Malware Analysis Report

2025-01-18 00:09

Sample ID 240613-q1tdva1elg
Target a5d9a487ff3bf26ac0b4e499f9709b89_JaffaCakes118
SHA256 5a8283156ed76678027035c0f9123ca480be949f38ffe5461df73ff53973efbe
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

5a8283156ed76678027035c0f9123ca480be949f38ffe5461df73ff53973efbe

Threat Level: No (potentially) malicious behavior was detected

The file a5d9a487ff3bf26ac0b4e499f9709b89_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 13:44

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 13:44

Reported

2024-06-13 13:46

Platform

win7-20240611-en

Max time kernel

119s

Max time network

136s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5d9a487ff3bf26ac0b4e499f9709b89_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a8076000000000200000000001066000000010000200000004dc75b13c3dddbe89f66c3792b0a400a70dc1afda47ece52b5ae2b49b7a6d16a000000000e8000000002000020000000a3fe9145ff45c3f119699d87a08d724af8f4e961d40cffeef085ac4b9cd5e410200000002bbc147c98250654fed83a0cca1b26642871497927c37241aa109421a54eb4844000000090c81c1d91e33939cbe9d18b83e967e4633994e863100ff5a3c365c0c517be53e9f6b9f6b729f9e392f3c9012e620acd4593db6cfdbe82fc23ca036daeeb2ab7 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424448122" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 80260dd997bdda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a807600000000020000000000106600000001000020000000a29e7b92e1f0f2c90372c892509b0761467a7dfef5a1d608cc399af3bb7cb59a000000000e800000000200002000000015d0916c23cebb5a58a35c310d543b95636740af3f0e3e20627246337f3cdc7c9000000027d9f04a8cd45b05c112ee14ec5161aacf32d82c3d352f907cecd6dc08ab7d50f38ddca390c89722a5c2de63273ce8696e0f641ff2ad09d8022fffe602fd3fe059b30d3aed3052d85309992275ee24e167e9c87d79ce41e3c260f774e0bcab74fa484c2c72cc8a0dca4fcf7afde117342cccbea5dc9f7f77d5a58851f1ea7a9d647d07b044ca72e3750369fa131c5bc9400000005a03857c095cc1464ac7a941bdda0374f836a410b5912ce54c5b03ff70ebd5fb03687b1b936314b8a0db40e31d4572b868b100bc95ef30e7589cceb2ba5c3e90 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0326FB31-298B-11EF-9266-767D26DA5D32} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5d9a487ff3bf26ac0b4e499f9709b89_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2124 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 insertspermanently.pro udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\Cab7D2D.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar7DFC.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 612df4c594b5bb123750ff5b23a0f103
SHA1 2388c1a693a26564bd32eca13528a84cca643a86
SHA256 7aa291749fb0276a497910e97a62b7f2ee15dca1fae333b8a22e87286af50178
SHA512 4ad41fc184989027620f0a9d119a1a994d948de1be4edaf6c66bc64908ef46ccb3ba2e7aade375faa126f9f6e9dff6eaade574f33e7a6f11101d7ee8327a95b0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c91c5ac29e70268bc7411645abd98254
SHA1 fafc71b4a43aef73ff481195b3ad6a465291a16a
SHA256 1fb5ba53d42d13445bfe4bec000a2eb9b5445d483b623ddb15419ff3adadf28c
SHA512 ff5b1cab1f23b841522a859f30e807c2da3744462c4a055051d1a2fa929a681971d8b0f74cd9f839332dbd68002fcfeea1bcf4c8d5aec300097dfafebcd8be89

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 112d89500eac1ad804ce4d390d58d49f
SHA1 89ec164daf685956f32ce11a2b66e18156e668e9
SHA256 fb47a2f6702ac60590295db9d3751237c9044f371db186d988a3dbc1ca4309e7
SHA512 bb937f504219e5a7a0d33caf1a3b5b38998afa1ae8d22c947c9344e9f5a8a211aa8de984b89739497b5f1bb6a9b9464835e9dc94015188cec3a491d350a651ef

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 039f3db563006ef2d7bfedf837634a92
SHA1 fd04eb72c1924f45a00328d15948f12717b9734b
SHA256 3f2c7359d8381c99719f03a14dd947b0a24d1502528926377d73fd94b23a2268
SHA512 3d7e91f91a112e9e815a741b9a7a7707af6fd55fb54d2b4e295a65cf01ea1beb4a4bfd85a5bf5d913286cb41e074f45f978d851450d36298896f888f65a2700b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f956fc5d089c11f6a5e0dbdcd4c0d359
SHA1 41c3ae7fd5299880c635cac3620ee827139948ed
SHA256 0dc995380f6d43fd798634c7159a76728814b19d78a2abffeb5693c84c37dc22
SHA512 96fb26ef72bbd52fb884689f5b60a15c76767714ed3d42445c8f0ab1832c10537e07c167a07113e293fec623ef4b2c55bd4fbdc2b313a8befc4d24a67ec965f4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1b20f45292fe759e474cfa2e9cae47e2
SHA1 783ce0c7e26fa232410be58992584012386e73a7
SHA256 d7341fb573014fc10eccd20136b33b275a90e0a6612600f39ba244fe1d30d8d7
SHA512 ba6c33731d3e4c08291f7d10479d841d838c6a65260357b3bb773a1850db2b07f6c7d82bbe337e96b71094b1c022bf1d6e0f3d5f41381e9816513d7fc2054fb4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 48e2092d62527f5881b6e2117b5cce0c
SHA1 f8879cf5daff33dcc8ab45d6c2583807ba5a11c1
SHA256 91c0dcc13d7128db996d7397026ec9cb52176859715f23e6b0df1024868c2b7f
SHA512 bee78665f9edafbc05814d116db28bee0db9ae3298d1f281cf2a7ea7423713e28c3f6b8ef3f46db5295338323c11db68e5f3d7cc230ce6bc212fe03ee060e1ee

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d5c37931554420264d687d233bcabb41
SHA1 7ffc19bc2532cc2871e4c0e3718a4c5c2fd813e7
SHA256 110352928322f11baa28647c1730c75ef5bcaacbc0896a91a3bf5760d0b44d3f
SHA512 f3fcea71d505075f1d734b1b5844b5739d507284246f0f855dba0ecd25865acf785ce945a4d69372977f45dfba5051ab7c6f970fbd8e4ba1ad9dd4e8097054d1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9bf11bfe68da2d1c62d8c0b3b9eec89b
SHA1 7ff29bd6d0d47e360d4d4ec96280a07abd2efcda
SHA256 2ce14b930f533c5d1ac48e7dfe245e2f62b0a39786f47846b4a6b68eb2b02067
SHA512 35989406dfcc53b8c48666a0a28ae610f865675a85797b15d45dcafd2d80c3202efdee17ab8bdbe92a50b1546c2c68aef37a8322932a3e569d5a85939c611243

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2df4845e36b3a641734a150559643ca4
SHA1 0f92843249728af78799dde4e2223dde54f6fee8
SHA256 3be523d359737a133dfd65225a58b5eb5820af9c5aa0753d8d44a75f3c9fc0fe
SHA512 df07c3f26ec85c417bc49562967e598300bdd1f121dbfa65362facc8c5a54cfd4b836be0ee36c7fb0e05f03502a02e6df554f8d75fa2ffc9bd4a155504ad2eb0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5dcd92b90c7c4fa9887e8ad3cce7f837
SHA1 1f8f0e40996e6b9e9ca775d1ea64437e0e7c8fb5
SHA256 3a56836ae2a582ecfa1344683b924da87ae8bf8fe3a4d2fe247c24e3cce8f6c7
SHA512 23ccfc04016bf8a8a0fd9895196199de99d241b678b73059bcfaaf5179bc7d7581de9eed04f4179f37e4ebbb08684964feb57caf49e93065404be72e0b3638ff

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 981bcfd26155424afca2436365f48e5a
SHA1 2db3011f52e3ad9899ca0484a132e6243956bc06
SHA256 59620dad1c2b6108c6a9af33e963b1459d7e0ee06035ca8601db030601e9bcd8
SHA512 029fb28b7d43fc6fd3640aa8add80f6cc3eff1b9a06c8553389545672d663972fb6dbce8005046dbb09b474a2e7c5dfa9e583c34132513f392c2ada929208e00

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b3d2ed9c9c65ec72f0585baa08962316
SHA1 fd29a1e4c5a035f8a8f128998e839ef5605ff562
SHA256 097fdf29fb7306079619ae4edabab97b049ed9ca45f8f8015860905e48011c11
SHA512 a2e05ecb572c8314014ffc8c8447add7ae87804e4298da7a43570cebc163b75a6aa94329021a893e39297f6c7bac48596ba6db27a0df282164473961e5eeda12

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 69d65920831cdd5511bea48ddb8172b2
SHA1 37ed84dcfc99596ed9bc5ee99913d51d36bd500a
SHA256 dcd9fa47d90c239c5f1dfdeb93715612df40c6ef743290c91dbb57a2c548e897
SHA512 815b86ae5ee313d998f7dfa02a3078be3d514f3b07e447074a3cdf59e70850f76d9e2da740b6a48b2be989bbca0289b433a48016da71df4cc3b8b5c751be1ce7

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 13:44

Reported

2024-06-13 13:46

Platform

win10v2004-20240611-en

Max time kernel

128s

Max time network

138s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a5d9a487ff3bf26ac0b4e499f9709b89_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a5d9a487ff3bf26ac0b4e499f9709b89_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --field-trial-handle=4764,i,11751898164297348119,13021661521765644467,262144 --variations-seed-version --mojo-platform-channel-handle=5024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --field-trial-handle=1424,i,11751898164297348119,13021661521765644467,262144 --variations-seed-version --mojo-platform-channel-handle=3940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --field-trial-handle=5264,i,11751898164297348119,13021661521765644467,262144 --variations-seed-version --mojo-platform-channel-handle=5280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5256,i,11751898164297348119,13021661521765644467,262144 --variations-seed-version --mojo-platform-channel-handle=5440 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5432,i,11751898164297348119,13021661521765644467,262144 --variations-seed-version --mojo-platform-channel-handle=5516 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=5884,i,11751898164297348119,13021661521765644467,262144 --variations-seed-version --mojo-platform-channel-handle=5852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=5880,i,11751898164297348119,13021661521765644467,262144 --variations-seed-version --mojo-platform-channel-handle=6140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5764,i,11751898164297348119,13021661521765644467,262144 --variations-seed-version --mojo-platform-channel-handle=5668 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5472,i,11751898164297348119,13021661521765644467,262144 --variations-seed-version --mojo-platform-channel-handle=5732 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
IE 94.245.104.56:443 api.edgeoffer.microsoft.com tcp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 insertspermanently.pro udp
US 8.8.8.8:53 insertspermanently.pro udp
US 8.8.8.8:53 insertspermanently.pro udp
US 8.8.8.8:53 insertspermanently.pro udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
SE 23.34.233.128:443 www.microsoft.com tcp
SE 184.31.15.35:443 bzib.nelreports.net tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 76.234.34.23.in-addr.arpa udp
US 8.8.8.8:53 56.104.245.94.in-addr.arpa udp
US 8.8.8.8:53 73.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 128.233.34.23.in-addr.arpa udp
US 8.8.8.8:53 105.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 35.15.31.184.in-addr.arpa udp
GB 172.165.69.228:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 nav-edge.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
BE 88.221.83.184:443 www.bing.com tcp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.253.64:443 edgestatic.azureedge.net tcp
US 13.107.253.64:443 edgestatic.azureedge.net tcp
US 13.107.253.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 228.69.165.172.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 184.83.221.88.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 64.253.107.13.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
BE 88.221.83.233:443 www.bing.com udp
US 8.8.8.8:53 233.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
BE 88.221.83.211:443 www.bing.com tcp
US 8.8.8.8:53 211.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 145.83.221.88.in-addr.arpa udp

Files

N/A