Analysis Overview
SHA256
597aae8c7cddfa18a2cc5b6d63d5f901cabe70e8c4b094e4942f617caa01ab3c
Threat Level: No (potentially) malicious behavior was detected
The file a5d23c063d194c4148107288c735186c_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Modifies Internet Explorer Phishing Filter
Modifies Internet Explorer settings
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 13:36
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 13:36
Reported
2024-06-13 13:39
Platform
win7-20231129-en
Max time kernel
144s
Max time network
145s
Command Line
Signatures
Modifies Internet Explorer Phishing Filter
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PhishingFilter | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PhishingFilter\ClientSupported_MigrationTime = 90b580c296bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424447679" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{FD8E9121-2989-11EF-9479-523091137F1B} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50f16dd496bdda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000002c1ebc0b151a64fae6f058938a0f4ea000000000200000000001066000000010000200000007a0c653b9e3ba19918db5e93b394069574cbea7b9881ff578700d1a3bc11d701000000000e800000000200002000000045bc0ba5b9f1f858d26a8be67ebede93c11c8360c57c44deb758b75b245562aa9000000006564b519ebe1fa12fc2abc114ae79455277cf94114ef5b8f8f9a7047a0a3b3334839cd57fe71ec81ff26e868e3feef307a90c97658209e9b520bb8a022e542d347f942f9abbf2a89f3f00c7f4d2531f6b9afb7550bea240f9068cd228b285d5f14a91e5a5d250131a5d8f30b241a9fbfc90de632b89232ae7ab8e54ff625356227b07411c7db20ffb108272ed6792cd400000000bbc22fb42b30ab8ccbc0c65eaac90c1e13f09449f9e3b3b0a14b00d740ba3108642bfae341e141df8ced17befa207596b5ac3f49687aaf09928374e4481ea90 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000002c1ebc0b151a64fae6f058938a0f4ea00000000020000000000106600000001000020000000f99b2e1a79b4dc8b4a60f1ed1c89b0738eda498fbbf8a86cf20c54dc38ca6d10000000000e8000000002000020000000ba683afe303c14ddaa0e0e8e39a3f0faaf46fb104281f0b8ef392f8da3c740ed200000006c41eb47f549ecb04a66a36796be620001b26fffcc443c3047e10fcb18590925400000007734185e9a75f2febac042b97f94e33190bf75353e66c952b83126b522970c2ce6142cf39eeffb0a68f569aac7f893bb3c92ec2bcf5004e623e142ec01eccfee | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1788 wrote to memory of 2264 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1788 wrote to memory of 2264 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1788 wrote to memory of 2264 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1788 wrote to memory of 2264 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5d23c063d194c4148107288c735186c_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1788 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | static.mackeeper.com | udp |
| US | 8.8.8.8:53 | loadus.exelator.com | udp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| IE | 34.254.143.3:80 | loadus.exelator.com | tcp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| IE | 34.254.143.3:80 | loadus.exelator.com | tcp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| IE | 34.254.143.3:443 | loadus.exelator.com | tcp |
| US | 8.8.8.8:53 | mackeeperapp.mackeeper.com | udp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| HR | 65.9.19.26:80 | ocsp.r2m03.amazontrust.com | tcp |
| IE | 34.254.143.3:443 | loadus.exelator.com | tcp |
| US | 8.8.8.8:53 | assets.kromtech.net | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | event.mackeeper.com | udp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| GB | 216.58.201.99:80 | fonts.gstatic.com | tcp |
| HR | 65.9.189.52:443 | event.mackeeper.com | tcp |
| HR | 65.9.189.52:443 | event.mackeeper.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| BE | 88.221.83.179:80 | www.bing.com | tcp |
| BE | 88.221.83.179:80 | www.bing.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BEEP71NP\loclist[1].htm
| MD5 | 4aa7a432bb447f094408f1bd6229c605 |
| SHA1 | 1965c4952cc8c082a6307ed67061a57aab6632fa |
| SHA256 | 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a |
| SHA512 | 497ba6d8ec6bf2267fe6133a432f0e9ab12b982c06bb23e3de6e5a94d036509d2556ba822e3989d8cd7e240d9bae8096fc5be8a948e3e29fe29cab1fea1fe31c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar175D.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3ba0bf9b1db15b8ab18ee3dea5daaf8d |
| SHA1 | 28e0052c093068df0cf563e63a740e622a21bde7 |
| SHA256 | 948e1c78ed416ee94f36a071f04ddd6478b2e74805f2cdadd179f0631194bb9e |
| SHA512 | fd95b756b4bcfd69c23d84e0bcac6834301519f617bbbfb7fa51c986d67a04e49ab269adb4f38bbb672588ac82dd85da673e667aeee7fb0b12bbd08ecbc34550 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0f23a1394279c2f889aec4cd0ca96008 |
| SHA1 | 6596c4159a4b7296aa9bc9b83a5ad01d8d7055c7 |
| SHA256 | 6e4349b5cf366d994156811bc3b8f9741d966a280a03bbd4df0363c37cec1dcf |
| SHA512 | 2c921521027984b8b9b9d322ef67b656a64ce70455b8f970d7cedd7c995ebc74524831cec149abd5b4140c9cff6d7e49b39d11390eea8a0f0cbdbc45e0918053 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a8b506f13558a235b1e26529565c60e3 |
| SHA1 | 6afcaeb1cb34a782265073400a5f9627adb35015 |
| SHA256 | cccc1d96af3668b54bdaa00e4cbe47c772565e92dcfdcd07f44bea27bcedbf07 |
| SHA512 | a59ea6e532e741a4a4246a847949f1bb776a0e80a5383cf112dbc60d7eb36b0eeb121cbb3f3af3fbedea81c93aa9d63d3467a65bded0953599b95930fd454a1a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d0b035592db25fba6e3fee77fe0b9c8e |
| SHA1 | 99261f982c6975a1e459662457f848458b2a02c0 |
| SHA256 | 5aedcb38fa43874cd13232947322da2d6b7b1d78501d8c113323d0f88556de38 |
| SHA512 | d827f231bede78fbb5c68cac8a4ee3f75455d334e4d3d9d47f3847f31d995e8387b7e08310388aa0de1cc69c3f6272a25773ddfba52f748e8c809b3ec03cb8b1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 15eb75827cedb0ba632df7b25dd107ea |
| SHA1 | 04a2bf9e5879571b3cec8cc461fa8f34890b08c0 |
| SHA256 | 2ee3ade395eeb4ec9c325fec33996ca7405d1f102043002aea020bc6c48815d3 |
| SHA512 | 43c477d4ebab6f504a1132f6a7e817fc54fc72e0c5be4c7f3766b23926090fe84d4fd1603d6c5923ffd19c7900b2cda72adff8b1659b711b519e4c1b85892adf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
| MD5 | 37c4aa246ed361487f8486ab05eb68ae |
| SHA1 | 8d34f260f30869225e683e41870877878d1d9cd5 |
| SHA256 | abadb92645f7be647effe3df3066fdb673a65739344f2d3c063d9d230f5813d4 |
| SHA512 | 736b4060e7ba6df81511590c9ab60f2d00670856f024df29f92c518318d94475d209a97757deb5cf4d7eda0eb33c518a466dfc45d011acdcb8e9b1e082d580ae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9b4930eb2879142050388241f4157e5f |
| SHA1 | 89f7dc0b6275697ab30a178f5663ee023c4ac01f |
| SHA256 | 0240f0ddc65c1c4d05e3c639b7704873b1cb5031700640f546eefa74dfd9906d |
| SHA512 | fe9aa002ee9515f55d446533c5a1baf834cba3ca9e499838b164d1f405bd9bcf44e8ec9688a8e94109b37b70a695f026c3e88d3dcfcb95babb804b847450bf0a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e6cc73cfbd4544afe1db40f8300d7abe |
| SHA1 | 2520c6b64f76e3381235bba9327115c7908420e8 |
| SHA256 | ab1519c531e6ff23eb9d5757d736af2429232b67ef5c7bb8a0ee1ddac154b62b |
| SHA512 | d8b2ece86166fac5cac830f831a6bdb4a7b73a1fd02f9c91828b41ac7999240ddb83c0b9f6054d03a3412a21cf5357a6cfd3c450513cdfed69d333623b3688e7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a84873d0bb622ff5e67ae862bf193d78 |
| SHA1 | f260c943679773a5a24f7476763ce3e83bf5bd15 |
| SHA256 | 054fa980a99d8514cfd0ce3763cfcbe6b6d81c48ec9a8702a157c717bfa6411e |
| SHA512 | c8a25a8f1d5864b7b3fa4763c862586d4e6d90acb2f589bb0cc3432375786af43c16d078b2c03f65a679cd973dccccbc4668a1659f229243cdaee56925256841 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
| MD5 | 148ad31c00fab3d15026cf06f2cb6d21 |
| SHA1 | a2dbb750324a6314cbbc72d82f28aac4b745c9c5 |
| SHA256 | 601089c8394db683541f3b12589c07574c8e72dff1b44acb83b6bb706db29147 |
| SHA512 | 8d9c1536a2e0bfe3e84257f740e773e069584dc63216810ede4b05c4b8cf2133a20b2e0c27def21d516949545629ed8e761ff884207f30b692d142a9a0475d45 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
| MD5 | 0e747431a0a0e5b4b512a20364a54ec0 |
| SHA1 | ece31c69c7adae831dd82ce65d34affc6805e0bb |
| SHA256 | 5b7ec9afa8be218c8fb6abe5ec50e7e220e899837a61f62f8a971d4799f81559 |
| SHA512 | 6afc3ca8a262746de9211ee98fee82ba1574b2d799205245df9083bb96e48b1342ba835a37a15b1d219f5830c4cf3257c18646cda476a0e527eab60fc2211f20 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
| MD5 | 6ca1ef180f252a2a62c287c8d33797b2 |
| SHA1 | d1885bf439ceae45c4686b6ac687e112c20d7cf1 |
| SHA256 | 7fba2a2664f0e1e0fa652a5baec89c1d6a92cabdf526820a8e1ef0517526957d |
| SHA512 | 7b5dab82ea8c18addbcdc6f8bf319acf4c6935fd049ae86824c4b5e1dec55ca398e041fe93739f879252c641aa197f564438eb9b46e4b9e32e6942ee5dfe9b10 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
| MD5 | 30290873dba795dc3693b0bdb5f3230c |
| SHA1 | 49425c4336a5dfb8b351c71a623e26349e5ee8e9 |
| SHA256 | e1105b9c81dc4fb07d6b9c68d677e9640b06de61269d139eba2c00f2084f28cc |
| SHA512 | 2ee5388a5a3410928b8b63b7917e4e806dad7e226411591ddba8daf226e266531b94f49dcf55d6e41577f703aa0f2d20f5c74d6a378d6b2230f51e1aaedf14a3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_645BC4A49DCDC40FE5917FA45C6D4517
| MD5 | b4665754bc1bdaac5ed62bda9c58729e |
| SHA1 | 38611506903036cbc994f86807b751fdba599237 |
| SHA256 | 43639f4b1724551cd5a8e8b79f832689794c0ec13c8a8bf8bf0b38ae3bd11cf0 |
| SHA512 | 6a03851def8ef57c967feff149221a177c640d229ca4fc774fb077e0d122f624d62b48d85bc252856110d51064f9189c2dc4647c64b3a791c5d07f01da52ebd5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\75CA58072B9926F763A91F0CC2798706_645BC4A49DCDC40FE5917FA45C6D4517
| MD5 | 9098d3d858da02b9157361ebc37c3483 |
| SHA1 | 7fe4132b4732e9ddc3fa877cc454fcbecd840bc4 |
| SHA256 | 5a8b0f644b24c81a2a4b853479b0b4f3133efefcd10395ca9780842debd86b98 |
| SHA512 | 81510c7440f4f7d619a4fdaf95f69e15b52b9aa5520270dd68b3a1b4ca8b77c0eae772cb03aefd9ffe3db5db837c261d82dca83c0c0f85a105127ed433d1b07f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\83D863F495E7D991917B3ABB3E1EB382_4D506EBD8371D43E19D08592A41A426D
| MD5 | e5b1174648f46d8f6b1ef5cd805933e4 |
| SHA1 | 5b7d160a4d9fd5a3dca01f880272957eab244ee0 |
| SHA256 | 73aaff0414982dad03b13f53c7751848baf2f12a5397244756e9fd92c70ab20f |
| SHA512 | 2b88ce0200b46d2addbef465c581074c2f1259ad7969043f4a5b156fbcc24c2d0229db7c74800468ce000f2c0fc9b5af487721efd6b2a4f8633301a7b11ea07d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\83D863F495E7D991917B3ABB3E1EB382_4D506EBD8371D43E19D08592A41A426D
| MD5 | 5fc2cb94a96cd0dfcb5e4d0e4cfdfabd |
| SHA1 | d8b0e6d15349c743320a717548de8b947bd6c504 |
| SHA256 | e3a7b0a871338263878cfde538c2259bbeba54dda73fd19e8eaf4786357d43f2 |
| SHA512 | c00e07d87ac0930a49a402a271d58d3ff90acbfd619caeaff401b4bee4a0f5f3c898528b48e7837d02a629ed6b6166ce6b168f7964c2e79844a3ec4b25559d87 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 14b1054360c8de4afaf07bb5c773be3b |
| SHA1 | fd2c36bc25fcab3649a6d5e272407913a5bf1507 |
| SHA256 | f826514e21281fa166b150776e04e3e2631b8dd1ec82bf7245a4f5a50b61b9ae |
| SHA512 | 13e1c0700eade8732673910e4fa3996761915a620b5ba4ea9740fb6bd5a2d2be7f569649b53cd6b2fd5896a16d0a21062dbcd379dc136585cd0acded9b12e97f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6cabad4a5b8bd10800c0c7c587985150 |
| SHA1 | 5c7726820dd971f1cd21a3faa75c05e0b35ed23b |
| SHA256 | a889afe47f86bc4ab01549eeadd05ac073712befaeebe7f5b931cfb611a660e1 |
| SHA512 | 929df13f6e15df48031f4d6f9b4f228e9e3d3c5bf4ab2920858f8203bd9ee1dda1fdeb481d399ee91148edbfc08e4af15d4230bd20280338c4a45041dd9967aa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dccc0793816615fd0eef12332ad0ffd7 |
| SHA1 | 1e94e5d7470de03f94e9af4ba16742f93d3234ee |
| SHA256 | 883e6b057cb623f8f7a6ac220f909ac641d4ed72b9c095804cbdf0effc823654 |
| SHA512 | fcf501e37ba2a38b9bc725faf508f03ffefdd23a19c7b12742fcef0ab76140982326faa15023589a77c423fe1f206290b874c27ea40faf42aca6f8b59f23946e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 78a5f4d30a7ebdc657f814c902597156 |
| SHA1 | 5e5294dc6a148e6df461104bd6d6b2984195c29b |
| SHA256 | 337738104d5c95fe2e2cf2867d785a844065ba1f4ba82e568a761b683c7334e2 |
| SHA512 | 633a4f6107cea0560f47379ed79d8d1993fc2a4d4e4ac77715bcf2d4f763964dd5a49e32d63fe3fa010e6adb7da4562daa7662be09fdd659104fc585a03e76e5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 94480db44040ade8b9fbc1c30554a87b |
| SHA1 | d984eb42aaff96c5a7835ef19f5f4ffdfd2fec30 |
| SHA256 | 6d2ffa0c4e363f625a48865f24c8e96dd77c9efdba21a83efade5aa00b3ec118 |
| SHA512 | bddafbd1714487f408156131fa82f581b0d3833d727c51189728bfd46b1c9936ad858003487fa2dc224709c14d51aaf8927a75351f81cd16eaa123908b1111d1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f838444efbd2f1245f9657998c270cc2 |
| SHA1 | e99a09d8e007d8349fa088f47128b6e3b417c4e4 |
| SHA256 | d62f1b738e692efa0b68bc540c21d763fa8422008aecddc0befcd173585d70ba |
| SHA512 | ef1af58138da4373e5e78365be0e1cf417e5649ba8d06bfed506264e1e8516a96cf322a31062972d9eea448cebfe9bd2c4d776e9e55625da39fd6da0ef8a82c4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 095522399aff8288901c419247a5a7a8 |
| SHA1 | 91d1b4b5f8142e3dbac92a59ff705c4f86269981 |
| SHA256 | 9d268cba49c64bcfb804d0216c8f801df3f88086dbd5a80b4403edb4331abfa8 |
| SHA512 | b898d55ec6b828cc1f09bffae141e03463e14501d909e9a44bcbe18cf6a67fca27b01dde86afc7542583be1fde59e2dee87e927a9af80fbbba91d8759cf7f040 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ccc9a54b8e955b85e03f21af145c8822 |
| SHA1 | 41ac0f32c714748b85641711557c51cafe542976 |
| SHA256 | 7685b42164c8e7a96904bfd67314049c2c2bc6160d6fe0f31a45db2d29b306e6 |
| SHA512 | 19bc190dc1050c91ca94dc4c8b1556b25d5f6b5fee20709dcb57e66072c4387b576405c13d9531bd0fa1beaea23b0ed23525cfeff328d5d2b30f1cd52c4c6a4b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 69ab81aed8d49f8ca5c2b7ab13e4e308 |
| SHA1 | 6306baa72c1127f5bad39bb55e9f21dd97f7b042 |
| SHA256 | c31c4caf57e1e5593c6c048435dcd8b16d7ea96a31a27fb576cd80138e5f42de |
| SHA512 | a3190e9739ccdce7f4a79f432fbd57f0a6df0cdb57126bedd053fccd89bd1ec7696552ca1c0a39c3b4f4b4e6b4e2663cde2710c64377556a86773a450d6b9e76 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b891085e1a429caa621b6ada26434c2e |
| SHA1 | 01932ba6f78bd57443bb28865dc13a6bc478cd94 |
| SHA256 | 41e2e6efca2c771e0507528de9a61a3439e8436d84441d9f1d91888653f07a6a |
| SHA512 | ef4515a880ad3266b94aabea46b6c169411f4c46246e0cba22ae0d4186b2bb75ad187f4496b219a2b4690b60da699d3f0cae0a17ea82b5405c1582b5ca9fd748 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7ce9ba64b2a3bc101dfaff3739a2acf9 |
| SHA1 | c4bc052b5fbf991b833ad90c8d208ff1b7e7066c |
| SHA256 | 7600dce36070788286f8060e294d5a77227325195ec3a6eca1740c6df2994928 |
| SHA512 | 5bd6dc94f1e4a35f156bdb339007b3744a8ccf0600fb7e1fd4118c6f7b26e427ab22baa6ecb2b003fb9ce16f5adcc67313a5bb93ad23698cf673d01279af6bbf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a7656e207a830431e3178ef233dabbcd |
| SHA1 | 5d90ebdc223250579f8b3065c5216ac967e2fe27 |
| SHA256 | 0c34708dc7930f15eafa743e742821bfd8b5ceb0ed8fa27ac5a298f1ec8cbc8b |
| SHA512 | 222cc55fb6a0fcb9b6742beb7698ce96b3c1c6a3d3908c020b2e0ada0fd24909db53cfaf9c820e228b42e68f8b1f536b1fbb7d27d37d504235c8c9ff21d425db |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b9eb2fece1da05c993b88a6d1950cf1d |
| SHA1 | 85a8054d69aeed310931770ec1653bcec9d55a51 |
| SHA256 | a07861609e551caefba6d4c795728990d6f2dc7d645c98f7c67aaa4c7d2538a3 |
| SHA512 | 472aba6c81cfad85c3616ed3027b1a2eeb0f72662bc6065dd22cbde3253e012218bafae04be22182e773e6678f30be12011928dc6b9f6d1babe865a03b233da3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8b45c223a751106e677f95626a96bba9 |
| SHA1 | 1b4b1ccaee9d06ea68c836e8381aff6b7011c03f |
| SHA256 | f9a0a1680a7eaf774d5afe5e2a59bf6ba890b70ee99b51e364871e464796bb38 |
| SHA512 | 0c9ab0fb7878052525d5b5f7476d8e1fedb8d5a731b3a09e2a36448017d7551206d499133cab9f3279d73cb48ac4987f75a2fcaa6adc2c3bf3df8196c95d48c0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | beca67f8a052087ca14d7aa9eda8e5cd |
| SHA1 | 3466cf525c694a85ad8663f97be0ec5178e92b77 |
| SHA256 | 3dff55a059a414735a245692febc1fcfaebef6c6b764bad61b33f103a0fbc0cf |
| SHA512 | 3185d593904920d3fc435ac5885c1c9676087e984e08123c6b6d25fcbc4f22d7159f94cd58074e0e71c80b6e30719b7277636ab4c06d9223fe1d7aa4eb70cc87 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c0e3c94a616945b4cb51e3eee42aef11 |
| SHA1 | d825bc3f9833d8d08f5104686921236c5ffb5795 |
| SHA256 | 38e3b8f1d932d4c1ade1a787fae856bab47e235723ca8c1cbbdc4eaef35872b6 |
| SHA512 | 927b551410e730ae2447af5d415141e1b8c12f7126811ad3725e64bad17c5d89e391d47a4e4fb371f273e23c62de46388b233166757bbfdcfea02786360fab64 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 13:36
Reported
2024-06-13 13:39
Platform
win10v2004-20240611-en
Max time kernel
131s
Max time network
149s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a5d23c063d194c4148107288c735186c_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4360,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4588,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=4676,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5424,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5396 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5416,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5652 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5972,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=6072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=5976,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=6812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5664,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=5448 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5868,i,3595107284059830391,18018199024659337217,262144 --variations-seed-version --mojo-platform-channel-handle=4312 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | static.mackeeper.com | udp |
| US | 8.8.8.8:53 | static.mackeeper.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| HR | 65.9.189.97:80 | static.mackeeper.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| SE | 23.34.233.128:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| SE | 184.31.15.35:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | mackeeperapp.mackeeper.com | udp |
| US | 8.8.8.8:53 | mackeeperapp.mackeeper.com | udp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| US | 54.225.68.202:443 | mackeeperapp.mackeeper.com | tcp |
| SE | 184.31.15.35:443 | bzib.nelreports.net | tcp |
| GB | 142.250.187.226:445 | www.googleadservices.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 131.253.33.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 97.189.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.68.225.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.244.140.51.in-addr.arpa | udp |
| BE | 88.221.83.179:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | loadus.exelator.com | udp |
| US | 8.8.8.8:53 | loadus.exelator.com | udp |
| US | 8.8.8.8:53 | assets.kromtech.net | udp |
| US | 8.8.8.8:53 | assets.kromtech.net | udp |
| US | 8.8.8.8:53 | assets.kromtech.net | udp |
| IE | 34.254.143.3:80 | loadus.exelator.com | tcp |
| US | 8.8.8.8:53 | assets.kromtech.net | udp |
| US | 8.8.8.8:53 | assets.kromtech.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| GB | 142.250.187.226:139 | www.googleadservices.com | tcp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | loadus.exelator.com | udp |
| US | 8.8.8.8:53 | loadus.exelator.com | udp |
| IE | 34.254.143.3:443 | loadus.exelator.com | tcp |
| US | 8.8.8.8:53 | 237.33.253.131.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.143.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| BE | 88.221.83.179:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | event.mackeeper.com | udp |
| US | 8.8.8.8:53 | event.mackeeper.com | udp |
| US | 8.8.8.8:53 | event.mackeeper.com | udp |
| HR | 65.9.189.47:443 | event.mackeeper.com | tcp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.189.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | event.mackeeper.com | udp |
| US | 8.8.8.8:53 | mackeeperapp.mackeeper.com | udp |
| US | 8.8.8.8:53 | mackeeperapp.mackeeper.com | udp |
| US | 54.174.11.255:80 | mackeeperapp.mackeeper.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 255.11.174.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.83.221.88.in-addr.arpa | udp |
| BE | 88.221.83.232:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 232.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| BE | 88.221.83.203:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 203.83.221.88.in-addr.arpa | udp |