Analysis Overview
SHA256
8a3c941365dc77ddb9c6e72d05fa1e2aeac7a4d9917a60b5e7d934b8536a72b3
Threat Level: No (potentially) malicious behavior was detected
The file a5d1ecc820cd761ffc20eca6cc099ccb_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 13:36
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 13:36
Reported
2024-06-13 13:38
Platform
win7-20231129-en
Max time kernel
142s
Max time network
144s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000759e7cf62d0a0c4782efff32562b88cb000000000200000000001066000000010000200000007d4651e092fb04fba1bcc9c2801638ce4d4a7a4db420a096326781bd8aa2d8df000000000e8000000002000020000000d20d90d761bb6c3521a37075a7141912657cb1518b2c14ddb94561140a4e072690000000afc98306e90e59b9b9f8c199f38ee079ce537501a2db46234ad8122a697e9abf8b2487b9b4f11ddb9b7a48554478916d165cc2a627c07451639030b7db0b926869405e708e7e94f3c0093b84582cbcfd759659582880461f8ad4382fd5b38aced16fbebe0fbb135b772ae3b703b58f5b1edfb8acf90ed6011c8b07352eb2c27d97aa969f5234fcf9392ab798a65748f5400000008a81297b5b4e8ef9227f1f29f95d8775f2c2248e95283651f9a3304f747a0e9e5661cdf210c76930e7377e0505f2ad26559c10e0b4f8e1f175eb8898813c09f4 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424447651" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{ECDE03B1-2989-11EF-882F-5E44E0CFDD1C} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 10ec9fc496bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000759e7cf62d0a0c4782efff32562b88cb00000000020000000000106600000001000020000000e68061491c9fafdeb674641dda5b1adeb781465a973acb93a90ff54077e80842000000000e8000000002000020000000b6aa5298d8baa111ec1f18d32a5932e5761978396ac4fd34fb0a08d18c6c3bf220000000eadfc10a44fa51d468561d26d2a8dcd141c3712f9ae529a982411a9cdf36424e400000001722abe409d836aa1d452015abd12dcba86ed3ea8115fd43f7f0a0c3f8a918289480a15a3e7a429b1372980539ed21023e53738c76d67fe663ca725946fefdb2 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2784 wrote to memory of 2788 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2784 wrote to memory of 2788 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2784 wrote to memory of 2788 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2784 wrote to memory of 2788 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5d1ecc820cd761ffc20eca6cc099ccb_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2784 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | secure4.office2office.com | udp |
| US | 8.8.8.8:53 | maps.googleapis.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| GB | 142.250.179.234:80 | maps.googleapis.com | tcp |
| GB | 142.250.179.234:80 | maps.googleapis.com | tcp |
| US | 3.130.204.160:80 | www.beijobags.com | tcp |
| US | 3.130.204.160:80 | www.beijobags.com | tcp |
| US | 3.130.204.160:80 | www.beijobags.com | tcp |
| US | 3.130.204.160:80 | www.beijobags.com | tcp |
| US | 3.130.204.160:80 | www.beijobags.com | tcp |
| US | 3.130.204.160:80 | www.beijobags.com | tcp |
| US | 65.255.23.11:80 | secure4.office2office.com | tcp |
| US | 65.255.23.11:80 | secure4.office2office.com | tcp |
| US | 65.255.23.11:80 | secure4.office2office.com | tcp |
| US | 8.8.8.8:53 | www.hugedomains.com | udp |
| US | 104.26.7.37:443 | www.hugedomains.com | tcp |
| US | 104.26.7.37:443 | www.hugedomains.com | tcp |
| US | 104.26.7.37:443 | www.hugedomains.com | tcp |
| US | 104.26.7.37:443 | www.hugedomains.com | tcp |
| US | 104.26.7.37:443 | www.hugedomains.com | tcp |
| US | 104.26.7.37:443 | www.hugedomains.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 3.130.204.160:80 | www.beijobags.com | tcp |
| US | 3.130.204.160:80 | www.beijobags.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 3.130.204.160:80 | www.beijobags.com | tcp |
| US | 3.130.204.160:80 | www.beijobags.com | tcp |
| US | 104.26.7.37:443 | www.hugedomains.com | tcp |
| US | 104.26.7.37:443 | www.hugedomains.com | tcp |
| SK | 213.81.133.141:80 | tcp | |
| SK | 213.81.133.141:80 | 213.81.133.141 | tcp |
| SK | 213.81.133.141:5000 | 213.81.133.141 | tcp |
| SK | 213.81.133.141:5001 | tcp | |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| BE | 2.17.107.235:80 | apps.identrust.com | tcp |
| SK | 213.81.133.141:5001 | tcp | |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| BE | 2.17.107.99:80 | www.bing.com | tcp |
| BE | 2.17.107.99:80 | www.bing.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 3e455215095192e1b75d379fb187298a |
| SHA1 | b1bc968bd4f49d622aa89a81f2150152a41d829c |
| SHA256 | ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99 |
| SHA512 | 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | d7db14cfe0dd9863f3a3a9dde468c6b7 |
| SHA1 | 310bcbbe5eab4a5e3ba65d29a979adb52f51d924 |
| SHA256 | fc834b4c313e848eb8ab1bb9863dd8d15b6ef12fac1898c993bac9cbff718246 |
| SHA512 | ac8b36a9d87ee4824aac323cdfef639ed85ea1c32568d973e55f5ecf49f9f4a1b980ce654d1b8f527675ca228faf6b62d288207a4bf930ba50340e95122fbb66 |
C:\Users\Admin\AppData\Local\Temp\CabB76.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\TarB9A.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 71a45a66d601ab410e48fba684f435b5 |
| SHA1 | 478fd087550b25f3c237a81117f42674d00c1c36 |
| SHA256 | 39bce04a2c82bbd469fcbdc312fe48e4a2d6779361bc6da16d0972adcc7215af |
| SHA512 | 51c6f79c8054116be71eeeca361634b88a9964782473dee9bd1e20eeaea6ae9dc6f1fd4c230f47ddcf77c869f614572d463a33fd6cf97da7d44e52ef622fed5a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | cb85f3fcf86ef0de7ef258539cae87de |
| SHA1 | c73288fff07885a62f8c7033b348863ed3b8cad1 |
| SHA256 | 7430a96d94b1faa5363b7656b323ffa416fd262e0405e498bb143dc93443963f |
| SHA512 | dc152f2e8c8f7e316e84f7a1f3996e02c08d582d6d0e40b8bf7171e359ea952a80b7452e56690b30fe98b4655d4744e8529a930449ef1cd853e377f86294b2d2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | deef08098825261e809bb1b9fe8fa7ec |
| SHA1 | 751000b8b8245c1df055e07327e84d6ebdc60cf3 |
| SHA256 | 631a86301ab47c2d76d3d2fba2cccb427a35d692e8f2f39ce336215d2ddf91c6 |
| SHA512 | 3f5954eb74b5bef585a71a08d6169f6a50cc0b911ecd097e7fd8623dfae222478aeb06533619cd9cb325ea91fb2135e2b89e4b45d7d91bb9bf76576fa1ec9fdf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
| MD5 | 8976d7e0b6402ad17d414dca2497b6cb |
| SHA1 | 0209d897aea062d97e42fbebc538a60e29719520 |
| SHA256 | a66f3143e2f65ea4e63fe53ba1307980d45510bb517eb5602e9f56051d436c1b |
| SHA512 | c8da56f42c1a7c3504513589973356887acb60fc001e355da2f7aa629465c60b2fb8eafdd3c92109f3cd79c9196ea40d170d35fd094599c25072b071e8269f62 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
| MD5 | 8202a1cd02e7d69597995cabbe881a12 |
| SHA1 | 8858d9d934b7aa9330ee73de6c476acf19929ff6 |
| SHA256 | 58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5 |
| SHA512 | 97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30ZAEQJZ\domain_profile[1].htm
| MD5 | 15aaccb9de3d1304679288a8313d128c |
| SHA1 | cb0781bea9e0e861f6eb89d563e976b30ec422b5 |
| SHA256 | 98a545ff6af03234da1c18fec3f5be5b390dfa7728f4aa5ae3a871500eed977a |
| SHA512 | 48a1cd1bf84d7aa5b2af46c82655e9f26f1fb898b57e8ca4f5874c04b615730c374288861ed8eefe0205ec039f6304ade8b1386d702f26fd13625d9a711ae47d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30ZAEQJZ\domain_profile[1].htm
| MD5 | 28e3da8567a94bcf263d085fbeb2ce3f |
| SHA1 | 767a478b9b2f403048fed8ea383bdb206e0eaf03 |
| SHA256 | c7910fbffc73dcd8dce479e618494eae688a8e00c9011a8e433d6ba4bb57e6cf |
| SHA512 | 25b73dfe54b173575e4245ddc990f6bc9319aa46d8a093003fb30f429ddd74be35b29fcda11c37f591178ce694d44a169ace3f41e8043c3a38fb70b49b2dd3c9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9332dd126b8592a63a5a5b2eaf2b8d7e |
| SHA1 | ac43a375390a4ee31ffce92f31062377cde205c1 |
| SHA256 | 108caf4e557eb99beeb1b71b369fc69dd04d8fe06b82280a2dd29c4379dddba4 |
| SHA512 | 2e688af4de8fa19a24b91679a55812faf8054aac270d46227ed87de39e24095d224e27c4ab8859afafe9856f49dff52e52387d2d90c4110a6fef90801e47f1d3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8762db6588c27d2346d40499e859251f |
| SHA1 | 3fb4eb5e5454d355c218e58c0c926758f1f70b8a |
| SHA256 | 5f64a26b8159ee98f778512d9fac233fa2e180326693d051092d291e817bf6a8 |
| SHA512 | 7ecc3bbf99682389c057ba026f3d3d48c3b8d8c8e0401e26dea201ede8dc9cc79b3f398b93b55b3cab91e6dd467331338c5f96c840f66ba95e18ede2895d55f2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\51EA9CB3F0C591E8FEE0894403DF4735
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\51EA9CB3F0C591E8FEE0894403DF4735
| MD5 | 8ecde9ffef54711bb9e666d1cacb1c7a |
| SHA1 | c7262ca94776f25785de1442e6ec92539cac11b6 |
| SHA256 | ca2be5f73760fb8c348b028d11314ceeb9b6410e0d69135a6cebe71478d8cb4f |
| SHA512 | 7e15f4a73c0903eeb98cacf155e322ef2d689a7bcaafffe4395094b72295a6e96b1f7124a4dc70538f35ad45316acdf0513da241c46e0866ef777e3d3cc2736d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2f3593cb7e80f86476dd096eb4060e9b |
| SHA1 | 0d33513632fcb62aea64c39e682ba7c6e12b7281 |
| SHA256 | a9d5fdc7da54a9be82fe304b5cb0ebd62ff512d80f2fbe7c6c69da846077a943 |
| SHA512 | e1bc99ac5dcb5bdc6dcbd26eca105fefd0f9168c3b46304d8182848dec9534429d3f59922e8f6ab967a95d0f8070c9af1a79a50829116a29c73f831dabb0d707 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ad02e9504c3443f9f8c6a64887e588f8 |
| SHA1 | a6c02edf96547ec23cfbc9234d1c68273d1fd87b |
| SHA256 | 00737e1e762074c15270b2db273be6d16e71cf9c354c049dc473bc6e48a12272 |
| SHA512 | cd02a35b1c49eceda1d6eae3bfcec0c7672eb39fa6fcf087ec8a7e446f861eb06f4d831fc0c6c7257d6925c2019559adf7124dd5580bed14bcfa6f480ea5c582 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 27ed3414a2803ab231043a5a4297d3c6 |
| SHA1 | 50d52b6b0f5a8bc2a2af7f92eb017194ef01ff15 |
| SHA256 | e24ccb74a3ae36f5ee883e5e92c854e13ad59ea02d04d4ef3dd0cd1d2600399f |
| SHA512 | 6d78459ad0bc1d12b3afc33588b2757a4adee9b1cc4854d734aeb6a6da032029ce9d42629211ab96b9232de12e9b9b30b59af8a9422b38381ad38f494cb9a497 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0f684b1e06bab663271eb5f0a518bad6 |
| SHA1 | 499c058ab65cb9f4c9bfdb75692cc183377bb1b7 |
| SHA256 | 366b8fbd356c5ebb74215a1a3d7b0d4cefbbee5018c97ebab99d11d5af10897c |
| SHA512 | d7dadaa255c6cf510ce4bbd4fcad3fd7ea08809ce6cd1537cea6eb6eb646a0385df180dedabab393806d53a5b8e7a387313a1f32a2ae6c49b091650f2f5ecb4b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f24fa9b122a7ba3b836683e27390df23 |
| SHA1 | 7152b23354e7495908f615a6a4a94c544c22f259 |
| SHA256 | 9a972824a9aee4ed28f9c7ec28f0d4c7e7b596ffc19f4ea38e70405cf9122eaa |
| SHA512 | a71e76dd01a1c3e2581cd73c0bfa8ee4f7df3268306fa467008f2f33071d10c9ae8fd171541d433404c3647a4bf405f4c6c566d26a7fe8d3acde642f7f3b6205 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8512ea9ac8e423100d817064539eda82 |
| SHA1 | 1a8d2a23bb2c502b2dc1892529ab6dd5fb9c2dbd |
| SHA256 | 93d82ce1ea512bdc2d0835b95e989126b18b8cb764deca388af341d94468e02d |
| SHA512 | 27764fcba2281bae7acb24c2978cb737a41d6a34f9d888d1e0f477b19aed45617276f070a1e83a4ca61958f1cc3473d52b67bb3d30c42821b921eeedea1c6b33 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c14490c02ffb403cf4b51a9a6bf5dae4 |
| SHA1 | 5bcaa350183866e20bb53d46184f6fbd7c05a9e5 |
| SHA256 | 4f4f55a9a523278530fc3c08144c8bc78ab900027424339e9eb9f4479e61e14c |
| SHA512 | f54123c96589fddd4bae961194040315b35ad68b8a0f39ecfbca3fa5b3f9c91c6110b9eb599447aff2d7c15c9378fb7d5efda5f229b421fec13785dfe2d10785 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | dd62783b2c8d20266a0db44007397030 |
| SHA1 | 02859ced48a874e1b3a95930bf3545cb6f38f12d |
| SHA256 | 7b6a220c21ec005add84ce0791ac7d4f37e0f0e2b12869dad17eea00e2b42813 |
| SHA512 | 6086d7f40ccbf0ec309accf1ba567ce7b62c72aa0814c7f79ef21a3cbf3d5201771a8fe9493b64b8d049e4d7a3def5f433c08c89a4c86b6e727a1e48a37b3e1d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fdef8a3d6db25ac682f685608423867e |
| SHA1 | 65b1bc59004a340f76ae1cd12264c8f22e9b1300 |
| SHA256 | f542642884b50a64849dcd83eb3413968ac3d946315b7b0b34a3bedfc63ee891 |
| SHA512 | 05fe4e8baf095da0c6539dca03b4fd1a78f5aa42574518ae337c504f288a47797007a22d02f8c7a7d26f39c81b7b41bbe8334b77b0c1ff59ba8594a323e31942 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 19027c44569511e855d31d6288a81336 |
| SHA1 | 8ec7f2d0351d7583b5e71a0dcb0612b740a57cfe |
| SHA256 | cb990f1b87312bf3942a2cde1a85e70d150dfab28eb2c00b39ef9a4b31294deb |
| SHA512 | e1bb436207a058be014870f9ad6a72a629bb6b95ff70197083bbf82be008931d4b23f04f6e30c3867174dda6d320738fbd4de1c4f668be23de60e8bfadfdf507 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7bf705b8fb402be7eca6730b92fbffca |
| SHA1 | db366a3046df8740f26aaf55455387f3849728f0 |
| SHA256 | 9f401cc4198983abda0e40cbe9e4be66511748eb413c2ce3b8f75f7ac5a65816 |
| SHA512 | bfdb39310c49ede88cf273ad63605a2bb354af1c12bdbb5c39147dc186a83a1ae08216349fe8bbf89c63013851ec221f7c36219d4685c86ab5dc7a9688030070 |
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3df4079fda2191ea6ea5795d98e719dc |
| SHA1 | 4e9225c23e305fd3eb3ace9fc5735ac6916e5ff2 |
| SHA256 | d7930ec2c6cb29cae03f6c711af1ef80dc80a09f464b31dfe26891247c5ca0bd |
| SHA512 | fcb61a0512820405f8e77b91e760592d58b4e834ff5826fee26d6ccd4de54c10108edd1d5b6867a99575def867cfaf5a46981e46ba79fa4aefa37afff54cad91 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8f9a1a0b7b5b1df72896445dcc667678 |
| SHA1 | 6ec28cd9aff41fb71c8e562703b198de87b0cbdb |
| SHA256 | 69b4ae75687b88f77c083efd3306b270b68e03ad2a0294917ba5756fc95203d0 |
| SHA512 | 790ab847b3de557d3754c74d02bf6e7f0985e25e77815102c7030903b9352d50cc99fc78d8e01acbb56d931e10c35affc6879fa917f3c9b816bdc33098daa22b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2ba2b820287af61bdff8912c1fe65f92 |
| SHA1 | ab03e3cb32823a8d053e32ba66d63bd543f61223 |
| SHA256 | 204d489e89cf9708156e43155be0a6f1346a7a41ea67ebad21d9d81301e9cffc |
| SHA512 | fd1b34a4bd74d211b2ece1cd5180ff8e1e8e597af37b5bc402a2a58b059fadd80e7bd2871460339b0f40e2417db01fd269558f0119b33f367bdaf58346febee9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b86816bf6d7391a4048f64627f2306c3 |
| SHA1 | ae983c8a4c3604e7f170ab0441f90c19e91239c1 |
| SHA256 | 4048bc0d96a2ff9a18ca390746b6b389b38599167af980f518a4c8db96f1853d |
| SHA512 | ad3cbf12175519a691dbd93863962b1e5a8f5a0d2c5a65b3352feaa31560b8f4fbb1e3482b98fc2eec530d5040dca66aa247fdd6052489eeeadba40f9da0a06d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 736cf7ce30d7efdbe9b0d1f91682a02c |
| SHA1 | fb80c920464e21d50425ee25e199b0e36bfd7649 |
| SHA256 | b40504ad4946b750de5e289705b2231d63f5dbf20386fac6bcd992aae0366edf |
| SHA512 | 3724a803a7c8e8cdf4bc52dcbf6b5a9568e2c6e58c8e8d79cb560b62ecdf33b7446a9f1988c8c5e36e12cf836473e57baf3a5102cfe4ad34ead19824657922a1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b56e7ad55738e9fe02420896decf8db2 |
| SHA1 | 0c6fc84fd2172304aa0a5db75ce83543e73d3a18 |
| SHA256 | 7dd24581826612fc8f8dcefd74b8c7ac0c440b20547632bc20e7f07693f3169b |
| SHA512 | 3d11ccc0563039a7d76ad78e9f2570ae086a167b2a158af569f7bd1a083dc3ed54efd6f01e4d1c2d2d26f1903595fd90c12a0c4b8081f4c2a102d7f308cd4ecd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2561b56ae665ba4485fede1b0b506a09 |
| SHA1 | db34a6e27261bf13d321d96d33ff5ba7e17def42 |
| SHA256 | 8ba03928083000610eb036298d3c2b064455396a8fe1f4c87648e36d9ce75fa9 |
| SHA512 | 5faf2dc46084a96092cb0da6090e58f8b3f93d2f23ce219b5f4430ae0e5eb8d63b0f29d0f78e1ccd1ff55a8934a46a48efc781fb65931aa419fe471d41ad84b1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7f6872d0d08ed2082f90066bdd888248 |
| SHA1 | 916acffb15d5bdcd19eba266fa57cb2869d68e3a |
| SHA256 | bc18cc63c47250d38115bfab72630d1d029b3a563febdbaccf8b7c1690f6263d |
| SHA512 | a4021ab2836dce8d7702dcd71315cfeec97820c297d2941252541ea6500c547d20051b3e07af99dc70750ca6d508be29ce290a4fd4b49e935c57214e45bb8d9f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 11473ad936182c46fc85aee9683da07b |
| SHA1 | f671ae793ddd59303fb2b4010c53b92d4ca17a65 |
| SHA256 | aa85fad5206fb1055f181fb9af805b2ded93940927cf0afe83035432c8b7d2d8 |
| SHA512 | 6ce90f522951c8e299f8c5cf6b83a374659f1c2b90b7c97532c8e781eb8df96e33ff4f1fb035a51b1c5e81e7588be03b7f194d95e944c5b9174bd573c5b0e36b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bc515cfe0f2b0948b5d36471d2ebbf7d |
| SHA1 | 14265f94aae6a24dc99716662e421db4b4578433 |
| SHA256 | ff8df1b7970e339ae21e4724a6f272f37ee7fe148c1822f2a2a80facc887e6a0 |
| SHA512 | 24addf6fd41fbc789d4c150d3ce310064d150aab08964c7bc94b1116ac76ec92823c92828955d6d11b8624094f1da3f26f57808a8f00156775e2d938a1ebdde8 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 13:36
Reported
2024-06-13 13:38
Platform
win10v2004-20240508-en
Max time kernel
133s
Max time network
143s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a5d1ecc820cd761ffc20eca6cc099ccb_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4000,i,7012731823941922179,12386606396608877869,262144 --variations-seed-version --mojo-platform-channel-handle=3700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3976,i,7012731823941922179,12386606396608877869,262144 --variations-seed-version --mojo-platform-channel-handle=5140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=3852,i,7012731823941922179,12386606396608877869,262144 --variations-seed-version --mojo-platform-channel-handle=5160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5464,i,7012731823941922179,12386606396608877869,262144 --variations-seed-version --mojo-platform-channel-handle=5528 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5472,i,7012731823941922179,12386606396608877869,262144 --variations-seed-version --mojo-platform-channel-handle=4344 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5712,i,7012731823941922179,12386606396608877869,262144 --variations-seed-version --mojo-platform-channel-handle=5696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=2088,i,7012731823941922179,12386606396608877869,262144 --variations-seed-version --mojo-platform-channel-handle=5964 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure4.office2office.com | udp |
| US | 8.8.8.8:53 | secure4.office2office.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | maps.googleapis.com | udp |
| US | 8.8.8.8:53 | maps.googleapis.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | secure4.office2office.com | udp |
| US | 8.8.8.8:53 | secure4.office2office.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | maps.googleapis.com | udp |
| US | 8.8.8.8:53 | maps.googleapis.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | secure4.office2office.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | maps.googleapis.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | secure4.office2office.com | udp |
| US | 8.8.8.8:53 | secure4.office2office.com | udp |
| SK | 213.81.133.141:80 | tcp | |
| SK | 213.81.133.141:80 | tcp | |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | secure4.office2office.com | udp |
| US | 8.8.8.8:53 | secure4.office2office.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| US | 8.8.8.8:53 | www.beijobags.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |