |
| SHA256 | 9e966a7eeafa968fbab4573687a80b9920f4e1c8bc92971873d1b283c2605bcd |
| SHA512 | c47a924307760def92c29fb4c38ffe9ed568a485fb8f6580f91feaead6a2fc6e6a1da8283311b9c66275b131095e3fcf42f1c6629fc2e7db79ff269f7656ab18 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | c2727f8cbada4f8e56ef1236ca15b5d1 |
| SHA1 | ebadf878fdec46b215779550fd9522cfda09008f |
| SHA256 | c0795fab59f5b36f23cad9f7d42105bc173238977e68c79f485438e784b6b7f7 |
| SHA512 | 7b6d55a36e2fc53064644be869f5ee48a29f8551ab94ec00471dad31c368ed711244b89710a924dee40d1d1056d5f26447d1331a951787aba13620b2367549c2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 5fd791a44749ad5a57693943ae5bbc35 |
| SHA1 | 9320996880bfa3a638d0e3fbd3dc7a0206f23f52 |
| SHA256 | b0eaac2e2b038050535b2d2d33ace77397522d6e545b382ce07202e6e78accd4 |
| SHA512 | a8ac42aa3b9089b48bb288b4fc83298635ce2c942c8385b1c9a462709849c3a67d9a744029f78b8384411ec063198738cf2890d5ff53825f0f5477bc1a32a410 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 50c4e0767765c12121dcbd10b19aa1eb |
| SHA1 | 14fcfb305a98f6032fa4f2e07ff69788560f6c20 |
| SHA256 | 338d781a66c62bbbb9b518f1c6298a52a971ac84f9c263ef50e585a589b67314 |
| SHA512 | 2935ba6bf3448d14192277820b561652eb892d3de338380bcb51f40bf1d44407aacd07d055f69578bb8bce8d60be392379f1f848655febb5c69eb076dd3e2fa3 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 9e3dad4dc75af301ae4b6435cb6067e6 |
| SHA1 | d558c25be3c839d3c02d0dd867b7c879bd528201 |
| SHA256 | fd2b8f47ac084029f8126ff697ffbc96564702e8f9c41c0d8492116b040a991d |
| SHA512 | 6ce315b14423a5b9b5ad6df0e4a957698da65446560529f29594eee0c00683c624ed219ceb10aade81f958fefe6d6d2936fd08dd3cd7fe7789a11897c0d82816 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 6672a758f3bcd3c637fb54686e10683d |
| SHA1 | 173603d90bc83d887696971a16578da314081529 |
| SHA256 | 19a35a0fcd42a7791f04b6cc6eabf31df3cd226f7dcd25408974753d8e2f1f26 |
| SHA512 | a06eb1dcd1c81499aa37be57baaeb1b277543b1145da23cbac4f323d6ec2c6d902c1e23e7455cb5c5ffb87199f2113924c1309b7c5b9c46f1e967edb660810f7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | d376feedb86c2b8afcdda6fdde23630a |
| SHA1 | 4e2dec477dcff5163028c6792e83f3085d7b9bc2 |
| SHA256 | 22c969b480f0923b4b4693ca4e3dfee190dea6ba5d63355d677e41a7c852c3c0 |
| SHA512 | 9f4b404b2290dfe02d8280ecdde334f8990faaf2bdee19aea36db6331b24dafe6ed49e6c4136fea28fa75b061b437afaed29f439919d055e22ecd3e734d70885 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 11928fe1715591c0aa821898c751490a |
| SHA1 | bfbb2f92d31da72d58544f8c1f4fbd1a39f19c07 |
| SHA256 | 3cb96c3e840f4621fc2a625b6a51cf4f98182f45ea94e921b64536568ef51cf5 |
| SHA512 | c685c9a8a799178368a18555866f13a6c8d62b89d3d481d825f4996c6be71a82ef46be9adafde16851de2727f21d69fadfc715e8ff050ca3908f67d0968d3848 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 2bb9ee3da7e7cd51f29ce49d2a5462fc |
| SHA1 | 253e8572cd10eb3f110137a06a8ce4bfccdcef37 |
| SHA256 | a3da1f7c074d24d919280150e91716d0acf44bfc7d4a97f5e27f9aa3ba50becc |
| SHA512 | 92a1a13be23de863c50e0bc1a2266dd13f9fe9b3e0e8ec946c4667374ce10af5e7da9b47678548a68ab4add1596891fc7e1b5159481f16adfbca2927ea618662 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 3846ef9b746cf5e812ce0ae2e1c6615f |
| SHA1 | 1f41ea27f0978770d074ea3c7e9d5f6c25bb37a8 |
| SHA256 | e06a8d22e79b2ed7e2c02e601925b0e7266a94f4a1ee8435ea1e65cf1b182bdf |
| SHA512 | b2ef0e769c70e5433cad818bdafb49a2e193bf4a1cd82a3c114dc7b37a95046a434d0dbfeee00381cd6b32571170e85b9c34c17ea8137234bb1e311820ddeae0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | bd4d59c1e4d336bec1f3958ea8fb42d6 |
| SHA1 | ece5e7a4b6f7724b50ce88841bcf9b1e4189f311 |
| SHA256 | 21f9c0729bb2ef1f12cb8a370aaceeb90060d2f97e65386017f9598ce15148c1 |
| SHA512 | d80e8d3b2a344d3ed622dabab6da0a3cca236a3fcf59402c9a91d40fa784d9f2b71caabf4972224dd9b2b7d65f634c436129236b005bf25010b9d170f599630a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 5d44b2da1d086cd4fc04b2883595f6bc |
| SHA1 | 25a609baccf37bd668188d0b272e4405e0b75bb6 |
| SHA256 | c4c96d68f76b66122dde20761e915c14c3d16e685964a2c1b30cc9b6801c6676 |
| SHA512 | 49a7bbba89fd0e130ee63aebe1f4b4a43cac81d972d4539769618d5ca462e3def963c75182017ed2ffd36c1f039a217fc948037f0f55d4ab50b0fb0b5e51c23b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | c10bfe4324756bc5544cbc0e0a245e8c |
| SHA1 | e9343d1d4a752b1810013137c8a87863bcfdf43b |
| SHA256 | ed74b86343a048f1b5c8452d5175db78c9f1f4f06bb8e5375e39e29e335c4b89 |
| SHA512 | 2ab5ed458daa682e3aa4fe13439d7cd225aa9e75c547bdc50229944f3a795d080523d985462484c052c74aadbd7bb46a3818ac65bf4a4df9f514a703db6c3efa |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | 58c10fad3f1bc32ab11e50e44393c917 |
| SHA1 | e1def118fefdeea1c832181fbef56b3fc643599d |
| SHA256 | ec31b95ec8a8a9648b57ecf7da0a7d48e4ba364a264ae493e5f2940b601aab8f |
| SHA512 | bcc751be11c887a09fec020b386d69c7622960599c65febc28e8c7e6485b3fd14e0320a71643ea5e682771764570cd102c329b021f6aa2d39f108b0185a88c24 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | ad999edfddb31a46544ca4d4fadf4c9f |
| SHA1 | eb28271d9bf08c5198b775f13df97ce874d0412e |
| SHA256 | 47e2f6d824a6a455407efe883ba66ed39e60f2881f47e4e7ed184bbf5f42dc3e |
| SHA512 | af73e0d6898133c0ae4c859af9f6faaab2ecebb2b2e83103e662cf1a996eb93b50f5839bd12a8213c8ceafac1f7a4d1c68d01731f6eb00ed877b6cc883768682 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | b68bc33a4e658ca100d0b86b537e8c1b |
| SHA1 | 6aae7208122aa8e18713dc1e300b8b13b6a07c0d |
| SHA256 | 38d895c1dc3160be1d2ff823d5db67e1261c760cea31506273ae05d85a9baaf9 |
| SHA512 | 01699d29eada8b3741c3fbe2f0b463e33deac6226b5c78430f92303e58e5c6f9b62fb83e0a954d5805e814a42053918e4f5f67fb29385bb1b10622d57c5d356f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 933534ddc6f0a5a62c18404b1efe4ef6 |
| SHA1 | 9be410c2d11d2139c50bb18840d7f7fbf002ec1d |
| SHA256 | 7cc078ecc617a010ad4851d85096da55050a821b1730ec771725fe8b16d3cdec |
| SHA512 | 12be01b0a6884d7e482fc4b2ce7d69cf284bdc2a2a4644c11b0917c41454a8311d648f2e32ef22baa14318f6376d39696710517fc519930efe751c66110a05d0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2c245191397de54776f666e4fc0d55a3 |
| SHA1 | f66409df44978fbe8adfbab7202d401e5b245111 |
| SHA256 | 15ae432b7dd310bf2d47b5637a8d66bf0dea84343067596f74924f8ea75304e1 |
| SHA512 | faefa01dd34e4b9da09587d5373b3674d97876eb1e8d6a06ad883a51471d9cba0484754c3c8f06b29446bd0cd88d0f907284e2e85805fc32a8f120249d43d568 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c2ccf00ab7e27093d254cf75639be010 |
| SHA1 | e6c6970c1d4a4ed1fed79e61b88a69a6552d056e |
| SHA256 | 5b316452bb79800b5eebc3c557df974af46582761f7462c2001211571949ccd7 |
| SHA512 | 8abf163476f83eb4e1f15ce5c7185499f2ce6f465590979fb529f25d774b0263fc2562f1d23819b9c089b4504ab107f3a3c4d80fc9095119273d36da3f2172e0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c43573d7b8593e228bf17fbc50d9b703 |
| SHA1 | 0697b11461ea8c8db8493ce88d15305aaef6e881 |
| SHA256 | d6f71fb7f2a415a74f9ded1b24b2f648b253a43dc1f7b29e4c3748f7444a8bca |
| SHA512 | 9d210099d0f28a721bb585058e78f924dfbf99e66b68ddb561295f71bee0b64e905952288dda365126e4b10a71630856657250c3cb52a828cb31a4cb832f7279 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 91e446b05abab09b56ec6c922eb54f83 |
| SHA1 | 0fa3ea3fd4b07bdc264829e0c2452e5f8fd4b6df |
| SHA256 | de583f5f39c2744b203d33637036b1f4cabb9844421721efbfe6eea8b7ae5c2f |
| SHA512 | 6e728604894df77442919741a42b2369a77479b42c5c40f0488e1822ff833c9a8e86ca4caf5d54faf964cc54062057f7dd8771f6edf0be0cc171f344bee550e7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2daeb1578cac6dd1ae5a805c87280e08 |
| SHA1 | 176f52f3a857b5d13bf3114edb824d828b99cc84 |
| SHA256 | 1b4180de0a21dd2793b2e29bcaa7c032821f281ae1011e7a15d400af6f867287 |
| SHA512 | 6d8ad917996eb71c0fb02126e7254a36eb6f33bff8742566e3b24bbb2f83b77e004520e3b8f79ebf6ad9e65fed84091dcdd77ae4d8584cea5c80cf00965026a3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ec4872a06b12568174c1a77e5eabcafa |
| SHA1 | 8857382036503975950ca3e8fe0973cd794926c1 |
| SHA256 | e5230fa8ca4434aba0b9cffcbef4f3e235a499d8583cb53c49b37aa05c23dc85 |
| SHA512 | 0f8a6ad3067e1b6a81c47814839752664b54b578ec93d5f02dacf3752e072b71106cafca84ee8114368fa89c26979778660305790469cd8898521a2f7a5be661 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e70a861cda972f707101246644bc6d00 |
| SHA1 | b8bba34a17ddf1838f05b2cbb1c0799e81babb79 |
| SHA256 | 6c08a86c641f45b4c5800daf896c4a1c86f2bc1b8a9e8ec36f295e4730851b9f |
| SHA512 | 216d90811cf1081dc36af3da54f2c355643f77bc2ff52e2a137dcf1be4ddb3d4e1f3021160badfd9105be565b4e87b5a8c81beb9b86a57ca4aa629c165f45f01 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3c87be53534daed383806d28f29fd685 |
| SHA1 | 8c560157eb966112be464b1b251ce916d2a1364a |
| SHA256 | a69a38196d38a017c7725e3bb7cca92768df2693d7aafb51d851b49d9cbbf63a |
| SHA512 | bafd7cb8d45fcf157420cfbf52ad1bba6768ba0b362d125323fa36a64965b566b778b71a1cbeb364a8ce722b6ebdbb00ed12dcac2cd662b79c2292c23d212260 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e53669993d2d598284aacdfb3ab37ea2 |
| SHA1 | 3d238e247d423fec6ffb29bc3f5e55acf59a9af8 |
| SHA256 | e5bf5de57a345caf78c37865e51dc421877dac01f1d42bdb40fa82026ce33357 |
| SHA512 | b6201771660c3568e3390bf7f85d035fa835c8e9cbb150410fd39de0ac0d4d5e9551c331cadcd73b6c7176d5be1412648c2b5df8eadd1ffa52dd6f10b8dd3cff |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b1056c5df2f14cc50d842df7acb10c14 |
| SHA1 | 55c1234f826e01b45872548b394d9890e03f1ea2 |
| SHA256 | 1a2778e282259c8a38ed324ee2a370b7b19bd1451ec991a37a6d7f2f52cc6abe |
| SHA512 | 06808712002ad761ebda877fab8d3f4e5d2bc9eca515dd3b3827f5f26c328708ce16ccad1fa541fe86fb3d46a27a5d4759b0b3dce619a2d6e97d0fe264a34c8c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a651210f38e4be41efc970e0509663a9 |
| SHA1 | afc1ae0d8b418a847af009e5f5195a498f29541d |
| SHA256 | 34115edc151277a11cd1e84816438246efb774f6e0c2339042a268cc4ddcbbd9 |
| SHA512 | d125ab2eeb7243907d0fb54a781831edbcb7ec22e93432288b1c330c5af24ea8ceec3a3ba09b735d352a08d548d3aba72ccf1f3f0fa65a10f4c602f194081b8f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3212c6ff89b0072a8d8516c1c4d0851c |
| SHA1 | 8f7b3ff348db98ac78864a9ebb1c4390b45118d2 |
| SHA256 | 33d6d7a5a5ef703c8e163634551206ef4e3caa9855917604d8633837b5c6a43e |
| SHA512 | d752eb1c02f465187ea026809b3f4a661607eba9c0cc01023119fc06aeab5221a9d08780c47b458657e1927c613a10fcf615f1f2a8518aa6d329ed11fda80d39 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 84ab6b42ad0d5992d83fbc82f1cd2716 |
| SHA1 | 36a9b4479bce96422dbd6fc5a01f2a2b40c7291c |
| SHA256 | 0f27c46e47deb4016cfe26921731f9be61c7904ef23d56c6ac70f2b4210e8d7c |
| SHA512 | 07e0eb9d7d1ab74f27b35163c84c997f743a7110cff18299c49f4b18cc729dc31b33879c058b10b740d0af00c9e5881d3ab7e6f5c431cd855820608ddfdf1da8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9d055fd025cb1f37838283ad1385b6d1 |
| SHA1 | 8c82f23cb367b26b3a05d91da06c874e3eb8b2dd |
| SHA256 | 8380743c9e409b0b86aff48a35f476403050085ffc40c69d982d09a32f9cf9ce |
| SHA512 | 61c83a97d722b449f11d40f98fed68f9a148f970b3875d062ea48073a41e63a07eb9e8daa8dbf572609a53e3c6458055c0e1fc3b2c18a3190dfe9f098ffa3f30 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 340a4b988bb9affe3ae3cbb7fd08551a |
| SHA1 | 779026064ac958b9449c1db28c556deb94c30ca8 |
| SHA256 | 597520a27726e4911804afb82cb7689706b2da750983daae7b232e179ac1844a |
| SHA512 | 6fe9e631e49a46be2081ac643430ccb8c59b5d52415ffef45061fdcb77ac52c166e17364d2447b26d733a06f7727584a6df2adfdb7eeee7ee8e03e2ec66a6e5f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ebd74932d43c02abb71dcf47c0a7e6ce |
| SHA1 | 370cadd6101ee31510a092779711e04477d05773 |
| SHA256 | 2e44e9fd9878e18c32c42c511caeb9b76e6b0a5c0d101c494ff3ffa64ed172f9 |
| SHA512 | 5604b3ae80248d00e7f61e848363d0d73fdfff846aba6c5f8ba4555ca11365de03335b6815ef4d5a9dadcbafc099430da7849d13496af7b82bcbc4502a575c59 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | b81ade400d1efc8a549e98fe0cacbe94 |
| SHA1 | fb63607d622183b5187249a48b18424a8f16fc9c |
| SHA256 | 7c0f722438e65805408ccd63e3ecabcb4aaeb7e184e2bc06f2c49d8279daffb7 |
| SHA512 | e055c94e61bb8da2898def9a65a443a8cb2b190f3d6cdf7e8fa4df5a2186889a2f0780c02fb6128a42e6918909fd9f3393893979d6533291239caba32d04020b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42CQJEG7\www.youtube[1].xml
| MD5 | d922dc34b5152d43da20892db0b8a49c |
| SHA1 | f7506f5d57877de1fd03b379eb40a7929c6e7621 |
| SHA256 | 6a8eab8bb2e639248a0f3052f73ce6e354ccb81bebfebe8cac5fcbc8aa97bd69 |
| SHA512 | ffb6935bacbcbce41b66eb7b6d15cd784b168ed3371ab2639bbb98aaa5bf739f1e178902f0f723d652c77194ea3f2955a7b4da9ad4688773c35eefbc8bebeb60 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 10:06
Reported
2024-06-13 10:09
Platform
win10v2004-20240611-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a500083a93d243874ec6b431f9b55d59_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8d18a46f8,0x7ff8d18a4708,0x7ff8d18a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5520 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5520 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,14047237896113224516,16283830565101571513,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3444 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.43.107.13.in-addr.arpa | udp |
| FR | 163.70.128.35:80 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| GB | 216.58.212.238:80 | www.youtube.com | tcp |
| FR | 163.70.128.35:443 | www.facebook.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.128.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| NL | 23.62.61.57:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 57.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.77.117.104.in-addr.arpa | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 88.65.42.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b704c9ca0493bd4548ac9c69dc4a4f27 |
| SHA1 | a3e5e54e630dabe55ca18a798d9f5681e0620ba7 |
| SHA256 | 2ebd5229b9dc642afba36a27c7ac12d90196b1c50985c37e94f4c17474e15411 |
| SHA512 | 69c8116fb542b344a8c55e2658078bd3e0d3564b1e4c889b072dbc99d2b070dacbc4394dedbc22a4968a8cf9448e71f69ec71ded018c1bacc0e195b3b3072d32 |
\??\pipe\LOCAL\crashpad_2680_SHYOGVMGWNGQXLZQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 477462b6ad8eaaf8d38f5e3a4daf17b0 |
| SHA1 | 86174e670c44767c08a39cc2a53c09c318326201 |
| SHA256 | e6bbd4933b9baa1df4bb633319174de07db176ec215e71c8568d27c5c577184d |
| SHA512 | a0acc2ef7fd0fcf413572eeb94d1e38aa6a682195cc03d6eaaaa0bc9e5f4b2c0033da0b835f4617aebc52069d0a10b52fc31ed53c2fe7943a480b55b7481dd4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5c4436b05422837f44b44e26c7845ed9 |
| SHA1 | ca2ba5d1134cdd51e5b0ab9aaf5cced3995ef7ec |
| SHA256 | 8ddb324903832f8cc87d0e1b1b3298d0294a8ed075f8a3f7b4a347554e899a42 |
| SHA512 | 8ca44023888b717eff720774a75b665f58ba857d15eabae2d7ca74abc16831990a3defdebf554a473d9abbc4c0edd5dc52790976567c5c7c7c12cb736310b3d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 24027052b2c4582f7f84a532a0218aa0 |
| SHA1 | b4f7f3ea8c6ca2030e3560a2056dbdb5a390b8aa |
| SHA256 | 600dd578010553d7b213c7c78ce118177d2de87f0888afb7c55cb0c74cc75bfc |
| SHA512 | b96e8b3952298da5a111f25433fd5d0ec098c4a109eaabc8fdbb87fac2a5ecdc3fe5a4613949c651158bc35f5fd6c273c467f290cd633997b2089c4cc753acf4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b0a622bf72deb19896ec123a773eb16b |
| SHA1 | 4f389061b84a7dd2ded0922669399aec1adb9017 |
| SHA256 | fbb14db04a36db946a3acd153a769660188eec70ce988a0af91995608a83eb54 |
| SHA512 | f16e8ee680d1cbd545a9254affde90729ab201d09ea4a368c2327059da329cee98c0f5b96ecae966018aa8348015c7ef48918a4fc210dda3d4538b84e4bc6389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c110b77b5e29e880b3780c039cec455f |
| SHA1 | e88e13f7a026d3ad146235fb55038682239ff64a |
| SHA256 | f83afc95ef8951a011b4a21dad16d45f7f3d809647cfb9176deb254f0dfdfd5c |
| SHA512 | afdca0753bb5e95563e31009c74c0146c7256eb98aafe2723adb07f709e66bca98666f9249119472542d2a18cc95dcc9419d2b5df124b0e1d1212643da0c80cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 55839836d82bb387ba078e7135b2c6de |
| SHA1 | 98f1edcb55eb1a95effd2c494ff749894deeda67 |
| SHA256 | 35e4cf0b52fe48eaa0be5f67cd07d88a8c8d5f13af4b0414c1d812ca9753dacb |
| SHA512 | ede66cb7a1cd74d8c24b9a8e1b9352b62a8d7db3f4e760503ab7d57fd3bef475c52e987f049576edf51c1e9d289e56e417efbdd96c5ff246c7b0b2c8ecfc74e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | fa25ce6d391b9b9c9d85eda190a3d4e9 |
| SHA1 | 143c7fa9ef4075349d4cac4a59ab68483289846c |
| SHA256 | ba08d75a21471205952a3002e663663647f901c45a63540be1609f171bb838dd |
| SHA512 | 3b9b69c5014480fb1796f0ec246fc071c8e6162a0fe2cba38782bc6c5c40ad4eca7294ec18af4bd850319b0a14de078d60748171f89fe81330ed73300ce1867b |