Malware Analysis Report

2025-01-18 00:11

Sample ID 240613-qwnb2avfmr
Target a5d23c063d194c4148107288c735186c_JaffaCakes118
SHA256 597aae8c7cddfa18a2cc5b6d63d5f901cabe70e8c4b094e4942f617caa01ab3c
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

597aae8c7cddfa18a2cc5b6d63d5f901cabe70e8c4b094e4942f617caa01ab3c

Threat Level: No (potentially) malicious behavior was detected

The file a5d23c063d194c4148107288c735186c_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies Internet Explorer Phishing Filter

Modifies Internet Explorer settings

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 13:36

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 13:36

Reported

2024-06-13 13:39

Platform

win7-20231129-en

Max time kernel

144s

Max time network

145s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5d23c063d194c4148107288c735186c_JaffaCakes118.html

Signatures

Modifies Internet Explorer Phishing Filter

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PhishingFilter C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PhishingFilter\ClientSupported_MigrationTime = 90b580c296bdda01 C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424447679" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{FD8E9121-2989-11EF-9479-523091137F1B} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50f16dd496bdda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000002c1ebc0b151a64fae6f058938a0f4ea000000000200000000001066000000010000200000007a0c653b9e3ba19918db5e93b394069574cbea7b9881ff578700d1a3bc11d701000000000e800000000200002000000045bc0ba5b9f1f858d26a8be67ebede93c11c8360c57c44deb758b75b245562aa9000000006564b519ebe1fa12fc2abc114ae79455277cf94114ef5b8f8f9a7047a0a3b3334839cd57fe71ec81ff26e868e3feef307a90c97658209e9b520bb8a022e542d347f942f9abbf2a89f3f00c7f4d2531f6b9afb7550bea240f9068cd228b285d5f14a91e5a5d250131a5d8f30b241a9fbfc90de632b89232ae7ab8e54ff625356227b07411c7db20ffb108272ed6792cd400000000bbc22fb42b30ab8ccbc0c65eaac90c1e13f09449f9e3b3b0a14b00d740ba3108642bfae341e141df8ced17befa207596b5ac3f49687aaf09928374e4481ea90 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000002c1ebc0b151a64fae6f058938a0f4ea00000000020000000000106600000001000020000000f99b2e1a79b4dc8b4a60f1ed1c89b0738eda498fbbf8a86cf20c54dc38ca6d10000000000e8000000002000020000000ba683afe303c14ddaa0e0e8e39a3f0faaf46fb104281f0b8ef392f8da3c740ed200000006c41eb47f549ecb04a66a36796be620001b26fffcc443c3047e10fcb18590925400000007734185e9a75f2febac042b97f94e33190bf75353e66c952b83126b522970c2ce6142cf39eeffb0a68f569aac7f893bb3c92ec2bcf5004e623e142ec01eccfee C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5d23c063d194c4148107288c735186c_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1788 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 static.mackeeper.com udp
US 8.8.8.8:53 loadus.exelator.com udp
HR 65.9.189.97:80 static.mackeeper.com tcp
IE 34.254.143.3:80 loadus.exelator.com tcp
HR 65.9.189.97:80 static.mackeeper.com tcp
HR 65.9.189.97:80 static.mackeeper.com tcp
HR 65.9.189.97:80 static.mackeeper.com tcp
HR 65.9.189.97:80 static.mackeeper.com tcp
IE 34.254.143.3:80 loadus.exelator.com tcp
HR 65.9.189.97:80 static.mackeeper.com tcp
IE 34.254.143.3:443 loadus.exelator.com tcp
US 8.8.8.8:53 mackeeperapp.mackeeper.com udp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m03.amazontrust.com udp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
HR 65.9.19.26:80 ocsp.r2m03.amazontrust.com tcp
IE 34.254.143.3:443 loadus.exelator.com tcp
US 8.8.8.8:53 assets.kromtech.net udp
GB 142.250.187.202:80 fonts.googleapis.com tcp
GB 142.250.187.202:80 fonts.googleapis.com tcp
GB 142.250.187.202:80 fonts.googleapis.com tcp
US 8.8.8.8:53 event.mackeeper.com udp
GB 216.58.201.99:80 fonts.gstatic.com tcp
GB 216.58.201.99:80 fonts.gstatic.com tcp
GB 216.58.201.99:80 fonts.gstatic.com tcp
GB 216.58.201.99:80 fonts.gstatic.com tcp
HR 65.9.189.52:443 event.mackeeper.com tcp
HR 65.9.189.52:443 event.mackeeper.com tcp
US 8.8.8.8:53 pki.goog udp
US 8.8.8.8:53 pki.goog udp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
BE 88.221.83.179:80 www.bing.com tcp
BE 88.221.83.179:80 www.bing.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BEEP71NP\loclist[1].htm

MD5 4aa7a432bb447f094408f1bd6229c605
SHA1 1965c4952cc8c082a6307ed67061a57aab6632fa
SHA256 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
SHA512 497ba6d8ec6bf2267fe6133a432f0e9ab12b982c06bb23e3de6e5a94d036509d2556ba822e3989d8cd7e240d9bae8096fc5be8a948e3e29fe29cab1fea1fe31c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar175D.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3ba0bf9b1db15b8ab18ee3dea5daaf8d
SHA1 28e0052c093068df0cf563e63a740e622a21bde7
SHA256 948e1c78ed416ee94f36a071f04ddd6478b2e74805f2cdadd179f0631194bb9e
SHA512 fd95b756b4bcfd69c23d84e0bcac6834301519f617bbbfb7fa51c986d67a04e49ab269adb4f38bbb672588ac82dd85da673e667aeee7fb0b12bbd08ecbc34550

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0f23a1394279c2f889aec4cd0ca96008
SHA1 6596c4159a4b7296aa9bc9b83a5ad01d8d7055c7
SHA256 6e4349b5cf366d994156811bc3b8f9741d966a280a03bbd4df0363c37cec1dcf
SHA512 2c921521027984b8b9b9d322ef67b656a64ce70455b8f970d7cedd7c995ebc74524831cec149abd5b4140c9cff6d7e49b39d11390eea8a0f0cbdbc45e0918053

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a8b506f13558a235b1e26529565c60e3
SHA1 6afcaeb1cb34a782265073400a5f9627adb35015
SHA256 cccc1d96af3668b54bdaa00e4cbe47c772565e92dcfdcd07f44bea27bcedbf07
SHA512 a59ea6e532e741a4a4246a847949f1bb776a0e80a5383cf112dbc60d7eb36b0eeb121cbb3f3af3fbedea81c93aa9d63d3467a65bded0953599b95930fd454a1a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d0b035592db25fba6e3fee77fe0b9c8e
SHA1 99261f982c6975a1e459662457f848458b2a02c0
SHA256 5aedcb38fa43874cd13232947322da2d6b7b1d78501d8c113323d0f88556de38
SHA512 d827f231bede78fbb5c68cac8a4ee3f75455d334e4d3d9d47f3847f31d995e8387b7e08310388aa0de1cc69c3f6272a25773ddfba52f748e8c809b3ec03cb8b1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 15eb75827cedb0ba632df7b25dd107ea
SHA1 04a2bf9e5879571b3cec8cc461fa8f34890b08c0
SHA256 2ee3ade395eeb4ec9c325fec33996ca7405d1f102043002aea020bc6c48815d3
SHA512 43c477d4ebab6f504a1132f6a7e817fc54fc72e0c5be4c7f3766b23926090fe84d4fd1603d6c5923ffd19c7900b2cda72adff8b1659b711b519e4c1b85892adf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 37c4aa246ed361487f8486ab05eb68ae
SHA1 8d34f260f30869225e683e41870877878d1d9cd5
SHA256 abadb92645f7be647effe3df3066fdb673a65739344f2d3c063d9d230f5813d4
SHA512 736b4060e7ba6df81511590c9ab60f2d00670856f024df29f92c518318d94475d209a97757deb5cf4d7eda0eb33c518a466dfc45d011acdcb8e9b1e082d580ae

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9b4930eb2879142050388241f4157e5f
SHA1 89f7dc0b6275697ab30a178f5663ee023c4ac01f
SHA256 0240f0ddc65c1c4d05e3c639b7704873b1cb5031700640f546eefa74dfd9906d
SHA512 fe9aa002ee9515f55d446533c5a1baf834cba3ca9e499838b164d1f405bd9bcf44e8ec9688a8e94109b37b70a695f026c3e88d3dcfcb95babb804b847450bf0a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e6cc73cfbd4544afe1db40f8300d7abe
SHA1 2520c6b64f76e3381235bba9327115c7908420e8
SHA256 ab1519c531e6ff23eb9d5757d736af2429232b67ef5c7bb8a0ee1ddac154b62b
SHA512 d8b2ece86166fac5cac830f831a6bdb4a7b73a1fd02f9c91828b41ac7999240ddb83c0b9f6054d03a3412a21cf5357a6cfd3c450513cdfed69d333623b3688e7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a84873d0bb622ff5e67ae862bf193d78
SHA1 f260c943679773a5a24f7476763ce3e83bf5bd15
SHA256 054fa980a99d8514cfd0ce3763cfcbe6b6d81c48ec9a8702a157c717bfa6411e
SHA512 c8a25a8f1d5864b7b3fa4763c862586d4e6d90acb2f589bb0cc3432375786af43c16d078b2c03f65a679cd973dccccbc4668a1659f229243cdaee56925256841

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62

MD5 148ad31c00fab3d15026cf06f2cb6d21
SHA1 a2dbb750324a6314cbbc72d82f28aac4b745c9c5
SHA256 601089c8394db683541f3b12589c07574c8e72dff1b44acb83b6bb706db29147
SHA512 8d9c1536a2e0bfe3e84257f740e773e069584dc63216810ede4b05c4b8cf2133a20b2e0c27def21d516949545629ed8e761ff884207f30b692d142a9a0475d45

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62

MD5 0e747431a0a0e5b4b512a20364a54ec0
SHA1 ece31c69c7adae831dd82ce65d34affc6805e0bb
SHA256 5b7ec9afa8be218c8fb6abe5ec50e7e220e899837a61f62f8a971d4799f81559
SHA512 6afc3ca8a262746de9211ee98fee82ba1574b2d799205245df9083bb96e48b1342ba835a37a15b1d219f5830c4cf3257c18646cda476a0e527eab60fc2211f20

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894

MD5 6ca1ef180f252a2a62c287c8d33797b2
SHA1 d1885bf439ceae45c4686b6ac687e112c20d7cf1
SHA256 7fba2a2664f0e1e0fa652a5baec89c1d6a92cabdf526820a8e1ef0517526957d
SHA512 7b5dab82ea8c18addbcdc6f8bf319acf4c6935fd049ae86824c4b5e1dec55ca398e041fe93739f879252c641aa197f564438eb9b46e4b9e32e6942ee5dfe9b10

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894

MD5 30290873dba795dc3693b0bdb5f3230c
SHA1 49425c4336a5dfb8b351c71a623e26349e5ee8e9
SHA256 e1105b9c81dc4fb07d6b9c68d677e9640b06de61269d139eba2c00f2084f28cc
SHA512 2ee5388a5a3410928b8b63b7917e4e806dad7e226411591ddba8daf226e266531b94f49dcf55d6e41577f703aa0f2d20f5c74d6a378d6b2230f51e1aaedf14a3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_645BC4A49DCDC40FE5917FA45C6D4517

MD5 b4665754bc1bdaac5ed62bda9c58729e
SHA1 38611506903036cbc994f86807b751fdba599237
SHA256 43639f4b1724551cd5a8e8b79f832689794c0ec13c8a8bf8bf0b38ae3bd11cf0
SHA512 6a03851def8ef57c967feff149221a177c640d229ca4fc774fb077e0d122f624d62b48d85bc252856110d51064f9189c2dc4647c64b3a791c5d07f01da52ebd5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\75CA58072B9926F763A91F0CC2798706_645BC4A49DCDC40FE5917FA45C6D4517

MD5 9098d3d858da02b9157361ebc37c3483
SHA1 7fe4132b4732e9ddc3fa877cc454fcbecd840bc4
SHA256 5a8b0f644b24c81a2a4b853479b0b4f3133efefcd10395ca9780842debd86b98
SHA512 81510c7440f4f7d619a4fdaf95f69e15b52b9aa5520270dd68b3a1b4ca8b77c0eae772cb03aefd9ffe3db5db837c261d82dca83c0c0f85a105127ed433d1b07f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\83D863F495E7D991917B3ABB3E1EB382_4D506EBD8371D43E19D08592A41A426D

MD5 e5b1174648f46d8f6b1ef5cd805933e4
SHA1 5b7d160a4d9fd5a3dca01f880272957eab244ee0
SHA256 73aaff0414982dad03b13f53c7751848baf2f12a5397244756e9fd92c70ab20f
SHA512 2b88ce0200b46d2addbef465c581074c2f1259ad7969043f4a5b156fbcc24c2d0229db7c74800468ce000f2c0fc9b5af487721efd6b2a4f8633301a7b11ea07d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\83D863F495E7D991917B3ABB3E1EB382_4D506EBD8371D43E19D08592A41A426D

MD5 5fc2cb94a96cd0dfcb5e4d0e4cfdfabd
SHA1 d8b0e6d15349c743320a717548de8b947bd6c504
SHA256 e3a7b0a871338263878cfde538c2259bbeba54dda73fd19e8eaf4786357d43f2
SHA512 c00e07d87ac0930a49a402a271d58d3ff90acbfd619caeaff401b4bee4a0f5f3c898528b48e7837d02a629ed6b6166ce6b168f7964c2e79844a3ec4b25559d87

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 14b1054360c8de4afaf07bb5c773be3b
SHA1 fd2c36bc25fcab3649a6d5e272407913a5bf1507
SHA256 f826514e21281fa166b150776e04e3e2631b8dd1ec82bf7245a4f5a50b61b9ae
SHA512 13e1c0700eade8732673910e4fa3996761915a620b5ba4ea9740fb6bd5a2d2be7f569649b53cd6b2fd5896a16d0a21062dbcd379dc136585cd0acded9b12e97f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6cabad4a5b8bd10800c0c7c587985150
SHA1 5c7726820dd971f1cd21a3faa75c05e0b35ed23b
SHA256 a889afe47f86bc4ab01549eeadd05ac073712befaeebe7f5b931cfb611a660e1
SHA512 929df13f6e15df48031f4d6f9b4f228e9e3d3c5bf4ab2920858f8203bd9ee1dda1fdeb481d399ee91148edbfc08e4af15d4230bd20280338c4a45041dd9967aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dccc0793816615fd0eef12332ad0ffd7
SHA1 1e94e5d7470de03f94e9af4ba16742f93d3234ee
SHA256 883e6b057cb623f8f7a6ac220f909ac641d4ed72b9c095804cbdf0effc823654
SHA512 fcf501e37ba2a38b9bc725faf508f03ffefdd23a19c7b12742fcef0ab76140982326faa15023589a77c423fe1f206290b874c27ea40faf42aca6f8b59f23946e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 78a5f4d30a7ebdc657f814c902597156
SHA1 5e5294dc6a148e6df461104bd6d6b2984195c29b
SHA256 337738104d5c95fe2e2cf2867d785a844065ba1f4ba82e568a761b683c7334e2
SHA512 633a4f6107cea0560f47379ed79d8d1993fc2a4d4e4ac77715bcf2d4f763964dd5a49e32d63fe3fa010e6adb7da4562daa7662be09fdd659104fc585a03e76e5

C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

MD5 da597791be3b6e732f0bc8b20e38ee62
SHA1 1125c45d285c360542027d7554a5c442288974de
SHA256 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
SHA512 d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 94480db44040ade8b9fbc1c30554a87b
SHA1 d984eb42aaff96c5a7835ef19f5f4ffdfd2fec30
SHA256 6d2ffa0c4e363f625a48865f24c8e96dd77c9efdba21a83efade5aa00b3ec118
SHA512 bddafbd1714487f408156131fa82f581b0d3833d727c51189728bfd46b1c9936ad858003487fa2dc224709c14d51aaf8927a75351f81cd16eaa123908b1111d1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f838444efbd2f1245f9657998c270cc2
SHA1 e99a09d8e007d8349fa088f47128b6e3b417c4e4
SHA256 d62f1b738e692efa0b68bc540c21d763fa8422008aecddc0befcd173585d70ba
SHA512 ef1af58138da4373e5e78365be0e1cf417e5649ba8d06bfed506264e1e8516a96cf322a31062972d9eea448cebfe9bd2c4d776e9e55625da39fd6da0ef8a82c4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 095522399aff8288901c419247a5a7a8
SHA1 91d1b4b5f8142e3dbac92a59ff705c4f86269981
SHA256 9d268cba49c64bcfb804d0216c8f801df3f88086dbd5a80b4403edb4331abfa8
SHA512 b898d55ec6b828cc1f09bffae141e03463e14501d909e9a44bcbe18cf6a67fca27b01dde86afc7542583be1fde59e2dee87e927a9af80fbbba91d8759cf7f040

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ccc9a54b8e955b85e03f21af145c8822
SHA1 41ac0f32c714748b85641711557c51cafe542976
SHA256 7685b42164c8e7a96904bfd67314049c2c2bc6160d6fe0f31a45db2d29b306e6
SHA512 19bc190dc1050c91ca94dc4c8b1556b25d5f6b5fee20709dcb57e66072c4387b576405c13d9531bd0fa1beaea23b0ed23525cfeff328d5d2b30f1cd52c4c6a4b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 69ab81aed8d49f8ca5c2b7ab13e4e308
SHA1 6306baa72c1127f5bad39bb55e9f21dd97f7b042
SHA256 c31c4caf57e1e5593c6c048435dcd8b16d7ea96a31a27fb576cd80138e5f42de
SHA512 a3190e9739ccdce7f4a79f432fbd57f0a6df0cdb57126bedd053fccd89bd1ec7696552ca1c0a39c3b4f4b4e6b4e2663cde2710c64377556a86773a450d6b9e76

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b891085e1a429caa621b6ada26434c2e
SHA1 01932ba6f78bd57443bb28865dc13a6bc478cd94
SHA256 41e2e6efca2c771e0507528de9a61a3439e8436d84441d9f1d91888653f07a6a
SHA512 ef4515a880ad3266b94aabea46b6c169411f4c46246e0cba22ae0d4186b2bb75ad187f4496b219a2b4690b60da699d3f0cae0a17ea82b5405c1582b5ca9fd748

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7ce9ba64b2a3bc101dfaff3739a2acf9
SHA1 c4bc052b5fbf991b833ad90c8d208ff1b7e7066c
SHA256 7600dce36070788286f8060e294d5a77227325195ec3a6eca1740c6df2994928
SHA512 5bd6dc94f1e4a35f156bdb339007b3744a8ccf0600fb7e1fd4118c6f7b26e427ab22baa6ecb2b003fb9ce16f5adcc67313a5bb93ad23698cf673d01279af6bbf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a7656e207a830431e3178ef233dabbcd
SHA1 5d90ebdc223250579f8b3065c5216ac967e2fe27
SHA256 0c34708dc7930f15eafa743e742821bfd8b5ceb0ed8fa27ac5a298f1ec8cbc8b
SHA512 222cc55fb6a0fcb9b6742beb7698ce96b3c1c6a3d3908c020b2e0ada0fd24909db53cfaf9c820e228b42e68f8b1f536b1fbb7d27d37d504235c8c9ff21d425db

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b9eb2fece1da05c993b88a6d1950cf1d
SHA1 85a8054d69aeed310931770ec1653bcec9d55a51
SHA256 a07861609e551caefba6d4c795728990d6f2dc7d645c98f7c67aaa4c7d2538a3
SHA512 472aba6c81cfad85c3616ed3027b1a2eeb0f72662bc6065dd22cbde3253e012218bafae04be22182e773e6678f30be12011928dc6b9f6d1babe865a03b233da3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8b45c223a751106e677f95626a96bba9
SHA1 1b4b1ccaee9d06ea68c836e8381aff6b7011c03f
SHA256 f9a0a1680a7eaf774d5afe5e2a59bf6ba890b70ee99b51e364871e464796bb38
SHA512 0c9ab0fb7878052525d5b5f7476d8e1fedb8d5a731b3a09e2a36448017d7551206d499133cab9f3279d73cb48ac4987f75a2fcaa6adc2c3bf3df8196c95d48c0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 beca67f8a052087ca14d7aa9eda8e5cd
SHA1 3466cf525c694a85ad8663f97be0ec5178e92b77
SHA256 3dff55a059a414735a245692febc1fcfaebef6c6b764bad61b33f103a0fbc0cf
SHA512 3185d593904920d3fc435ac5885c1c9676087e984e08123c6b6d25fcbc4f22d7159f94cd58074e0e71c80b6e30719b7277636ab4c06d9223fe1d7aa4eb70cc87

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c0e3c94a616945b4cb51e3eee42aef11
SHA1 d825bc3f9833d8d08f5104686921236c5ffb5795
SHA256 38e3b8f1d932d4c1ade1a787fae856bab47e235723ca8c1cbbdc4eaef35872b6
SHA512 927b551410e730ae2447af5d415141e1b8c12f7126811ad3725e64bad17c5d89e391d47a4e4fb371f273e23c62de46388b233166757bbfdcfea02786360fab64

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 13:36

Reported

2024-06-13 13:39

Platform

win10v2004-20240611-en

Max time kernel

131s

Max time network

149s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a5d23c063d194c4148107288c735186c_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a5d23c063d194c4148107288c735186c_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4360,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4588,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=4676,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5424,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5396 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5416,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5652 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5972,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=6072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=5976,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=6812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5664,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5448 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5868,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=4312 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
US 8.8.8.8:53 api.edgeoffer.microsoft.com udp
IE 94.245.104.56:443 api.edgeoffer.microsoft.com tcp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 static.mackeeper.com udp
US 8.8.8.8:53 static.mackeeper.com udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 56.104.245.94.in-addr.arpa udp
US 8.8.8.8:53 76.234.34.23.in-addr.arpa udp
HR 65.9.189.97:80 static.mackeeper.com tcp
HR 65.9.189.97:80 static.mackeeper.com tcp
HR 65.9.189.97:80 static.mackeeper.com tcp
HR 65.9.189.97:80 static.mackeeper.com tcp
HR 65.9.189.97:80 static.mackeeper.com tcp
HR 65.9.189.97:80 static.mackeeper.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
SE 23.34.233.128:443 www.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
SE 184.31.15.35:443 bzib.nelreports.net tcp
US 8.8.8.8:53 mackeeperapp.mackeeper.com udp
US 8.8.8.8:53 mackeeperapp.mackeeper.com udp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
US 54.225.68.202:443 mackeeperapp.mackeeper.com tcp
SE 184.31.15.35:443 bzib.nelreports.net tcp
GB 142.250.187.226:445 www.googleadservices.com tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 51.140.244.186:443 nav-edge.smartscreen.microsoft.com tcp
GB 51.140.244.186:443 nav-edge.smartscreen.microsoft.com tcp
GB 51.140.244.186:443 nav-edge.smartscreen.microsoft.com tcp
GB 51.140.244.186:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 g.bing.com udp
US 131.253.33.237:443 g.bing.com tcp
US 8.8.8.8:53 97.189.9.65.in-addr.arpa udp
US 8.8.8.8:53 23.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 128.233.34.23.in-addr.arpa udp
US 8.8.8.8:53 105.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 35.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 202.68.225.54.in-addr.arpa udp
US 8.8.8.8:53 186.244.140.51.in-addr.arpa udp
BE 88.221.83.179:443 www.bing.com tcp
US 8.8.8.8:53 loadus.exelator.com udp
US 8.8.8.8:53 loadus.exelator.com udp
US 8.8.8.8:53 assets.kromtech.net udp
US 8.8.8.8:53 assets.kromtech.net udp
US 8.8.8.8:53 assets.kromtech.net udp
IE 34.254.143.3:80 loadus.exelator.com tcp
US 8.8.8.8:53 assets.kromtech.net udp
US 8.8.8.8:53 assets.kromtech.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
GB 142.250.187.226:139 www.googleadservices.com tcp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 loadus.exelator.com udp
US 8.8.8.8:53 loadus.exelator.com udp
IE 34.254.143.3:443 loadus.exelator.com tcp
US 8.8.8.8:53 237.33.253.131.in-addr.arpa udp
US 8.8.8.8:53 179.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 3.143.254.34.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
BE 88.221.83.179:443 www.bing.com tcp
US 8.8.8.8:53 event.mackeeper.com udp
US 8.8.8.8:53 event.mackeeper.com udp
US 8.8.8.8:53 event.mackeeper.com udp
HR 65.9.189.47:443 event.mackeeper.com tcp
US 8.8.8.8:53 6.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 47.189.9.65.in-addr.arpa udp
US 8.8.8.8:53 event.mackeeper.com udp
US 8.8.8.8:53 mackeeperapp.mackeeper.com udp
US 8.8.8.8:53 mackeeperapp.mackeeper.com udp
US 54.174.11.255:80 mackeeperapp.mackeeper.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 255.11.174.54.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 145.83.221.88.in-addr.arpa udp
BE 88.221.83.232:443 www.bing.com tcp
US 8.8.8.8:53 232.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
BE 88.221.83.203:443 www.bing.com tcp
US 8.8.8.8:53 203.83.221.88.in-addr.arpa udp

Files

N/A