Analysis Overview
SHA256
ccccd7f56ab7ad2f901549b6dc2387ad05ef30b8102f84a8970a583ffddfb328
Threat Level: No (potentially) malicious behavior was detected
The file a4e44af4d0117c9f90fd2cd286287321_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 09:39
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 09:39
Reported
2024-06-13 09:42
Platform
win7-20231129-en
Max time kernel
119s
Max time network
132s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424433444" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 90a3abb175bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000009338a4a884776548b242834fcb5e709e00000000020000000000106600000001000020000000a10a01667e00ad20a42dcc51d3e61b9af95242b1d867cbfe39bde3c3238e3702000000000e800000000200002000000002d5310e0f0b1def6c76a59eaf5c21e7f59615516eaff3fc69342e21ed1d07b19000000035f4d77dc18f4889605093c3eb4b6bc8a17cf4893a91b2a204124eeba8738113f9e7f1823df6bbcf52b39d146ea66daef6478b48fbf9fbe09af9987c7d6599f6d7b229ad23f2b2b029700fdc943108bb2dcd02cd22341e69953db32be545cb7babece80799c62bff36bec5daa68f21b77469520a34d2e805181fc337271632b14c88a4f51a501edbe7059b7bdfc4182740000000b98d2965ea3dcb9d27966bd58e7336d63b9d89150561f418cbee16e276e656682a8fba4647bdf0cc55957f93790964c7ecd619009fac99754faa80c76f9825d2 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D8E6F901-2968-11EF-B69B-6AA5205CD920} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000009338a4a884776548b242834fcb5e709e0000000002000000000010660000000100002000000062146c3c4c890e104e64827880d7c8a2c065cc0ea385e6568209152d8251d4c8000000000e80000000020000200000008294bd6c102dfbf85af321a1fccc50a02db79d11bdd7c147584f1939e229541320000000f962653f1cf6162c5d49349f65ecfcb193ab0ce1899033bb706395123bd508bd40000000a5d94d070eaf4cf4cf11520d1743804ef721f189c0065af97b1fe40392e237fdc2fd496fef53b43a9c2adcb1a7c981dbffce6bba352e8d171e11deb225092bbe | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1660 wrote to memory of 3004 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1660 wrote to memory of 3004 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1660 wrote to memory of 3004 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1660 wrote to memory of 3004 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4e44af4d0117c9f90fd2cd286287321_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1660 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | signaturekitchensandbaths.com | udp |
| US | 8.8.8.8:53 | www.signaturekitchensandbaths.com | udp |
| US | 8.8.8.8:53 | ajax.aspnetcdn.com | udp |
| US | 8.8.8.8:53 | 2.gravatar.com | udp |
| US | 192.0.73.2:80 | 2.gravatar.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 192.0.73.2:80 | 2.gravatar.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 152.199.19.160:80 | ajax.aspnetcdn.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 152.199.19.160:80 | ajax.aspnetcdn.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 192.0.73.2:443 | 2.gravatar.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 152.199.19.160:443 | ajax.aspnetcdn.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 8.8.8.8:53 | itokiusa.com | udp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| US | 172.67.131.190:80 | www.signaturekitchensandbaths.com | tcp |
| NL | 23.62.61.138:80 | www.bing.com | tcp |
| NL | 23.62.61.138:80 | www.bing.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar155A.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | cc78fa976d66ab73117f60a90f5eb1e5 |
| SHA1 | 3fa61e0be83b5fc3616162a5ad3d74d405a24002 |
| SHA256 | 3c8273abca2ef546231a517d8fb7f0e290582422966c2b71f49843054ef7c1d9 |
| SHA512 | 3fbffd4d8a34efb1ce0aaaebcefdce60bee5cf8fba6081ed23a0b0fac565bc2e23dd538000630fa2b99dd19f7db01c56f15014dce54439594c0df1d4d24295d7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 032ea3641bc6193878efdff254b73537 |
| SHA1 | e5f28bd4535937a925dc8e1b5ce9fdbb9ab4af3b |
| SHA256 | 8187d4c4ab41b391d33f44515b8efdc50b880e78dc74a7553fe81a78195f7c7f |
| SHA512 | afae492ebc072f3ec9cc337712424353153383783bf28cc171fc01d4ba687d342c42f11be4efc79749ae1cb1b91a8588585befa5603a05534ff20f05f6b45c37 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N8P7HIEI\css[3].css
| MD5 | f3608c4e58016a2fa664056cd4364554 |
| SHA1 | dbb8854ec8efef869edd7dd9deb501592200a47a |
| SHA256 | bed118664d6a70a4434485b83128a17cc62bb96e9a1d10c97ce61825e2549237 |
| SHA512 | cd69bae5398a2d56be65c7588c6e9fd81c5e10f28bd6886ae91038a76c6098ee3ddffbc62273837acafff84b408c8cfadb5f30878566c820cfe110c48941d0e6 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N8P7HIEI\css[1].css
| MD5 | 8a1af4a616b9213ffabe41e0d355101b |
| SHA1 | 6707646dc2c9db6e8a6f8f6e3eca0139d8472ae0 |
| SHA256 | f4392e77173b0bcd1b59ccea677805114398570af90e257f63be65cfa7973801 |
| SHA512 | 939d3db715eb2eb7d3c5365996883cac184b76212df75eac1ee7b3ecc8a95343a5573d1aa766f773313c7481ca03879322f02566bb4579200bfa17bfc818f704 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2c897305cd86c2f0a29428eeb392a98d |
| SHA1 | f562d4253a180839098db11c93af874e6d2702d1 |
| SHA256 | 004c497afbd72e553805ff7a7b059d3f3ef393da106d5a3745882adf9613a6eb |
| SHA512 | a59128e18552d024e05f783b56fcabe6c4048350717def80ac77f510215d6bc76c82bf05ba6349cce1b6ee86248d1e310ea290392db55e0af9740bdb8be35966 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | af1010772a21cb91c26482504fd281a4 |
| SHA1 | b4a71fb0513344cd36b4e030c4fc173386ec43ca |
| SHA256 | 7775158878afef9d1c05128c2bd5d8f67cc5de962d25d6989c7997384dd0f272 |
| SHA512 | 48ad367bae2eee0bd4f496db646f4b8ac5f0095670815489c32fbaf2cd4645e7402ea69bdc70ddc1d1d23e2a06fb68f2b38c65cbfe27513914fe0633a66f9f45 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fbe4721e6f8d650b309decbb252a8c22 |
| SHA1 | 8b87f4c75007942a070618401742e22a68e3f968 |
| SHA256 | beb30a69ab1038ecc2c379fe0db90c82c03d3f6e8dabc7a2bacb8a91b8b4c8f1 |
| SHA512 | e87a7f76d1533986dab04d91434a9fe247ec49cf503e68d6f59bd301bf8ef0feb419edeb75eca529558715aa4663f71e58d907dfe81b7796008f029a62fe41f0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bd31fbce455ad65d90d7645844a76020 |
| SHA1 | 79a615a17cbfc9a618d5795147cf4e25ce395dbe |
| SHA256 | 358f0ead20ed8505c959281d26e58cda73f68af8e4201368065826a538dc0746 |
| SHA512 | 8bad05dfaf81f176750122bb0bf04495db8fe9060204927dfc2fbc010da3d46b5a95006dfc8b2ca29239f3d60f29966f27da2c1fcdf85a0ccbd087fd1b580e89 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 73b4f99f573f4e9fdbc87f64a9bbe2f4 |
| SHA1 | 206abc91a8cf9be2e79acad31961a69cf8688041 |
| SHA256 | 8b154750ddfdb88a373a42a641fd4166912406436c838953f8414cb0f364ed70 |
| SHA512 | be01287e78818473e69a5065fe3341962d090a65353f3a27fddb15c32f3b4f4fd1fda411b6c0583e5e1d92dd16ded4bbd326efea6584389fc1b889c9cc5400c0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3968349540a67b55f822e3b07fa71383 |
| SHA1 | 4d2924ed344a7470f8c76944f80496be77b0c0a0 |
| SHA256 | 69227e0279a700f982c982d5231660ce3b18e99698dcb3a7cb98dc36702186c7 |
| SHA512 | fe7e9b35372559c36ac8527b77bd78aa844c623cba3e79908a689ba9531c1304dec410a5ad3c44af8c8908e70fcf2ae91aa459e630d7086742f79ad857a37f4a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | d13e4307930c1594d72ed24428a44f75 |
| SHA1 | 044d5b58d45da494cc91001689d85a71106bacc1 |
| SHA256 | a3f025a784685822510679144903abca7401320291ce6ca5451f15cbf269262e |
| SHA512 | 72febeb44f42ef936aad451591c2925f12159df15b2695aea115e3bc474cac6b81f4da0954a418796c68e50513fdb3af418c6db0db0f3073ed5d92a20d8cf92a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 293e99d91033e7ea335e79a780fe675d |
| SHA1 | 82bd2977d7bb81b4e144356a0f6f5ae062a7fc9f |
| SHA256 | dddc860ae51f6a8397395069900d03fb11684aaf94cef1248b03bf6ccfcb6f6a |
| SHA512 | b7e8b6a79363df2c243cbafb6a082623dee18e1a35921b292d1813894de2802e2ed33fe311c1bb1ae587b806c16e88ec889dd4caac240b25dbe843c0b919bac2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3e76a34234409298e21b898001e8906b |
| SHA1 | 2b32299c75ee2bbbc3fce58349847340c51b70b6 |
| SHA256 | 94515ae7ccf66d7beabe96e97a0b89ae10b8599d7cda5c34b86dd968dfd0d921 |
| SHA512 | d8e719e339ccf5f4ba2bacd7f5693259abf781c04e2400be38093b3a772d261dc10a96ea74f9b76079b7a86c3b3851866d58e14dfb9a796c05e80f475523c171 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b39cedb0d1e0968b6238dfceee93fc8f |
| SHA1 | f165390e808ca59f8e1ddea4f17b5fe8961f3762 |
| SHA256 | 62ac7ea9b10198e83606ff0bb388a528108522208c9f20e6d9427910380d3243 |
| SHA512 | 952abfa5024ed2511fb39511deca9e6cb7dede39d24e112b7a96c3263a92558f74c1b4889538b3ce2dd21a08558a4f6359ed4b65c1bb970667d8338cb247b1b9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | be53ebb5b550321f414db21ee7771bf4 |
| SHA1 | 94082bcf43cbb681c61db120140762f2164d27cf |
| SHA256 | e1d88a3580d0ae0fed65dd656ba93220cf309f315583d37447669b0344302528 |
| SHA512 | 9bca66033170956ed09123e2266015ebb31bc84a6b9d84ae77c7df8a405633247633f1f425fd18096295ba2330c6cdf7ef95332566fb1687aa6975d7ba0098d3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3b6163c0ff14dad336b472cc3d600691 |
| SHA1 | 4e04f0145a15bb424034c9ce61f29d8f42905df9 |
| SHA256 | bddb12333e2b50a986f309542bef5152485478ece5039b568556cf0f0ec9a7ee |
| SHA512 | 9c5e204af00e749371f2748b9c129bbe0e76525a0f95b640832df50bef9fad6945e8f3efce1587f444df687374fddb0138c271eca2e8cb19725fd55a9e2e7395 |
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ce6da1a0755402ca560451568415ba2d |
| SHA1 | ef2b95bb834b1860169be93bd27e5f259998bd16 |
| SHA256 | cc3dfe259198779e71f8e20eb9f682f305eb2d7a7680721198161b80bad0ff24 |
| SHA512 | 4fd539a1c3f7c01480169db2d118798ee6e6ee3185b4826ab43e6b004755655fd08e534335380fb32535a692db0c1f827feb040afc8b391601353c995f2d2a78 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 712e964365fada5cb9afc553ad729567 |
| SHA1 | cf6d1750b3d38c3882853ae16468ec8ced7929fa |
| SHA256 | 4fdc3f5dfac893ce06ec3e8d9e00aed516d6c631b8258769d31561c264241968 |
| SHA512 | b429c7d5acaa7abf7165fb23f3902f457cb529dd7d396308ebbc3fb309a3cc688a65ea084b45bb7240a03c544c3c35ed8300ac92f1e4facfb587d5ca34bc4cc0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 401dcf79b95de82fc8b8802e1e272e5c |
| SHA1 | 5c941d6b5bf660576688255b11b3876eb9a806f4 |
| SHA256 | e6b9694a94e785973046928f24320a307a6ef739619ceb6ebcbd17903b89409d |
| SHA512 | 7359e8a09dc7f10eafbbe17e8ac1263c2861a61af2d7d560ffd056258871906d96160168e20d1e50f4bcf6033d21a40f53d11b704531f5c20dfd0a1decc6577d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eb8399754291790ce4a97497d54123f1 |
| SHA1 | 79ec313f9c8b3afd0e860672e2d658503b70eb8c |
| SHA256 | 73a5010db959f561ea7979ab5259aa23ce72f7e1fb88a171a16ed7a3c2db8359 |
| SHA512 | 9ff5134ebbff383fc372e71ca7a7673260cd685c3d5149565c220b9dcf8ffd8211128e9a313a5fb954f4c7d3cb3f20bf6a99bc7194d8ec0428f2d6c14d6a0893 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d1c1bc4f0d12aa21e4983ce1df0253bc |
| SHA1 | 31c0d75f85c3f5178f48f6eef13a13e5e8a575a5 |
| SHA256 | 4e2541b190fba8ed425d1ebe0d408dc0f24bddc41126c67d2b8a5333199a82ad |
| SHA512 | 329dabddd70677aef8f98135a4cafdbca499cfa3060c44fa2375924992cd171526d8eab02e1360ec4e0ab0e64d67ba99b434367851f3e8cc0c5e0e6000491490 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5840aaabe3d3b0dcc3372025ca7a5a37 |
| SHA1 | 2d860eeae7f739e173723184d565031e8d479e66 |
| SHA256 | 3e611a7d90cd89a01520f83f56209ddff6ced16d012f65eea5d25de4f7e351a0 |
| SHA512 | 66301d2fcc68202fb4965f40285b3299ce66c66fee5c645e1c90bbffb0d7895ff656ae5b574242809a92d162d5ba2e2ac1cb7b34e325f17a559b0f9d5f7fcf7c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | facdf01d6c66d7ba04520a4539744185 |
| SHA1 | 242010ed281eb74720898152cd6afa1094608e65 |
| SHA256 | 51364b6978ab71fadb3185558c8fe44e9376559d23b4b01af7954143c86e776e |
| SHA512 | 20c864da8b97d8a243860d38f1ae68ca6e5c945e7ada3c13770a7639196d1009e2d2fdbee809cef195eeeeeb7d968b5a85868d82f0ab51657c6be80406b30dc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1b2845bed93cc07f32e1f4c568ca14b9 |
| SHA1 | b5a398ca6482736ab66488da915bcfc8b07670dd |
| SHA256 | 7252dcbef0e3db4f221ef722ba808e9b4b07e63a150c0ed0d3ef385b90e4f1b2 |
| SHA512 | 0af4384feb47e3db9980a50a19b9d027233a402d2059552646325572d9219fd6fdeab907e980b31afa7fb81def5c3e4dfcc17689cf0a10980674722b37158ed5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 234842a9cbbdac61bb00e52a46247243 |
| SHA1 | 3fd650ef060f6542278503a1492a8ded91288fa7 |
| SHA256 | 8f5235ff43c6d7dede2ccd6246e6e32f661ce71ba66f976524c5c3348c3dde36 |
| SHA512 | d229e870ea80707cbbd73bdfafb2d4c3d7650e2aa8d2ebf6a1991bc16946e64c2b5c777b36f31f4bd62eb9ef43445c6b2926a12602b09075e7d7830804565e31 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 53edc274ab2cea034c72af737383f4bc |
| SHA1 | 3aac418eba80a4abc08141f4b4d43f5c4128e2d3 |
| SHA256 | 445513b1f3ee5e45b6aa9df65df1967b62e05f6a9fbc8b5f7137d3a5fc8ba381 |
| SHA512 | 5aef658eda7fa56efcb86cc1156cfd079a352f2987639cbba93e4b232c15abf8434d37bb5a686ae84224f3a998149148f54a9ee708eba69f95a880aaa8e6bce2 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 09:39
Reported
2024-06-13 09:42
Platform
win10v2004-20240611-en
Max time kernel
149s
Max time network
156s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a4e44af4d0117c9f90fd2cd286287321_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff928b546f8,0x7ff928b54708,0x7ff928b54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5448 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5448 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,9786356923591562676,14089307972507270312,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4872 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.signaturekitchensandbaths.com | udp |
| US | 8.8.8.8:53 | netdna.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | ajax.aspnetcdn.com | udp |
| US | 104.18.11.207:445 | netdna.bootstrapcdn.com | tcp |
| US | 152.199.19.160:80 | ajax.aspnetcdn.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 152.199.19.160:443 | ajax.aspnetcdn.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.10.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 104.18.10.207:445 | netdna.bootstrapcdn.com | tcp |
| US | 8.8.8.8:53 | netdna.bootstrapcdn.com | udp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.18.11.207:139 | netdna.bootstrapcdn.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 8.8.8.8:53 | signaturekitchensandbaths.com | udp |
| US | 188.114.97.2:80 | signaturekitchensandbaths.com | tcp |
| US | 188.114.97.2:80 | signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 8.8.8.8:53 | 2.gravatar.com | udp |
| US | 192.0.73.2:80 | 2.gravatar.com | tcp |
| US | 192.0.73.2:443 | 2.gravatar.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 8.8.8.8:53 | 2.73.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.97.114.188.in-addr.arpa | udp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 8.8.8.8:53 | itokiusa.com | udp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 104.21.10.252:80 | www.signaturekitchensandbaths.com | tcp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.117.168.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c39b3aa574c0c938c80eb263bb450311 |
| SHA1 | f4d11275b63f4f906be7a55ec6ca050c62c18c88 |
| SHA256 | 66f8d413a30451055d4b6fa40e007197a4bb93a66a28ca4112967ec417ffab6c |
| SHA512 | eeca2e21cd4d66835beb9812e26344c8695584253af397b06f378536ca797c3906a670ed239631729c96ebb93acfb16327cf58d517e83fb8923881c5fdb6d232 |
\??\pipe\LOCAL\crashpad_4248_KICCMCBCBFBORTBF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | dabfafd78687947a9de64dd5b776d25f |
| SHA1 | 16084c74980dbad713f9d332091985808b436dea |
| SHA256 | c7658f407cbe799282ef202e78319e489ed4e48e23f6d056b505bc0d73e34201 |
| SHA512 | dae1de5245cd9b72117c430250aa2029eb8df1b85dc414ac50152d8eba4d100bcf0320ac18446f865dc96949f8b06a5b9e7a0c84f9c1b0eada318e80f99f9d2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b566736e614db90bef795235c84293b9 |
| SHA1 | eae374dde50bc797ec997094f5fd7b5d046de558 |
| SHA256 | c5f970e664c9ecdbc7ce3214ff4268b9b71c9a32eec54afbd8904a2cd8104854 |
| SHA512 | 22cf608d38bd0d141632e8bb784c3637a81238d8fbe6221919af49411b67a5a39695195b8f37bcdb18f8fb206577651bbc82f397f01580f95c924ec966bb0dd7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 323cb455d4051c4658c58a2bb7c295ce |
| SHA1 | 390092903fb770e99b5748585bae38ecfc3d135d |
| SHA256 | ed56148bb84ef2c972f1c0cd610ba4f74b5f5b396ab2585d5a0adca9148769dd |
| SHA512 | d0b04eae4b538a8429c910de8e4d00336ef3b2029720ada85515b454e87153199968c02e485612eab7e5f13bcdabc4ab4b57c10d7d18cc7d762882a11e75483f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 065dcaf623d23ac7f699091c4d07b7e1 |
| SHA1 | ee8d8679a63bdf71ebceb8cdb02251453f1516a2 |
| SHA256 | 64534c2100aaf143d8c05fdfc6c0fa0fc7bd329d7bb816c58ce45d111426cea7 |
| SHA512 | b3cd6315fbab99c72e5b0b889700a162ed5902501646f5227bf7e05ebbf96c70de350afd62d8ac5635a5ddc9f1381c0cef7876c1072b93f9bdcad67cbeedadea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 55d0c7794bec199a92309689b3f070c3 |
| SHA1 | bd4c2dcbe9f80c811483b5bb22decea63f9aaf89 |
| SHA256 | ddefbb590779d2c5c1af5d7253c82c1d7452978f0fb5bfed50f06957736632c2 |
| SHA512 | 885da3d0dd58e89030358b8f87564482c345dbeb8266746cf4500026ea3ae917135783099179c252292a2282827f409822973677aedf21e7b0bbfeeaf6d807c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f5ed4a5752cf6e0c4c36bee00ce95146 |
| SHA1 | 04d898b0900b152149f16c6ee7c321a7469606be |
| SHA256 | d6d1356d75d6812ee7904a2ed1cab3a1637844dda278cdc47608bcde8dbd59f2 |
| SHA512 | 469bc7e671fb9919564233859a16eb8263919262f862014341a4f89cbf1fff9a7b8e6fc5a8235d076023e70731d612f5081c0ed8a663579f78563752aecbdd67 |