Analysis Overview
SHA256
b900718a92e98ad142d42c6179acf133636be6e5dec94f996e9e4ec3edec3ded
Threat Level: No (potentially) malicious behavior was detected
The file a4e8c7e6687e849c9c2615fc57ae98a5_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies Internet Explorer settings
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 09:44
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 09:44
Reported
2024-06-13 09:47
Platform
win7-20240611-en
Max time kernel
146s
Max time network
150s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "11197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50a8795f76bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{87E1E501-2969-11EF-B918-627D7EE66EFE} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a807600000000020000000000106600000001000020000000c43f0c3ccc3b7c2cb2be09c49c59a01531a8153e18bf29574b8db951b5bc950f000000000e800000000200002000000011b2c97977c8b616063c67d4ba3b08775c192512495acdc9006c9920fdc40dd3200000005a0e41c01d042ef296bc8486737c421a6f1b649a3c7666c2acf090e76f37135c40000000ece3f07805d1aa6dccd062987c9a87d555407b920c96032347d3dc2fc4b68e968563e64d77f24fbb69fe539d85d9527cbf5cd1c3e13f1a1a866a21f5faf71320 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a80760000000002000000000010660000000100002000000064c9bde9d9652e4e10201c0bd60ad7bfc2d813b70985ecceeaa53b4946c185af000000000e800000000200002000000088922d38c2bfaaa854b30ecf439f678ad7802710d262d475dfe8d457fd4e1f349000000037aa30080edb3d423ec7654ef24b53d30bd7ebe694b88a7f6050dd6b2ff41bf009e79cee76e3c2f153d874d501de7f5c7ed91220c8ea1b9b0816077ad3fb85c4acfa6e1d8f5d420e9f6c87fae4f086e8a3880ee160366ab670680e6f12e04fbb60b66c6209ff1fc3467c9d95547ea4ff342064da87ee715f8509c59c187b4a91226e662a60ad359e667168ec2f1c337b400000000c5f7f4e38780d6952872f728007525e2496768cc2231dcf8cf71afe4a15ffdf4b4ba09cd3ae98cd091bb41ae7fb5d2026851cd265c4737ae3d2e959fd97caa0 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "233" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "11197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "11197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424433738" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "331" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "325" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1696 wrote to memory of 2592 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1696 wrote to memory of 2592 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1696 wrote to memory of 2592 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1696 wrote to memory of 2592 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4e8c7e6687e849c9c2615fc57ae98a5_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | skidrowgamereloaded.co | udp |
| US | 172.67.218.22:443 | skidrowgamereloaded.co | tcp |
| US | 172.67.218.22:443 | skidrowgamereloaded.co | tcp |
| US | 172.67.218.22:443 | skidrowgamereloaded.co | tcp |
| US | 172.67.218.22:443 | skidrowgamereloaded.co | tcp |
| US | 172.67.218.22:443 | skidrowgamereloaded.co | tcp |
| US | 172.67.218.22:443 | skidrowgamereloaded.co | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| IE | 2.18.24.9:80 | apps.identrust.com | tcp |
| IE | 2.18.24.9:80 | apps.identrust.com | tcp |
| IE | 2.18.24.9:80 | apps.identrust.com | tcp |
| IE | 2.18.24.9:80 | apps.identrust.com | tcp |
| IE | 2.18.24.9:80 | apps.identrust.com | tcp |
| IE | 2.18.24.9:80 | apps.identrust.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 172.67.218.22:443 | skidrowgamereloaded.co | tcp |
| US | 172.67.218.22:443 | skidrowgamereloaded.co | tcp |
| US | 172.67.218.22:443 | skidrowgamereloaded.co | tcp |
| US | 172.67.218.22:443 | skidrowgamereloaded.co | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.214:443 | i.ytimg.com | tcp |
| GB | 142.250.187.214:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 33569fb12a6ca7b806f10286c1200d80 |
| SHA1 | d8784778f35fdc754cf9d745e6ee245487edddd5 |
| SHA256 | 86b133c673cfb40a786a2df3d9341f534fa01bba56071a9af3545f8be9b05a4e |
| SHA512 | 7eba797990f70478947c3fbf43f28cc2381e203ede0a84124ad6f9efbd19a2d9ce0a942fb79ce2583f9e2e9e19f1d164606003ab805a45ecb9cd4feda3049c5c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
| MD5 | a58f3387b6360f55da584e31c77868fd |
| SHA1 | 90149ee6ddfbd2699a86e72315624c84775eab83 |
| SHA256 | 819a84d0c7a8a322559362047e69d8dca99686694937707a39f8a5224d936993 |
| SHA512 | 63632d74bbe3d924907114dd23c11e5b263b77aca6096c34d5658498136754ff0625ecb6a89b56256dae461677d2a0006d3daaa6246d32b4302d45025cb0f5ca |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
| MD5 | d4ae187b4574036c2d76b6df8a8c1a30 |
| SHA1 | b06f409fa14bab33cbaf4a37811b8740b624d9e5 |
| SHA256 | a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7 |
| SHA512 | 1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c |
C:\Users\Admin\AppData\Local\Temp\Cab54A7.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar54CB.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
| MD5 | 6f3dd58c3a186801b2ea2958063547d4 |
| SHA1 | 1b209caeacfa7a18d71e47c0db49e7c027f512cc |
| SHA256 | 34722083cb4c53c10a921ee6816abaad6be5a999ce28f84167b12e82542957c2 |
| SHA512 | a6081cdf335cfdc637e4db7854d2412b77aa6d031bb0eb142ad97149e5959482a14fae1ea0d4b9cdb2b28e5e4c83cc4096e0c7c1f474745ed0bee7e1a1e09534 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 292e86472602226b9be2fbd000985037 |
| SHA1 | a7222845bd7d28a258ec569fa57e0c78384108b0 |
| SHA256 | 97121da442d0dfc699b50f8c3515c1b33964c80252993f6e0b62245a2e7e57b2 |
| SHA512 | 04743176b48f2ae42fc8493711ca6445d7a7c2c5344e355b14cba0286d8c6901057be1204f090a4debe53b3546c5d0e8d6dd5c9851d97ce98e546dfe3844be34 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | be13f42c1d8beca96ecc1336468fa73c |
| SHA1 | 0bb8bb8a718adf07ca8a0903137e5d664704100b |
| SHA256 | 1b4456ac0b40cf5f145d237c7b9a0c61ea64a5576e01e8d0f3558553304ea3dc |
| SHA512 | 5c1b7decb91ba1f62da6a5dd056a9718e16e7cd3e14ecad5cb84f7de0357d8b763bd728059b6252f31dbc141634e3bb77ba558a26054ebf5bcd773c9410b5d41 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
| MD5 | a8a894d3c246ea94ff6cef82ed9d28d5 |
| SHA1 | 0a320beb40bd36061044d45d121c5a1e47105742 |
| SHA256 | dbc58cff2270213ff6e4383c2329f48c243ea2425d250f3e591a527776d32b96 |
| SHA512 | a5eae4d2af5a371dd53f8e6c3a70f22b794648f568bb1e38c2c91139c17c5b099782f9a4808ae0aca22fbd125edfd2de466dd5ce3e3d265878d471f90c13e7d2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
| MD5 | 822467b728b7a66b081c91795373789a |
| SHA1 | d8f2f02e1eef62485a9feffd59ce837511749865 |
| SHA256 | af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9 |
| SHA512 | bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1B1495DD322A24490E2BF2FAABAE1C61
| MD5 | 91de3042c769cf8df444929a1ea2f33d |
| SHA1 | 0bd28b2a9979d0b3b9d35887fab7f8257703c22a |
| SHA256 | 02a481baed5a6251dc3faa271f4061c37d7b6f453c280521cb9dcd15becc25ec |
| SHA512 | 46002389b0c4326444286c8ac0021ff7c2ca8c0cf751926e8a9df79cf9e09ba8743e41e68c5cf5ab3a37e2e4e9c739a0aee8522efe475d3e9fd62dfae8c63d9a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1B1495DD322A24490E2BF2FAABAE1C61
| MD5 | 5ae8478af8dd6eec7ad4edf162dd3df1 |
| SHA1 | 55670b9fd39da59a9d7d0bb0aecb52324cbacc5a |
| SHA256 | fe42ac92eae3b2850370b73c3691ccf394c23ab6133de39f1697a6ebac4bedca |
| SHA512 | a5ed33ecec5eecf5437c14eba7c65c84b6f8b08a42df7f18c8123ee37f6743b0cf8116f4359efa82338b244b28938a6e0c8895fcd7f7563bf5777b7d8ee86296 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml
| MD5 | d08a95bb5e63f59a9c04e63a7a84da6c |
| SHA1 | 9fc811151c145762118193a543e31345e50e981b |
| SHA256 | 45b1d97bd90e65907ed4c82941705231f4ffd550598d23187e97765d53895034 |
| SHA512 | 1abace867914b340969e4a7c88e6b22d94a85cc33eabfbb102fd35e1a9af7357c492d3b69dc92f53cfd8c38097e395498dc458406bcf25019a7f07a5edf1bf67 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml
| MD5 | c94f35bf75d0b643d51eedacb22fc97a |
| SHA1 | 498b02c6269db32c18ee27b3fcb49bf4a725cb73 |
| SHA256 | 5fe3049e2f41b17421ca70f1abfec137776c138499fddc830d0d930bbf384429 |
| SHA512 | 68fa1cf5ea4a22c82e3bcedbca4942ff482110b6557f970adbb5a8f57ba43dddd0e53dca996acc7cfbaca94ef7eb3f0cbd5a89000cc4ea04ec80d0b8de87be45 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\recaptcha__en[1].js
| MD5 | 38e25c4634858aaf2fc6125b7a8a1205 |
| SHA1 | ee075d53e8668a2267610b05df51416d1912de63 |
| SHA256 | 3be69375a428a615caa7c5307c15298a41a4f272c77ff19051a462462d1af5a3 |
| SHA512 | ec8cca0137d29dc8eaa217a6d923a8c49c89a6bf9bca01748f09a2d4cb8d7863b7393f15eaf096591933373fdc96ca6fff0f1097e7505e5a699738a61498c066 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml
| MD5 | b632a862963e83bc828030b3e5840592 |
| SHA1 | ed6fc3bfc3001210bbb04bed723cf42423163ded |
| SHA256 | 279a2a901b80811f91ef501d7b0aa2932c882b77d73da500518f88a69ab1f5d0 |
| SHA512 | b0d4ddd3639b32d6597c5598e216c57e53b13b277cee44f7abc2381a82c16aca99531865d61adbf2c3ddf3f0e3c8689743fd498a74d729e3866127233fffcd40 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml
| MD5 | aa8f7f2d875d4b9dc25b66e36d1acb99 |
| SHA1 | a7fd67d654d055d811e035451eee2b6d1b30cb3d |
| SHA256 | c3c00e491e1b7155cc532bb3d17777dfb5f740641d512328b7821ccf6776981b |
| SHA512 | 8d181514894ee2a8dc253ff047df278ee60dd1f80d787392a746c538ee85905abd794b4f29a9bf1c33ebee36e0cf4eed93925a9456096356fed12fb6cd7cfa03 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml
| MD5 | 440e791a8e2347b3ea4e4184aa349c96 |
| SHA1 | 327c2f90cfc504db9a5bc991dcaf1195564c557c |
| SHA256 | 527195c066146db68d4dc65249e29169f769cf231098106596c00d21800702cb |
| SHA512 | 19bbad145a529feba03d004239c24513748bda0e7b5a9c5477a3cd62d3cf87f438751b6b983a133a1bdf407a01309adce995eb82811535f638b83d05ad03c7a6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ac3c62348052e8631f7e02d3e8be0466 |
| SHA1 | fb9588870598bfdc23900c436830af053bce571c |
| SHA256 | e2c9ba93f2ce2d018c7e4b3dca940258834b25203783aae71b654462aaa1f5a0 |
| SHA512 | daa191dd170a822ba6c830fe0867cb961a46e944a7dc988f4f02cfbca7998e4fbd9f4976ca18dde036d45af8490ff0765e62354f664fb1846a68d60c80357072 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b612c4a8e51e0fee99c57f5ba8057cd0 |
| SHA1 | 6ce5d79e5b0e31475423278e776821d343b4d6cd |
| SHA256 | 9c84531b61479a23d59dbe1c2ba72dacaef0c1b92bab30ea693e182020cd7fce |
| SHA512 | d3838cf3f8538b2eac5020c782c69866afb497de3f9a3988da9349ba344be59f34c1197763a5086d70aba6ccde541c43c11992cc86f209d9353e4550225daa06 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a4d0b3dba200466f4a24320f92c61370 |
| SHA1 | 8bbd996261b7979f5188849d480bd84abd297fbd |
| SHA256 | 3470505874a94c1c5758548f91391dc5aea874aefeb99464dbb5bbdf6eaccba5 |
| SHA512 | eefbed0a1b76602817d9d9d16c39fd40a637c2cccb1388132c2b053cac617582daad4a08ee7c37ff86cd74b2fabd78d10f13f16c1a4886974869ae45e42b0575 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 18ce7c1315eaf093094e2bf1b69e87ed |
| SHA1 | dbfb451452cd6cda4c76e635fe662919d98d5b3a |
| SHA256 | 71a7664236cac23ae74f02699e9cb64ac19c476d0f55cdb160c55f1537461f91 |
| SHA512 | d7a057f80bfef91bfd8177148adc59d16da2bcefb1ea42240e3a225df1e8b25cc1bad82cc762722681b975720271971be86dc8123b9888a07a63bb5f438b4380 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c2e4c9768b2491a47bc49515860945df |
| SHA1 | a6c73c1636c1df161391920e81abf44848a974bd |
| SHA256 | ce57ed7a2998b16cab94cced310a543c0d6467c71ea8ebac65435b6f1007ffa2 |
| SHA512 | 08f8c88ca22721bada41b8300067c3bb8747b23690f7ea3725db1f8feb846be69cc215b5b72ad85e2a142e6e8751e145fdc1c51a2d6bc9f94cf9c2033ce8ccbb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 197f83ba31e873a601125443c106540f |
| SHA1 | 6f3d1179400a1c074e4f55ff267527959179b56d |
| SHA256 | 8dfec4fccf4ff8cbc6b16b13f55c7c717e57704192676621101c88e08d3f88af |
| SHA512 | d5cb2e23bfcb58602363c7f9d56c37438a3a1d6ec581e3585682d379963327d56ef75aea732560386c877d1beab63979ad0f1d5a77da3715014ef2c3a574e07d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 63edbf9f62959b692c472102349531e8 |
| SHA1 | f5747e082a334191cd2d38c6182ecc42318a8168 |
| SHA256 | 9afd2f9f4c6ba91c0f8ac429c72dd0d617542726f9eee1a27c4ee6a0eac8aa15 |
| SHA512 | 89848bf89ed6540d2b415375693c83b1cf6f2e1594f2acdf37b509c5cd2af04d504f53f3cdf989b0df4be7a29a8ac26fde553b8dd177f6e8b6fcdde6ce913840 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b6a1500f0b767b64d9d1656416e94548 |
| SHA1 | f36e02ca9264316e1196e028638cc29993f31425 |
| SHA256 | 030ba6c9e275fcab1d8a63bdc0818413fe8d169a0175fbc38bf2886956a7e0c3 |
| SHA512 | fd8d46b7856eb52401a62791f2a6b55e048a3c344a2728887f94bf47ec1081ea71ee937dcf2767aa307d8d99dff3845ed18dba4ecd8d23f828958fd3ee955a7d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 660cecfaf9eff6f8bf0ae97c98e13cc6 |
| SHA1 | 97adb9d22315026d0eb269b710467516fd696601 |
| SHA256 | acfddd1fa2f54e7320762ce401d047c53f0bb1b698cfc2aa7bb0dac68a21458d |
| SHA512 | 612056e927ae40c0d6aa07f7165dc674c76246a17d4609f77effab08735a981278553d9f156c59e2643d12283667bac906b8cafe9287af093084780210511a52 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cadbabbab28816930283cb442a4c81b1 |
| SHA1 | b00ebbbf39612109f8188589bdd9bd1b4f8845c1 |
| SHA256 | ae7755bdea8647b4e9b219060bb74b222a323206a31800618285a928c67861f9 |
| SHA512 | e9373f68241a2454dfe484fc8aa6c18c5197710e1cfd85b5ef0e8c8737c08314a1ec89e40bae78bf3862e8046b29ae3be3687b7d205d8c4f0e44de38af239316 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1828043dc9b82a8ced18cc77b71df2d9 |
| SHA1 | af516e7fc1e8037f14423023830a8e45a9f94566 |
| SHA256 | 9b19fc718f1502382599f344b1acbe48f28a2545c2c46bd45dd0c7947f0b5139 |
| SHA512 | 9647d8490ff716866b0003a49b31f1da9e9e555ebfa777441efb1a044c0ee3766c3c9b1ca90c0743e8f46d609c466e09445bbe7d0a2ef044fad01ebd2be0430e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 164795c14dad30cf53e3814f50092d34 |
| SHA1 | 9f56052175c4c5fdb7cf808f24b862d93e8f336a |
| SHA256 | 624a017465b20bf3112b21bbb7c0455ee2d19d69d147ad1fdcc062fd71a2f127 |
| SHA512 | e5cee7dbca6d9caeb0b7a6300053ab0706e663bfdc85188d675501121bfe7850406557655f8be65dbc2687c2526cce42d3186c3040cddf154b5694fbe83d54af |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9ce711df276c048d33159689f65c0b26 |
| SHA1 | 1c94b15cf7be4992d63370e30bdc1f7b2064453f |
| SHA256 | 04550cd019f9a914714e82643ad9d615b0533463d347e9f2d1212af3b371ff9d |
| SHA512 | a9504b436f02ef3cf97db131557ecd02ced381e93996b87e674b3eb5aa32d0d2f51c7be55ceb50fade57f4e368d4219ebc0146e81f37ed58b84477b175b4c947 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 85e3cfb553c23174f583727e5fb0dcfd |
| SHA1 | 6a3bb44019a468fe480b96b1a8f3620547edfa32 |
| SHA256 | 69f7074df04af16653bf2e64d43bdb21d7bc4dbfaf2dffd23ed7bfdf70915515 |
| SHA512 | 47b0fb64b64dd0bf328125f9d775d3904744f8556a418ead28714e1cf2b2ee5de19315e0ffae0ed942339f82d3e240a69b4ce12232de32ef0447cf9089f4a38e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4161f4b0288631c2d9d5c264e74fd9d4 |
| SHA1 | b1da889615b4d191b40e1084310eee0a26ca3eff |
| SHA256 | 6a527b8c999db0026c8bdcd8178c58f6fd0b3f3d73856b884fe6fef14e0cc970 |
| SHA512 | badf595750473caf60590455d4723bf8eb2adcf1dc764b432d22eaeb083e950cfc0baab540d8458816dde55f4c950e54b1bccd0d7bca558328c5d8d266f49a5c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0d53fdcd206fb3d940a2a3bb8626eb2a |
| SHA1 | fa2b2302af95a74f0de210d5f0bc6b2aac6f976b |
| SHA256 | f251eb89c3262cf8e3331a75a47ea1c953afeb9eb4f763fbd59c9bcb7fd9cf96 |
| SHA512 | 727272789dde6157e16acaa0dad935caa881a289e518e63508f5178cd5dfe0aaa2aac3ef362cec364c2dcc19eab95caa57a8da8a3f309eb8ad2faf6c2061ca0f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8a3e6c28c919ab61febfbca475fe8abb |
| SHA1 | 37724431e64b3213785883e2e4363871795ce26f |
| SHA256 | 1f8ebbafe95b27cea8846b768785cdac6cd2e99fd2476d84903526558d02f970 |
| SHA512 | ea631bcc8d39af8255e9015587c846c3521e31a9b2eb0511f59527118f88a9acb120945943c4be471c97a1c05db37c47433077c1ac7e9e3047b51de7c0f9e282 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2539f729bdb4534d038e51e05227752d |
| SHA1 | 43ac486981c89d8e61e7c3b1fa4636a457ea956a |
| SHA256 | 8f1763974a0336416123e8883da144d8ecdd568beb3b1b32cfe23bab9cfbc777 |
| SHA512 | dc4afb5f6b4759482c74576ae2ad68d256f59bf157f3fa72cf4ffb447ca19c5933422ba83a3e4dda7116dba1b4fb4d2f22c8f74042c6b63980879b64eb75e67b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0e4c30a486e102b82a600c701a9a82fe |
| SHA1 | 6fd88bb37066028bc7b77250b79731aa3e31a40e |
| SHA256 | 7d60ff545722db2adbe8217311a1566bc3d48f9e9125bd0290520b20b436b749 |
| SHA512 | a044ccecce6dfe629d699668071df90281bdcef78cb61238b296c4f034ce0431a418137cdc1a64d7aed263d5318e1b23c339fc8ec49881e7f2905f17c4ab727a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 721b684976b0cf59119475af58d38f66 |
| SHA1 | f83669c3a6dd2cac5665d50ea0708e694248fb7a |
| SHA256 | 7984c3f0aa26b0546e65da0f39710a68fdf9124c608f69c477fb2b306d45e686 |
| SHA512 | 3931a83e99b6fbe6cccba970a901bd175b3b20fe594c7dba4371e4fd68de232b060ba7ee48fec8627367d1bbe91fe460aa323d4342641e35c5289dea266b7bcd |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 09:44
Reported
2024-06-13 09:47
Platform
win10v2004-20240226-en
Max time kernel
142s
Max time network
151s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a4e8c7e6687e849c9c2615fc57ae98a5_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=744 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=1980 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5076 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5564 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5756 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=6036 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6308 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| SE | 184.31.15.35:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.204.78:443 | www.youtube.com | tcp |
| BE | 104.90.25.175:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.6.107.13.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 216.58.204.78:443 | www.youtube.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | meowpushnot.com | udp |
| NL | 212.117.190.201:445 | meowpushnot.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | skidrowgamereloaded.co | udp |
| US | 8.8.8.8:53 | skidrowgamereloaded.co | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.204.78:443 | www.youtube.com | udp |
| US | 172.67.218.22:443 | skidrowgamereloaded.co | udp |
| GB | 142.250.187.214:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 35.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.25.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.218.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | meowpushnot.com | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.42.73.29:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 29.73.42.20.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | skidrowgamereloaded.co | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 172.67.218.22:445 | skidrowgamereloaded.co | tcp |
| US | 104.21.17.6:445 | skidrowgamereloaded.co | tcp |
| US | 8.8.8.8:53 | skidrowgamereloaded.co | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.253.64:443 | wcpstatic.microsoft.com | tcp |
| US | 104.21.17.6:139 | skidrowgamereloaded.co | tcp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 13.107.253.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| RU | 88.212.202.52:445 | counter.yadro.ru | tcp |
| RU | 88.212.201.198:445 | counter.yadro.ru | tcp |
| RU | 88.212.201.204:445 | counter.yadro.ru | tcp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| BE | 2.17.107.115:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 115.107.17.2.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| BE | 2.17.107.128:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 128.107.17.2.in-addr.arpa | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 18.173.189.20.in-addr.arpa | udp |