Malware Analysis Report

2025-01-18 01:01

Sample ID 240613-lfqp1awhqp
Target a4da2055d50fad8f27bf10e5f0ca14df_JaffaCakes118
SHA256 287db0ab6004a61b0a2a944e3bd580a51a271b081c6b4b92b5c09cd2d7f34ce4
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

287db0ab6004a61b0a2a944e3bd580a51a271b081c6b4b92b5c09cd2d7f34ce4

Threat Level: No (potentially) malicious behavior was detected

The file a4da2055d50fad8f27bf10e5f0ca14df_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 09:28

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 09:28

Reported

2024-06-13 09:31

Platform

win7-20240508-en

Max time kernel

144s

Max time network

149s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4da2055d50fad8f27bf10e5f0ca14df_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{57CCB311-2967-11EF-8C89-6200E4292AD7} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424432820" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2737914667-933161113-3798636211-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4da2055d50fad8f27bf10e5f0ca14df_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:316 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 blogparts.gugugulobuu.com udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 docsamu.seesaa.net udp
US 8.8.8.8:53 sda.seesaa.jp udp
US 8.8.8.8:53 xml.affiliate.rakuten.co.jp udp
US 8.8.8.8:53 t.seesaa.net udp
US 8.8.8.8:53 docsamu.seesaa.net udp
US 8.8.8.8:53 blogparts.gugugulobuu.com udp
US 8.8.8.8:53 xml.affiliate.rakuten.co.jp udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 sda.seesaa.jp udp
US 8.8.8.8:53 t.seesaa.net udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 blog.seesaa.jp udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 09:28

Reported

2024-06-13 09:31

Platform

win10v2004-20240226-en

Max time kernel

143s

Max time network

156s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a4da2055d50fad8f27bf10e5f0ca14df_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a4da2055d50fad8f27bf10e5f0ca14df_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4812 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4860 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4332 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5452 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4332 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5764 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=5932 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6052 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=6540 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=6648 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
GB 51.140.244.186:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
BE 104.90.25.175:443 www.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
SE 184.31.15.35:443 bzib.nelreports.net tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 docsamu.seesaa.net udp
US 8.8.8.8:53 docsamu.seesaa.net udp
US 8.8.8.8:53 blogparts.gugugulobuu.com udp
US 8.8.8.8:53 blogparts.gugugulobuu.com udp
US 8.8.8.8:53 sda.seesaa.jp udp
US 8.8.8.8:53 sda.seesaa.jp udp
JP 138.2.21.1:80 docsamu.seesaa.net tcp
US 8.8.8.8:53 186.244.140.51.in-addr.arpa udp
US 8.8.8.8:53 76.234.34.23.in-addr.arpa udp
US 8.8.8.8:53 35.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 175.25.90.104.in-addr.arpa udp
JP 138.2.21.1:80 docsamu.seesaa.net tcp
JP 138.2.21.1:80 docsamu.seesaa.net tcp
JP 138.2.21.1:80 docsamu.seesaa.net tcp
JP 138.2.21.1:80 docsamu.seesaa.net tcp
JP 138.2.21.1:80 docsamu.seesaa.net tcp
JP 138.2.21.1:80 docsamu.seesaa.net tcp
US 8.8.8.8:53 blogparts.gugugulobuu.com udp
JP 138.2.21.1:80 docsamu.seesaa.net tcp
JP 27.133.132.29:443 sda.seesaa.jp tcp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
JP 27.133.132.29:443 sda.seesaa.jp tcp
JP 27.133.132.29:443 sda.seesaa.jp tcp
US 8.8.8.8:53 29.132.133.27.in-addr.arpa udp
US 8.8.8.8:53 1.21.2.138.in-addr.arpa udp
US 8.8.8.8:53 xml.affiliate.rakuten.co.jp udp
US 8.8.8.8:53 xml.affiliate.rakuten.co.jp udp
US 8.8.8.8:53 t.seesaa.net udp
US 8.8.8.8:53 t.seesaa.net udp
US 8.8.8.8:53 blog.seesaa.jp udp
US 8.8.8.8:53 blog.seesaa.jp udp
JP 138.2.21.1:443 blog.seesaa.jp tcp
FR 18.155.129.58:80 t.seesaa.net tcp
JP 138.2.21.1:443 blog.seesaa.jp tcp
JP 133.237.105.32:443 xml.affiliate.rakuten.co.jp tcp
JP 133.237.105.32:443 xml.affiliate.rakuten.co.jp tcp
JP 138.2.21.1:443 blog.seesaa.jp tcp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 58.129.155.18.in-addr.arpa udp
US 8.8.8.8:53 32.105.237.133.in-addr.arpa udp
US 8.8.8.8:53 blogparts.gugugulobuu.com udp
US 8.8.8.8:53 blogparts.gugugulobuu.com udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
JP 138.2.21.1:443 blog.seesaa.jp tcp
US 8.8.8.8:53 138.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 17.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.42.73.29:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 29.73.42.20.in-addr.arpa udp
US 8.8.8.8:53 js.ad-stir.com udp
JP 35.73.153.229:445 js.ad-stir.com tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 64.253.107.13.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
JP 13.112.45.104:445 js.ad-stir.com tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 js.ad-stir.com udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
JP 27.133.132.29:443 sda.seesaa.jp tcp
US 8.8.8.8:53 js.gsspcln.jp udp
US 8.8.8.8:53 js.gsspcln.jp udp
JP 133.186.12.51:443 js.gsspcln.jp tcp
JP 27.133.132.29:443 sda.seesaa.jp tcp
JP 133.186.12.51:443 js.gsspcln.jp tcp
US 8.8.8.8:53 dmp.im-apps.net udp
US 8.8.8.8:53 aladdin.genieesspv.jp udp
US 8.8.8.8:53 aladdin.genieesspv.jp udp
JP 222.230.178.144:443 aladdin.genieesspv.jp tcp
SE 2.21.96.35:445 dmp.im-apps.net tcp
JP 222.230.178.144:443 aladdin.genieesspv.jp tcp
NL 23.62.61.168:443 www.bing.com tcp
US 8.8.8.8:53 51.12.186.133.in-addr.arpa udp
US 8.8.8.8:53 sda.seesaa.jp udp
US 8.8.8.8:53 sda.seesaa.jp udp
US 8.8.8.8:53 sda.seesaa.jp udp
US 8.8.8.8:53 static.affiliate.rakuten.co.jp udp
US 8.8.8.8:53 static.affiliate.rakuten.co.jp udp
US 8.8.8.8:53 static.affiliate.rakuten.co.jp udp
BE 104.90.25.214:443 static.affiliate.rakuten.co.jp tcp
US 8.8.8.8:53 cs.gssprt.jp udp
US 8.8.8.8:53 cs.gssprt.jp udp
JP 133.186.12.50:443 cs.gssprt.jp tcp
JP 133.186.12.50:443 cs.gssprt.jp tcp
JP 133.186.12.50:443 cs.gssprt.jp tcp
JP 163.43.28.228:443 sda.seesaa.jp tcp
BE 104.90.25.214:443 static.affiliate.rakuten.co.jp tcp
US 8.8.8.8:53 mtwidget04.affiliate.rakuten.co.jp udp
US 8.8.8.8:53 mtwidget04.affiliate.rakuten.co.jp udp
US 8.8.8.8:53 xml.affiliate.rakuten.co.jp udp
US 8.8.8.8:53 xml.affiliate.rakuten.co.jp udp
JP 133.237.105.32:443 xml.affiliate.rakuten.co.jp tcp
JP 163.43.28.228:443 sda.seesaa.jp tcp
JP 133.237.69.60:443 mtwidget04.affiliate.rakuten.co.jp tcp
JP 133.237.105.32:443 xml.affiliate.rakuten.co.jp tcp
US 8.8.8.8:53 144.178.230.222.in-addr.arpa udp
US 8.8.8.8:53 168.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 214.25.90.104.in-addr.arpa udp
SE 2.21.96.91:445 dmp.im-apps.net tcp
US 8.8.8.8:53 50.12.186.133.in-addr.arpa udp
JP 133.237.69.60:443 mtwidget04.affiliate.rakuten.co.jp tcp
US 8.8.8.8:53 yads.c.yimg.jp udp
US 8.8.8.8:53 yads.c.yimg.jp udp
US 8.8.8.8:53 mtwidget05.affiliate.ashiato.rakuten.co.jp udp
US 8.8.8.8:53 mtwidget05.affiliate.ashiato.rakuten.co.jp udp
JP 182.22.31.124:443 yads.c.yimg.jp tcp
JP 133.237.69.60:443 mtwidget05.affiliate.ashiato.rakuten.co.jp tcp
US 8.8.8.8:53 228.28.43.163.in-addr.arpa udp
JP 182.22.31.124:443 yads.c.yimg.jp tcp
JP 133.237.69.60:443 mtwidget05.affiliate.ashiato.rakuten.co.jp tcp
US 8.8.8.8:53 dmp.im-apps.net udp
US 8.8.8.8:53 60.69.237.133.in-addr.arpa udp
US 8.8.8.8:53 124.31.22.182.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 172.217.16.234:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 log.affiliate.rakuten.co.jp udp
US 8.8.8.8:53 log.affiliate.rakuten.co.jp udp
JP 133.237.60.7:443 log.affiliate.rakuten.co.jp tcp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
JP 133.237.60.7:443 log.affiliate.rakuten.co.jp tcp
US 8.8.8.8:53 7.60.237.133.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 sda.seesaa.jp udp
US 8.8.8.8:53 sda.seesaa.jp udp
JP 27.133.132.29:443 sda.seesaa.jp tcp
JP 27.133.132.29:443 sda.seesaa.jp tcp
US 8.8.8.8:53 b.st-hatena.com udp
US 8.8.8.8:53 b.st-hatena.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
GB 199.232.56.157:443 platform.twitter.com tcp
US 8.8.8.8:53 connect.facebook.net udp
FR 52.222.201.116:443 b.st-hatena.com tcp
FR 52.222.201.116:443 b.st-hatena.com tcp
GB 163.70.151.21:445 connect.facebook.net tcp
US 8.8.8.8:53 b.hatena.ne.jp udp
US 8.8.8.8:53 b.hatena.ne.jp udp
US 8.8.8.8:53 b.hatena.ne.jp udp
US 8.8.8.8:53 b.hatena.ne.jp udp
US 8.8.8.8:53 b.hatena.ne.jp udp
US 18.245.175.22:443 b.hatena.ne.jp tcp
US 8.8.8.8:53 b.hatena.ne.jp udp
US 8.8.8.8:53 b.hatena.ne.jp udp
US 18.245.175.22:443 b.hatena.ne.jp tcp
US 18.245.175.22:443 b.hatena.ne.jp tcp
US 18.245.175.22:443 b.hatena.ne.jp tcp
US 18.245.175.22:443 b.hatena.ne.jp tcp
US 8.8.8.8:53 js.ad-stir.com udp
US 8.8.8.8:53 js.ad-stir.com udp
US 8.8.8.8:53 157.56.232.199.in-addr.arpa udp
US 8.8.8.8:53 116.201.222.52.in-addr.arpa udp
JP 13.112.45.104:80 js.ad-stir.com tcp
JP 13.112.45.104:80 js.ad-stir.com tcp
US 8.8.8.8:53 b.st-hatena.com udp
US 8.8.8.8:53 b.st-hatena.com udp
FR 52.222.201.116:443 b.st-hatena.com tcp
FR 52.222.201.116:443 b.st-hatena.com tcp
US 8.8.8.8:53 sh.adingo.jp udp
US 8.8.8.8:53 sh.adingo.jp udp
JP 54.168.141.194:80 sh.adingo.jp tcp
US 8.8.8.8:53 connect.facebook.net udp
JP 54.168.141.194:80 sh.adingo.jp tcp
US 8.8.8.8:53 22.175.245.18.in-addr.arpa udp
US 8.8.8.8:53 104.45.112.13.in-addr.arpa udp
US 8.8.8.8:53 i.adingo.jp udp
GB 163.70.151.21:139 connect.facebook.net tcp
US 8.8.8.8:53 i.adingo.jp udp
JP 35.79.126.110:443 i.adingo.jp tcp
US 8.8.8.8:53 syndication.twitter.com udp
US 8.8.8.8:53 syndication.twitter.com udp
US 104.244.42.200:443 syndication.twitter.com tcp
US 104.244.42.200:443 syndication.twitter.com tcp
US 104.244.42.200:443 syndication.twitter.com tcp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
JP 35.79.126.110:443 i.adingo.jp tcp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 8.8.8.8:53 platform.twitter.com udp
GB 199.232.56.157:443 platform.twitter.com tcp
GB 199.232.56.157:443 platform.twitter.com tcp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 194.141.168.54.in-addr.arpa udp
US 8.8.8.8:53 200.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 110.126.79.35.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
GB 216.58.213.14:445 www.google-analytics.com tcp
GB 216.58.213.14:139 www.google-analytics.com tcp
NL 23.62.61.106:443 www.bing.com tcp
US 8.8.8.8:53 106.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 cdn.blog.seesaa.jp udp
US 8.8.8.8:53 cdn.blog.seesaa.jp udp
JP 138.2.21.1:80 cdn.blog.seesaa.jp tcp
JP 138.2.21.1:80 cdn.blog.seesaa.jp tcp
US 8.8.8.8:53 24.173.189.20.in-addr.arpa udp

Files

N/A