Malware Analysis Report

2025-01-18 00:54

Sample ID 240613-lqn9xsxdlq
Target a4e8c7e6687e849c9c2615fc57ae98a5_JaffaCakes118
SHA256 b900718a92e98ad142d42c6179acf133636be6e5dec94f996e9e4ec3edec3ded
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

b900718a92e98ad142d42c6179acf133636be6e5dec94f996e9e4ec3edec3ded

Threat Level: No (potentially) malicious behavior was detected

The file a4e8c7e6687e849c9c2615fc57ae98a5_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 09:44

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 09:44

Reported

2024-06-13 09:47

Platform

win7-20240611-en

Max time kernel

146s

Max time network

150s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4e8c7e6687e849c9c2615fc57ae98a5_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "11197" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50a8795f76bdda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{87E1E501-2969-11EF-B918-627D7EE66EFE} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "325" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a807600000000020000000000106600000001000020000000c43f0c3ccc3b7c2cb2be09c49c59a01531a8153e18bf29574b8db951b5bc950f000000000e800000000200002000000011b2c97977c8b616063c67d4ba3b08775c192512495acdc9006c9920fdc40dd3200000005a0e41c01d042ef296bc8486737c421a6f1b649a3c7666c2acf090e76f37135c40000000ece3f07805d1aa6dccd062987c9a87d555407b920c96032347d3dc2fc4b68e968563e64d77f24fbb69fe539d85d9527cbf5cd1c3e13f1a1a866a21f5faf71320 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "407" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a80760000000002000000000010660000000100002000000064c9bde9d9652e4e10201c0bd60ad7bfc2d813b70985ecceeaa53b4946c185af000000000e800000000200002000000088922d38c2bfaaa854b30ecf439f678ad7802710d262d475dfe8d457fd4e1f349000000037aa30080edb3d423ec7654ef24b53d30bd7ebe694b88a7f6050dd6b2ff41bf009e79cee76e3c2f153d874d501de7f5c7ed91220c8ea1b9b0816077ad3fb85c4acfa6e1d8f5d420e9f6c87fae4f086e8a3880ee160366ab670680e6f12e04fbb60b66c6209ff1fc3467c9d95547ea4ff342064da87ee715f8509c59c187b4a91226e662a60ad359e667168ec2f1c337b400000000c5f7f4e38780d6952872f728007525e2496768cc2231dcf8cf71afe4a15ffdf4b4ba09cd3ae98cd091bb41ae7fb5d2026851cd265c4737ae3d2e959fd97caa0 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "233" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "11197" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "331" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "11197" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "331" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424433738" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "331" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "325" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4e8c7e6687e849c9c2615fc57ae98a5_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.212.238:443 www.youtube.com tcp
GB 216.58.212.238:443 www.youtube.com tcp
US 8.8.8.8:53 skidrowgamereloaded.co udp
US 172.67.218.22:443 skidrowgamereloaded.co tcp
US 172.67.218.22:443 skidrowgamereloaded.co tcp
US 172.67.218.22:443 skidrowgamereloaded.co tcp
US 172.67.218.22:443 skidrowgamereloaded.co tcp
US 172.67.218.22:443 skidrowgamereloaded.co tcp
US 172.67.218.22:443 skidrowgamereloaded.co tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
IE 2.18.24.9:80 apps.identrust.com tcp
IE 2.18.24.9:80 apps.identrust.com tcp
IE 2.18.24.9:80 apps.identrust.com tcp
IE 2.18.24.9:80 apps.identrust.com tcp
IE 2.18.24.9:80 apps.identrust.com tcp
IE 2.18.24.9:80 apps.identrust.com tcp
GB 216.58.212.238:443 www.youtube.com tcp
US 172.67.218.22:443 skidrowgamereloaded.co tcp
US 172.67.218.22:443 skidrowgamereloaded.co tcp
US 172.67.218.22:443 skidrowgamereloaded.co tcp
US 172.67.218.22:443 skidrowgamereloaded.co tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 x2.c.lencr.org udp
BE 23.55.97.11:80 x2.c.lencr.org tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.214:443 i.ytimg.com tcp
GB 142.250.187.214:443 i.ytimg.com tcp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 fe0.google.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 33569fb12a6ca7b806f10286c1200d80
SHA1 d8784778f35fdc754cf9d745e6ee245487edddd5
SHA256 86b133c673cfb40a786a2df3d9341f534fa01bba56071a9af3545f8be9b05a4e
SHA512 7eba797990f70478947c3fbf43f28cc2381e203ede0a84124ad6f9efbd19a2d9ce0a942fb79ce2583f9e2e9e19f1d164606003ab805a45ecb9cd4feda3049c5c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A

MD5 a58f3387b6360f55da584e31c77868fd
SHA1 90149ee6ddfbd2699a86e72315624c84775eab83
SHA256 819a84d0c7a8a322559362047e69d8dca99686694937707a39f8a5224d936993
SHA512 63632d74bbe3d924907114dd23c11e5b263b77aca6096c34d5658498136754ff0625ecb6a89b56256dae461677d2a0006d3daaa6246d32b4302d45025cb0f5ca

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

MD5 d4ae187b4574036c2d76b6df8a8c1a30
SHA1 b06f409fa14bab33cbaf4a37811b8740b624d9e5
SHA256 a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7
SHA512 1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

C:\Users\Admin\AppData\Local\Temp\Cab54A7.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar54CB.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A

MD5 6f3dd58c3a186801b2ea2958063547d4
SHA1 1b209caeacfa7a18d71e47c0db49e7c027f512cc
SHA256 34722083cb4c53c10a921ee6816abaad6be5a999ce28f84167b12e82542957c2
SHA512 a6081cdf335cfdc637e4db7854d2412b77aa6d031bb0eb142ad97149e5959482a14fae1ea0d4b9cdb2b28e5e4c83cc4096e0c7c1f474745ed0bee7e1a1e09534

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 292e86472602226b9be2fbd000985037
SHA1 a7222845bd7d28a258ec569fa57e0c78384108b0
SHA256 97121da442d0dfc699b50f8c3515c1b33964c80252993f6e0b62245a2e7e57b2
SHA512 04743176b48f2ae42fc8493711ca6445d7a7c2c5344e355b14cba0286d8c6901057be1204f090a4debe53b3546c5d0e8d6dd5c9851d97ce98e546dfe3844be34

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 be13f42c1d8beca96ecc1336468fa73c
SHA1 0bb8bb8a718adf07ca8a0903137e5d664704100b
SHA256 1b4456ac0b40cf5f145d237c7b9a0c61ea64a5576e01e8d0f3558553304ea3dc
SHA512 5c1b7decb91ba1f62da6a5dd056a9718e16e7cd3e14ecad5cb84f7de0357d8b763bd728059b6252f31dbc141634e3bb77ba558a26054ebf5bcd773c9410b5d41

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751

MD5 a8a894d3c246ea94ff6cef82ed9d28d5
SHA1 0a320beb40bd36061044d45d121c5a1e47105742
SHA256 dbc58cff2270213ff6e4383c2329f48c243ea2425d250f3e591a527776d32b96
SHA512 a5eae4d2af5a371dd53f8e6c3a70f22b794648f568bb1e38c2c91139c17c5b099782f9a4808ae0aca22fbd125edfd2de466dd5ce3e3d265878d471f90c13e7d2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751

MD5 822467b728b7a66b081c91795373789a
SHA1 d8f2f02e1eef62485a9feffd59ce837511749865
SHA256 af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9
SHA512 bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1B1495DD322A24490E2BF2FAABAE1C61

MD5 91de3042c769cf8df444929a1ea2f33d
SHA1 0bd28b2a9979d0b3b9d35887fab7f8257703c22a
SHA256 02a481baed5a6251dc3faa271f4061c37d7b6f453c280521cb9dcd15becc25ec
SHA512 46002389b0c4326444286c8ac0021ff7c2ca8c0cf751926e8a9df79cf9e09ba8743e41e68c5cf5ab3a37e2e4e9c739a0aee8522efe475d3e9fd62dfae8c63d9a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1B1495DD322A24490E2BF2FAABAE1C61

MD5 5ae8478af8dd6eec7ad4edf162dd3df1
SHA1 55670b9fd39da59a9d7d0bb0aecb52324cbacc5a
SHA256 fe42ac92eae3b2850370b73c3691ccf394c23ab6133de39f1697a6ebac4bedca
SHA512 a5ed33ecec5eecf5437c14eba7c65c84b6f8b08a42df7f18c8123ee37f6743b0cf8116f4359efa82338b244b28938a6e0c8895fcd7f7563bf5777b7d8ee86296

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml

MD5 d08a95bb5e63f59a9c04e63a7a84da6c
SHA1 9fc811151c145762118193a543e31345e50e981b
SHA256 45b1d97bd90e65907ed4c82941705231f4ffd550598d23187e97765d53895034
SHA512 1abace867914b340969e4a7c88e6b22d94a85cc33eabfbb102fd35e1a9af7357c492d3b69dc92f53cfd8c38097e395498dc458406bcf25019a7f07a5edf1bf67

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml

MD5 c94f35bf75d0b643d51eedacb22fc97a
SHA1 498b02c6269db32c18ee27b3fcb49bf4a725cb73
SHA256 5fe3049e2f41b17421ca70f1abfec137776c138499fddc830d0d930bbf384429
SHA512 68fa1cf5ea4a22c82e3bcedbca4942ff482110b6557f970adbb5a8f57ba43dddd0e53dca996acc7cfbaca94ef7eb3f0cbd5a89000cc4ea04ec80d0b8de87be45

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\recaptcha__en[1].js

MD5 38e25c4634858aaf2fc6125b7a8a1205
SHA1 ee075d53e8668a2267610b05df51416d1912de63
SHA256 3be69375a428a615caa7c5307c15298a41a4f272c77ff19051a462462d1af5a3
SHA512 ec8cca0137d29dc8eaa217a6d923a8c49c89a6bf9bca01748f09a2d4cb8d7863b7393f15eaf096591933373fdc96ca6fff0f1097e7505e5a699738a61498c066

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml

MD5 b632a862963e83bc828030b3e5840592
SHA1 ed6fc3bfc3001210bbb04bed723cf42423163ded
SHA256 279a2a901b80811f91ef501d7b0aa2932c882b77d73da500518f88a69ab1f5d0
SHA512 b0d4ddd3639b32d6597c5598e216c57e53b13b277cee44f7abc2381a82c16aca99531865d61adbf2c3ddf3f0e3c8689743fd498a74d729e3866127233fffcd40

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml

MD5 aa8f7f2d875d4b9dc25b66e36d1acb99
SHA1 a7fd67d654d055d811e035451eee2b6d1b30cb3d
SHA256 c3c00e491e1b7155cc532bb3d17777dfb5f740641d512328b7821ccf6776981b
SHA512 8d181514894ee2a8dc253ff047df278ee60dd1f80d787392a746c538ee85905abd794b4f29a9bf1c33ebee36e0cf4eed93925a9456096356fed12fb6cd7cfa03

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\IDSYKQY8\www.youtube[1].xml

MD5 440e791a8e2347b3ea4e4184aa349c96
SHA1 327c2f90cfc504db9a5bc991dcaf1195564c557c
SHA256 527195c066146db68d4dc65249e29169f769cf231098106596c00d21800702cb
SHA512 19bbad145a529feba03d004239c24513748bda0e7b5a9c5477a3cd62d3cf87f438751b6b983a133a1bdf407a01309adce995eb82811535f638b83d05ad03c7a6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ac3c62348052e8631f7e02d3e8be0466
SHA1 fb9588870598bfdc23900c436830af053bce571c
SHA256 e2c9ba93f2ce2d018c7e4b3dca940258834b25203783aae71b654462aaa1f5a0
SHA512 daa191dd170a822ba6c830fe0867cb961a46e944a7dc988f4f02cfbca7998e4fbd9f4976ca18dde036d45af8490ff0765e62354f664fb1846a68d60c80357072

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b612c4a8e51e0fee99c57f5ba8057cd0
SHA1 6ce5d79e5b0e31475423278e776821d343b4d6cd
SHA256 9c84531b61479a23d59dbe1c2ba72dacaef0c1b92bab30ea693e182020cd7fce
SHA512 d3838cf3f8538b2eac5020c782c69866afb497de3f9a3988da9349ba344be59f34c1197763a5086d70aba6ccde541c43c11992cc86f209d9353e4550225daa06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a4d0b3dba200466f4a24320f92c61370
SHA1 8bbd996261b7979f5188849d480bd84abd297fbd
SHA256 3470505874a94c1c5758548f91391dc5aea874aefeb99464dbb5bbdf6eaccba5
SHA512 eefbed0a1b76602817d9d9d16c39fd40a637c2cccb1388132c2b053cac617582daad4a08ee7c37ff86cd74b2fabd78d10f13f16c1a4886974869ae45e42b0575

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 18ce7c1315eaf093094e2bf1b69e87ed
SHA1 dbfb451452cd6cda4c76e635fe662919d98d5b3a
SHA256 71a7664236cac23ae74f02699e9cb64ac19c476d0f55cdb160c55f1537461f91
SHA512 d7a057f80bfef91bfd8177148adc59d16da2bcefb1ea42240e3a225df1e8b25cc1bad82cc762722681b975720271971be86dc8123b9888a07a63bb5f438b4380

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c2e4c9768b2491a47bc49515860945df
SHA1 a6c73c1636c1df161391920e81abf44848a974bd
SHA256 ce57ed7a2998b16cab94cced310a543c0d6467c71ea8ebac65435b6f1007ffa2
SHA512 08f8c88ca22721bada41b8300067c3bb8747b23690f7ea3725db1f8feb846be69cc215b5b72ad85e2a142e6e8751e145fdc1c51a2d6bc9f94cf9c2033ce8ccbb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 197f83ba31e873a601125443c106540f
SHA1 6f3d1179400a1c074e4f55ff267527959179b56d
SHA256 8dfec4fccf4ff8cbc6b16b13f55c7c717e57704192676621101c88e08d3f88af
SHA512 d5cb2e23bfcb58602363c7f9d56c37438a3a1d6ec581e3585682d379963327d56ef75aea732560386c877d1beab63979ad0f1d5a77da3715014ef2c3a574e07d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 63edbf9f62959b692c472102349531e8
SHA1 f5747e082a334191cd2d38c6182ecc42318a8168
SHA256 9afd2f9f4c6ba91c0f8ac429c72dd0d617542726f9eee1a27c4ee6a0eac8aa15
SHA512 89848bf89ed6540d2b415375693c83b1cf6f2e1594f2acdf37b509c5cd2af04d504f53f3cdf989b0df4be7a29a8ac26fde553b8dd177f6e8b6fcdde6ce913840

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b6a1500f0b767b64d9d1656416e94548
SHA1 f36e02ca9264316e1196e028638cc29993f31425
SHA256 030ba6c9e275fcab1d8a63bdc0818413fe8d169a0175fbc38bf2886956a7e0c3
SHA512 fd8d46b7856eb52401a62791f2a6b55e048a3c344a2728887f94bf47ec1081ea71ee937dcf2767aa307d8d99dff3845ed18dba4ecd8d23f828958fd3ee955a7d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 660cecfaf9eff6f8bf0ae97c98e13cc6
SHA1 97adb9d22315026d0eb269b710467516fd696601
SHA256 acfddd1fa2f54e7320762ce401d047c53f0bb1b698cfc2aa7bb0dac68a21458d
SHA512 612056e927ae40c0d6aa07f7165dc674c76246a17d4609f77effab08735a981278553d9f156c59e2643d12283667bac906b8cafe9287af093084780210511a52

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cadbabbab28816930283cb442a4c81b1
SHA1 b00ebbbf39612109f8188589bdd9bd1b4f8845c1
SHA256 ae7755bdea8647b4e9b219060bb74b222a323206a31800618285a928c67861f9
SHA512 e9373f68241a2454dfe484fc8aa6c18c5197710e1cfd85b5ef0e8c8737c08314a1ec89e40bae78bf3862e8046b29ae3be3687b7d205d8c4f0e44de38af239316

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1828043dc9b82a8ced18cc77b71df2d9
SHA1 af516e7fc1e8037f14423023830a8e45a9f94566
SHA256 9b19fc718f1502382599f344b1acbe48f28a2545c2c46bd45dd0c7947f0b5139
SHA512 9647d8490ff716866b0003a49b31f1da9e9e555ebfa777441efb1a044c0ee3766c3c9b1ca90c0743e8f46d609c466e09445bbe7d0a2ef044fad01ebd2be0430e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 164795c14dad30cf53e3814f50092d34
SHA1 9f56052175c4c5fdb7cf808f24b862d93e8f336a
SHA256 624a017465b20bf3112b21bbb7c0455ee2d19d69d147ad1fdcc062fd71a2f127
SHA512 e5cee7dbca6d9caeb0b7a6300053ab0706e663bfdc85188d675501121bfe7850406557655f8be65dbc2687c2526cce42d3186c3040cddf154b5694fbe83d54af

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9ce711df276c048d33159689f65c0b26
SHA1 1c94b15cf7be4992d63370e30bdc1f7b2064453f
SHA256 04550cd019f9a914714e82643ad9d615b0533463d347e9f2d1212af3b371ff9d
SHA512 a9504b436f02ef3cf97db131557ecd02ced381e93996b87e674b3eb5aa32d0d2f51c7be55ceb50fade57f4e368d4219ebc0146e81f37ed58b84477b175b4c947

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 85e3cfb553c23174f583727e5fb0dcfd
SHA1 6a3bb44019a468fe480b96b1a8f3620547edfa32
SHA256 69f7074df04af16653bf2e64d43bdb21d7bc4dbfaf2dffd23ed7bfdf70915515
SHA512 47b0fb64b64dd0bf328125f9d775d3904744f8556a418ead28714e1cf2b2ee5de19315e0ffae0ed942339f82d3e240a69b4ce12232de32ef0447cf9089f4a38e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4161f4b0288631c2d9d5c264e74fd9d4
SHA1 b1da889615b4d191b40e1084310eee0a26ca3eff
SHA256 6a527b8c999db0026c8bdcd8178c58f6fd0b3f3d73856b884fe6fef14e0cc970
SHA512 badf595750473caf60590455d4723bf8eb2adcf1dc764b432d22eaeb083e950cfc0baab540d8458816dde55f4c950e54b1bccd0d7bca558328c5d8d266f49a5c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0d53fdcd206fb3d940a2a3bb8626eb2a
SHA1 fa2b2302af95a74f0de210d5f0bc6b2aac6f976b
SHA256 f251eb89c3262cf8e3331a75a47ea1c953afeb9eb4f763fbd59c9bcb7fd9cf96
SHA512 727272789dde6157e16acaa0dad935caa881a289e518e63508f5178cd5dfe0aaa2aac3ef362cec364c2dcc19eab95caa57a8da8a3f309eb8ad2faf6c2061ca0f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8a3e6c28c919ab61febfbca475fe8abb
SHA1 37724431e64b3213785883e2e4363871795ce26f
SHA256 1f8ebbafe95b27cea8846b768785cdac6cd2e99fd2476d84903526558d02f970
SHA512 ea631bcc8d39af8255e9015587c846c3521e31a9b2eb0511f59527118f88a9acb120945943c4be471c97a1c05db37c47433077c1ac7e9e3047b51de7c0f9e282

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2539f729bdb4534d038e51e05227752d
SHA1 43ac486981c89d8e61e7c3b1fa4636a457ea956a
SHA256 8f1763974a0336416123e8883da144d8ecdd568beb3b1b32cfe23bab9cfbc777
SHA512 dc4afb5f6b4759482c74576ae2ad68d256f59bf157f3fa72cf4ffb447ca19c5933422ba83a3e4dda7116dba1b4fb4d2f22c8f74042c6b63980879b64eb75e67b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0e4c30a486e102b82a600c701a9a82fe
SHA1 6fd88bb37066028bc7b77250b79731aa3e31a40e
SHA256 7d60ff545722db2adbe8217311a1566bc3d48f9e9125bd0290520b20b436b749
SHA512 a044ccecce6dfe629d699668071df90281bdcef78cb61238b296c4f034ce0431a418137cdc1a64d7aed263d5318e1b23c339fc8ec49881e7f2905f17c4ab727a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 721b684976b0cf59119475af58d38f66
SHA1 f83669c3a6dd2cac5665d50ea0708e694248fb7a
SHA256 7984c3f0aa26b0546e65da0f39710a68fdf9124c608f69c477fb2b306d45e686
SHA512 3931a83e99b6fbe6cccba970a901bd175b3b20fe594c7dba4371e4fd68de232b060ba7ee48fec8627367d1bbe91fe460aa323d4342641e35c5289dea266b7bcd

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 09:44

Reported

2024-06-13 09:47

Platform

win10v2004-20240226-en

Max time kernel

142s

Max time network

151s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a4e8c7e6687e849c9c2615fc57ae98a5_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a4e8c7e6687e849c9c2615fc57ae98a5_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=744 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=1980 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5076 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5564 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5756 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=6036 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6308 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 13.107.6.158:443 business.bing.com tcp
GB 51.140.244.186:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
SE 184.31.15.35:443 bzib.nelreports.net tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.204.78:443 www.youtube.com tcp
BE 104.90.25.175:443 www.microsoft.com tcp
US 8.8.8.8:53 76.234.34.23.in-addr.arpa udp
US 8.8.8.8:53 158.6.107.13.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
GB 216.58.204.78:443 www.youtube.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 meowpushnot.com udp
NL 212.117.190.201:445 meowpushnot.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 skidrowgamereloaded.co udp
US 8.8.8.8:53 skidrowgamereloaded.co udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.78:443 www.youtube.com udp
US 172.67.218.22:443 skidrowgamereloaded.co udp
GB 142.250.187.214:443 i.ytimg.com tcp
US 8.8.8.8:53 35.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 175.25.90.104.in-addr.arpa udp
US 8.8.8.8:53 22.218.67.172.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 214.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 216.58.212.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.178.10:443 jnn-pa.googleapis.com tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.178.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 194.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 meowpushnot.com udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.42.73.29:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 29.73.42.20.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 skidrowgamereloaded.co udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 172.67.218.22:445 skidrowgamereloaded.co tcp
US 104.21.17.6:445 skidrowgamereloaded.co tcp
US 8.8.8.8:53 skidrowgamereloaded.co udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
US 104.21.17.6:139 skidrowgamereloaded.co tcp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 counter.yadro.ru udp
RU 88.212.202.52:445 counter.yadro.ru tcp
RU 88.212.201.198:445 counter.yadro.ru tcp
RU 88.212.201.204:445 counter.yadro.ru tcp
US 8.8.8.8:53 counter.yadro.ru udp
BE 2.17.107.115:443 www.bing.com tcp
US 8.8.8.8:53 115.107.17.2.in-addr.arpa udp
NL 52.142.223.178:80 tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
BE 2.17.107.128:443 www.bing.com tcp
US 8.8.8.8:53 128.107.17.2.in-addr.arpa udp
GB 216.58.212.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 18.173.189.20.in-addr.arpa udp

Files

N/A