Malware Analysis Report

2025-01-18 00:56

Sample ID 240613-lqcacsxdkr
Target a4e833985bd68fb5e0e945b8f0887a59_JaffaCakes118
SHA256 449d23a600aff6b1708b30413e3902cd0943b64645aad4937a17b6fb581963e5
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

449d23a600aff6b1708b30413e3902cd0943b64645aad4937a17b6fb581963e5

Threat Level: No (potentially) malicious behavior was detected

The file a4e833985bd68fb5e0e945b8f0887a59_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 09:43

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 09:43

Reported

2024-06-13 09:46

Platform

win7-20240611-en

Max time kernel

120s

Max time network

149s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4e833985bd68fb5e0e945b8f0887a59_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424433699" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006fb3d087c4ee9c4bb22550fd83a039050000000002000000000010660000000100002000000018527ba4214c99689c6f11b09225e90320ef33b87f6267942fd7bedebd9860f5000000000e8000000002000020000000e80875d11c2e1ff38f56f27865a1949b763176caf82ea35c8194c5d880281d1e900000000c1c0f45a67846d61e15563fffa0134157f74c988508d30ab444d63cf0eaa33e8f4817844d4281f238c790d2ccf1ea813222c805ab1607479467a373cc0503c59fc1c926b0abd14103be8bee3aa1cd77933754313f383ff717ad8139441688d709dd1be8b91b4fe281f24b6e57d95aee6232b7056dec85ebb2bb02f4cdb4a6e6a1153cd1302b17b608f9a84a34ca8f6d40000000e923fbd0a23a56339e4de34895d6747d1faa31dfdd750345d6297e437ff35d382235669091098bab65819c80da076e479273beced72100197bccda6489e2c8d2 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "233" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10227" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "233" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "325" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006fb3d087c4ee9c4bb22550fd83a0390500000000020000000000106600000001000020000000531f6cf7e5a3f2660de3e27dd279de100bb45df9313330de12b32a10725fe444000000000e8000000002000020000000e05a80af6bcd152ae13b14a6b6e98b120be3f9734115786ad66e1309daf21ee12000000026c2ea09d1842d21c7d141b92b213ee6053d4f2dd01bf213ff0266cae82e2b9e4000000054db26ba4954fb762076fc143c9185f1adfbbb0dc7a43981ed80da801de48f90d0a9a8a21e9e0e9b3d49f86ff83927e1b41e011974d8745335b9417052b2f696 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c0f4e97876bdda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "331" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "331" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{70D7C321-2969-11EF-8F67-D62A3499FE36} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "233" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "325" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "331" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10227" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1340930862-1405011213-2821322012-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4e833985bd68fb5e0e945b8f0887a59_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2652 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.mylivechat.com udp
US 8.8.8.8:53 homecarexp.com udp
US 52.117.22.28:443 www.mylivechat.com tcp
US 52.117.22.28:443 www.mylivechat.com tcp
US 8.8.8.8:53 t2.mylivechat.com udp
US 169.63.234.69:443 t2.mylivechat.com tcp
US 169.63.234.69:443 t2.mylivechat.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 lastdayessay.com udp
US 104.21.15.172:443 lastdayessay.com tcp
US 104.21.15.172:443 lastdayessay.com tcp
US 104.21.15.172:443 lastdayessay.com tcp
US 104.21.15.172:443 lastdayessay.com tcp
US 104.21.15.172:443 lastdayessay.com tcp
US 104.21.15.172:443 lastdayessay.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 v2.zopim.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.212.238:443 www.youtube.com tcp
GB 216.58.212.238:443 www.youtube.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
GB 163.70.151.21:443 connect.facebook.net tcp
US 104.17.99.195:443 v2.zopim.com tcp
US 104.17.99.195:443 v2.zopim.com tcp
US 18.245.175.16:443 static.hotjar.com tcp
US 18.245.175.16:443 static.hotjar.com tcp
US 18.245.175.16:443 static.hotjar.com tcp
US 18.245.175.16:443 static.hotjar.com tcp
US 8.8.8.8:53 static.zdassets.com udp
US 18.245.175.16:443 static.hotjar.com tcp
US 18.245.175.16:443 static.hotjar.com tcp
US 104.18.72.113:443 static.zdassets.com tcp
US 104.18.72.113:443 static.zdassets.com tcp
US 18.245.175.16:443 static.hotjar.com tcp
US 18.245.175.16:443 static.hotjar.com tcp
GB 216.58.212.238:443 www.youtube.com tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
IE 2.18.24.9:80 apps.identrust.com tcp
IE 2.18.24.9:80 apps.identrust.com tcp
US 8.8.8.8:53 x2.c.lencr.org udp
BE 23.55.97.11:80 x2.c.lencr.org tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.202:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.214:443 i.ytimg.com tcp
GB 142.250.187.214:443 i.ytimg.com tcp
US 8.8.8.8:53 fe0.google.com udp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 89eaae881d300ee05df76f4b385a04d7
SHA1 8ddd2ca7179a54d72e38751e2bd3796efb70eae0
SHA256 e0cad32c86e30096611a63b40064084e582ce07fe45cacfb0bff80d710a507b0
SHA512 117bc4ed5e57224ebaf7dbbba3f1bc5d98c647ac0206f82fa13f3764527c84f338eed72a5d566073930b74706d73505414277a2cf3f422121cd6090b04e87f37

C:\Users\Admin\AppData\Local\Temp\Tar24D2.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\Local\Temp\Cab24D1.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7832512d43362d3b019c14b5cd4e7a58
SHA1 64577092fc4514255098c2a6ae2a02cfad944da5
SHA256 75d9c913620c0639b85543715838f314640f56e37aea1ab566124daa5c2e49b4
SHA512 1f563c7fb83fe3b9bed8ef866894da116c095988a4b960921ac15fc8817afbfb8bf732bf6c00aa93ecbc6ef3ac4baef0e91e2a8227f63035f6eafddb15465156

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 70bab744b4ba60cccf3b4cfda40f1e16
SHA1 b85712d794e78ec9c6757bca6ba2ebefa4ac34a8
SHA256 45ec87c585e77a2f285522fa5d3b885d7e084ffa5adbdf6aa101e8a5bbd87246
SHA512 c0bc738182c6c2747262458396c90aa6a2a9a82200901038c9c8bc0b520cb1f0b8348f31cd41610dab8a8590f77e5e750ebcc41f0cddf01505168e46771cd5f1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 54b487f6d3569a8c24383df3b885d3bf
SHA1 3f4fc3be50706f437ce0524674e0e52719a92a5e
SHA256 d621acb575696bf9e14540db879203eb6db5cfb868cdeed2a05fb59c38df04e5
SHA512 4aca44f147881f6418629787fee903028d0982b388085b69c21e951caf2ac8d5f0382c26e7404d7435e17d05893fdeec5b4665430437e2b6040b7c97f9c69b5a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4ec2f59124da742cc89b33c314c326f7
SHA1 aa03a47512866d1af7ab2e731c9651cd3ec8201e
SHA256 830a8b8c846417d36a2e9d6ae288d2f1c24118e1c210b6d8483d97b2034c4c00
SHA512 ff8791d559a401e69c4798d1ab6bda33b60bd03e0049aac3509c6f5c2130c715a02f5f325faf29020cb9b2bf0e1b3c2dd74904f11f861f8c13cc25e1bd1d246d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 61a19f68c8cc87c38157dc7565282e6d
SHA1 1cfd55ffba32744eb8afcbcbde3080c87f4bb680
SHA256 d6e585b2efcc934c5fd0083a6d5c15ebe33ff108732acaff68e355cc6cfea2b7
SHA512 4357e07330726cc2099a74438ae845e83768eb6f30cadeaa92177b0c804732ea52b038a0f1a4a376ca7a3ccf4349e965234cfccc7782423ac6e91714e00ed1e3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8b8568dd883c519cc267ae12bcd3edc9
SHA1 7182655c4a23bb549dfcb4e940fb182ba940bebf
SHA256 1cfe10d54766ba14d7e9bf61d31facfce3a51de9076ff7c5241bcd73467b7446
SHA512 a3435265d06524f962b11392c26b4cff6ae245f691528018d785fbae90bec9e4f5a9f13586c9f894b78c6d60d70d6b1cc2c426f8a0d4d566b2ff4b3a2c353adb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 51fd72303b1cb9a95daf9bb069531bcb
SHA1 66c238f7178a48d3c3d7a0ec4ac9fb89438c99cc
SHA256 85a4384dc4f539c298dd508288293d0a7c1df075695a656eb97033071e943f5f
SHA512 90dbe31473a7ae8b92b10d92726452002b1efc1b56122fe0acaa8d28dc7d199bfcdf66c0ecbf95ac0923843485b328ab67c96cdb431c43fe2b4ff1c17a72b0ea

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5e247067f4336027416e14e140201788
SHA1 9010636fa16545b435cb7bdc4f9ac8f4f72beea3
SHA256 01fb51e498ec1a5ccca63f60bb69e58c8e5f26bcb6f48415243639585231d01e
SHA512 7667681d2927fc25953a03cace736b4aaccba2c876f08aca67167a1e20c11dc891c5a83744f5d59bd3c09ee276523d0390cd2219539e2fa912307befbad8a85a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 006b2f594f2a8dfc7d73cfb30f70d804
SHA1 7739b969ddc84f5d2d6e8441918cd35c02548e07
SHA256 09cc65de74f09adb04c8f2bb5259ae1f32217123df0a2d33cd20703d139bd069
SHA512 ae47a0ec3c1dd14a1b367626fb16746c9ec3d3c63cec5317ea9a10772db0e920ac58fd93ab290f0e06544e03e7e211a195fda2e3a262bf24d6e89b20b2edc8e4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8da919d05debbc871e7a8939657d2e92
SHA1 c13c2e57d734e886bd3cf1d75abefc09a67d1884
SHA256 82f7b8967ee6db5de5c3f9dd981979e1214896a996a4ea9313a28c838c0a021c
SHA512 58a2f9898e6df84f1f0005ec3d8a80558c29273fc7959fe3ae6b2ebe302cb47e790eaced4eb723da07a2dc14909461dc96c2ced1fffca3b390801c27b46c4002

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ebe4929eb7547cf9caef6a818a55b431
SHA1 008d4381bf092f8b410d89e5df28fc252c0c304f
SHA256 a73190a2d77bccf3502ab8273ed8fdc90ba680fd5102a3ca01f5294d01f390c1
SHA512 8f636e5989f1fb2eb13c6a5970b2aff585c0bca578eb0a085f4461b8b1282516cdeb04c0abc7b9a45290b6c500ba2d29fe59d41c4006cbad4ace9102f4ca9254

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M0DW1CQS\favicon[1].ico

MD5 e612a12bbcffd909dd644762e63163fd
SHA1 54314fe2c0807f2741b93aca883b061c71618b74
SHA256 dac5a0b877f0adc22b4e4b6b6a4d44fd362789ccbf5c4f6387bb2be3a9d9eef2
SHA512 0f3e13e2aa875c802b95694b356e73377d887a7b2f0cd10bd5b86afc54ae55d4039a48cda5dfd3b7be19ec84a197eef5fe19b89c2cfb011d05d5f37c81a4b663

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9yhbznx\imagestore.dat

MD5 f351b63140abf50ef676c7e730b3e7d1
SHA1 4066bdc005dca17bd949dd37728ee668081b1273
SHA256 e5c1c3c313d25441dfeb0b9975db63ad33fae6ece33dbbf7927b7bc48a92a11e
SHA512 f4e152670e006d336d6acc49ca5c16598a1ebe15058e70389550f595135e5685feb0032f8e832c39f911f0ccd847dbc696bd10800cb19f65cd815f0e6f7d6d6b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3916753a18f68210414abba5eb1060a9
SHA1 d16c8c7496c8cec63493ac4103bab83fe5668cd5
SHA256 760225a05beea01356cc09a04bf27abbdb69e0e33992e3d0b8ffc72681beffd0
SHA512 3fe6cca417c05d8865dfcf1ff86683d4209b081a9bf1e8686fd7caee96ce5605487491d9c909fc04da30702cbb512a60323dec202bba5a5fc463716866a10d26

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b33aa2abf094e81f40e4dad2f7bd5ab6
SHA1 e25ee3e6388a449a41bedb34354c956a46aaec2c
SHA256 6adde38f33a609fc3f1e5d2ff4368d867b4b4324abf06dd497ed9d9f4dd32300
SHA512 db5650e4176c437c825cd75e0b003c5b8a8e5bfa3e12cab7bda4bc1a2fd94eac736531d0737b89150ee7a09eafc13b4087bf43f3ce00d3df159167b664cd24d0

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3OY0C6MX\www.youtube[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3OY0C6MX\www.youtube[1].xml

MD5 a580b426842251d90c22f6eb422fe4ea
SHA1 afaf577702cbf4e6086bb638c620f970b5015168
SHA256 4838ded472f9d2e4753aa21c4bdb4c7fe4ad5fb825147926c84cea6a173eda7e
SHA512 30fc828a8479f2c2cee505623e6254cc1a03967b372fa8ec8885bffd8e3d7466e4cd395bfe219b5047a7747caa4a68b8503e330346c9e427b245d5a47f049060

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3OY0C6MX\www.youtube[1].xml

MD5 111b4124666a0d51e441a72f268867c3
SHA1 9c4b9f9e484fa51a9da32d26afdc9dc77e293151
SHA256 d984f0b77c63a3f4217c10115fc19bc4be117d980bca6e3c710a01a45aa21071
SHA512 d650b9b86e57068c59eb3f71345c0cf439e671abf12f307d8a987a731680f051354cdc090f0c1a627f77eec0c4dc3923af23ef6b87006a26e9a7fc34461c0afd

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3OY0C6MX\www.youtube[1].xml

MD5 6faff60ffc52d32df5b76e3c031cdd8f
SHA1 5fb26b5055cbffcd2a6d1fa74923a6579c082c86
SHA256 142c502ab8cd97d8963bd14184b22051f3534ab0e266794ba18567f31a6ba261
SHA512 f599bb5ccd65a6277a553fccfa61c0e8cd9980a58ee081d3913aa38fc89741eab485d4980e8df00e5b499e8dd15593531cfcc0dc95946c745e384fcacf2822c1

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3OY0C6MX\www.youtube[1].xml

MD5 333e2a99eff0fec116faecfb6868ba04
SHA1 7fb0f2c9b0276ebd47d53bedb07bbb36b0a696f9
SHA256 3f6e29c36fd2a7fe87448aab9e3b2d57e350d6ea26740d11a74043d5e25df514
SHA512 80b6911fdb9372dd6e30d9e5ef348a2b14107837746e3ed97c0cc9a1a68d54457232d2a262b7124d5fb6c93fdcaa067b39e967d03eb3c32c4b206c8d40674b68

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b657aa2bf5beb3f9364c6fde051969fa
SHA1 2e2d4eacad0754676fb66ede90897df94e226238
SHA256 af8315f7772826248b7f591ce967ed1432c77bafc46e2f6caaa501fa88c52f53
SHA512 d6c3a7e50a3c58268d8a37b2d4f63fc44959ab62f310498da3e9267dc273b1280a166c84d3636e8cf7a0e7c4bdc4f4c04694d0e640e436b33296bb21056f17f7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f99303dc775f398706499dbe3af96ed0
SHA1 6a41ab1e8cf4450db22e2bda53dfd55e2766ec21
SHA256 96b6bac0e06459bac8cfb820ef564439c23a4a30d898db3d209dd00de11fefa1
SHA512 6f357da22a3942f399020316f3f080d50c257b51ec4b145d06ab91d402ffd528da15b23301b134c15d0bab9b9166382d1bf5a0b0ab0b4a5f1a873b4e0c1a5013

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 82814964be4e01756d1a36e64f84f6c8
SHA1 6619aabf4eea4a235da8177f006b92fb09731f30
SHA256 f3562c9c637761b454b978c240bd51f2c05986b0caadc920fb8a419dcdab0235
SHA512 517f47881449c0522af7124de0ed2354bd8d2020300e44c28f68efd0a5c9972d119e256ba793aa668b64c2259709364fe0fe3257ee699049ba94d8f33e113a72

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8c70fc7e9b7c708e84e2c27fe6b535d4
SHA1 ea60385e3bf9999447884e085231879cbc686205
SHA256 65112758a6549d474586d1f2fc21e30f2d5aa3e1677cea2d998c6e8d3f2e1556
SHA512 56f82ebce6621a4c289e2c63af11e903aad1fcbba02aa3b4ab3a82d167bd64edcda5151b301ec39cde8a31394f330a1350e58451dd648a06cdd03072472ab36e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1f6930bdd7ede3a6bf6dc061b3b87f8c
SHA1 d62dac4b9d52e7f94b1cc32e82c862cd6b8c5e47
SHA256 c649ab38cbe16460d32dd8621ad377a0bd0ba169ccecda79bc85ce8098df26c8
SHA512 74999036cab19d8ae2acf31c76cd5456f244814071432dc98593962d09e6d4a81403fa3eb957173594d1cbf340701d7fc347b1fa359cc10074ff96141813a52e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 570cb54824c9bbf22f7dfd8b5323b36d
SHA1 43fcb12c2c24bc8534dda8fcb83879b67ee53bbd
SHA256 15cabd6674fb37b85a606883740030e25b140d00380a8c2928d6818a24de62b1
SHA512 1ed3f8c483fc4efbd5249463a59431fdeed1de6713e5f115001acaa1a28eba8338b88c6ac9388f833f25dd7ae93fd671010fbca083b5f50f585ba11f369ff8ce

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b2abcc8e2211b606f7bb633d1f80db2c
SHA1 51fc44b500c1c7c5c4f6d64674eda3498727acd3
SHA256 93ac825d69aa1be59f228e69608117f92c31b81942ff3682c804c773d67c8a68
SHA512 718115d5a93f793c5b15c09a3ebc3f7a795a87e5f679b7fb85098e6dab20ff378152d65d0d422d8206a0381286eb696363bbce2004167af95cb1b89de3e6eed2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d2cfff91b86ca9917c069b6320ec5d44
SHA1 cfd969701d427f88e40d14fbe85c5b7b8c38b454
SHA256 00a6ca86b36a05145a251fb1dda250a06cfd6dffba52bafbbaf420c159009d56
SHA512 30beb2f60c2d72b3ecf6f3d126bd6b8c128af081e30ca705825c45f40b71821f698b2dff3fea993ae40c2023a8334528b7eba42cb7466f83e372c0b82093af23

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 90df5f56750e7956dba4f062f811354a
SHA1 0483af5f895d87f453f2fa5bf4647bc921ab347f
SHA256 e44d254f08356234df622c299eadca69d75ab16904066c4a57335dcf7f8d0c1b
SHA512 0faf4ab54def42f87c3202b2de1cdd59c311d3935e9c4afadb59158341c8ce93750fbccebb74ada0a34a6381b46e06ea1e0b4fc6e7179087a362ec88085a29e1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2f302ca29c1a11fbde918c24442021f2
SHA1 938bc93762237df7e375cbd21d1188e0a4dd8cd8
SHA256 89386d1e3f5fe326d7ea7c1fe920be93526a2600cc7bf2638fdef0d29bac7664
SHA512 a64cd0ceaf696dd47a395206c8f611032d251a4ac02bcdb7069b1cf35778000386b147725aab5cc985116df3e1fab0f90368ca1acbe615a0d60175bb603d9dba

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3OY0C6MX\www.youtube[1].xml

MD5 8f01cdf1b230a203e3198de400c49023
SHA1 a2e7c88c453d6fe6f0145c3ced124f21f30fa469
SHA256 de7a8f23cad994d4334327fd2951e222e87f247f8065899f36666dc4fedba1e6
SHA512 419d4b959a15809fe8569adef06389ecca43069e626e480ba5cf2afc0bd5fe946af30cebdf51c6706f39262cbfc15e8de9617a2ef6a87560f578e60cf3b64159

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3OY0C6MX\www.youtube[1].xml

MD5 be6b66ebd68827913c6db65f52882b60
SHA1 d0910040c7d15b1640d5bd59ce08fdaca00a373d
SHA256 1d0f58504e7046ec488603981fcf539e9f52a60b7aedb868f12e2ffd0aa7792f
SHA512 867b5ddb07d73754853a05412e7a1b3ab1ad1471223fb784df23ca70b184ce03216a4039542f0f97c345489cbb63c80d2b403c82ccf8fd3abf0107cd2911d78c

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3OY0C6MX\www.youtube[1].xml

MD5 74218e6be1b2b054aef6392e5698c36e
SHA1 9410096fec0c730a7c5f0e84a7c02dfae0fdc9da
SHA256 f763fd55faff887d12866a2e8d4a9a2a5b77f2d91bc51a557f13aa5564dc681a
SHA512 9c08be45dddddd4490566e55ecacae727915d962de5811260f95c02daf1b87e1b54413d1762c124710a385851f1e145db6af488ebbaa7bf4fef750c5b3922ebb

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3OY0C6MX\www.youtube[1].xml

MD5 8377505bb44f4d2d791d9ea2c7154221
SHA1 8ec932fc466176227da5dc1e5956de27c24857fb
SHA256 d9888823be5ec7738fcf4dcfbb7a45f8df076216962608ed6ce404ccc434ec74
SHA512 ab35051473614974cf0d1d95e0346af19f113adee2a43a42a3a8db8c81a22f5a0c2157e60a9257ca25c37704cf86a562e8bb11d42d9da8dd5477e578ae75e6fc

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 09:43

Reported

2024-06-13 09:46

Platform

win10v2004-20240508-en

Max time kernel

149s

Max time network

150s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a4e833985bd68fb5e0e945b8f0887a59_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a4e833985bd68fb5e0e945b8f0887a59_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4484,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=3508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4280,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=4672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5012,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5336,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5380 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5460,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5604 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=4664,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=6864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=3964,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=7140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5132,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=3748 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 www.mylivechat.com udp
US 8.8.8.8:53 www.mylivechat.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 www.mylivechat.com udp
US 8.8.8.8:53 www.mylivechat.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 www.mylivechat.com udp
US 8.8.8.8:53 www.mylivechat.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 www.mylivechat.com udp
US 8.8.8.8:53 www.mylivechat.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp
US 8.8.8.8:53 homecarexp.com udp

Files

N/A