Malware Analysis Report

2024-10-19 08:19

Sample ID 240613-wt5fesxepd
Target OneSwordGraund.html.html
SHA256 6c1ed45c772d54b3de34a4f84cf8f4568eaa607cf2c7fd77946ff91b12d54825
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

6c1ed45c772d54b3de34a4f84cf8f4568eaa607cf2c7fd77946ff91b12d54825

Threat Level: No (potentially) malicious behavior was detected

The file OneSwordGraund.html.html was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Modifies Internet Explorer settings

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 18:13

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 18:13

Reported

2024-06-13 18:16

Platform

win7-20240221-en

Max time kernel

60s

Max time network

127s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\OneSwordGraund.html

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c0449f72bdbdda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{AE10F301-29B0-11EF-B238-4AE872E97954} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000053dd498cc7c68843a323ae77a649378c000000000200000000001066000000010000200000000791b9c151e46c4ec21c7b28117ffe317d06d099faeecc6460a5f1515dd80019000000000e8000000002000020000000b5aa46857e072d5c5dc9fe16dd5adf8cf6fdf982157c3f614fd4e62773ca572f200000007d7f0b27a4c102e95b52333f43c3dc0afbccb6b0a2a94bbf537b5446aeea33c040000000a1a309972df668d3d66d7642d38b5ebfdbfd4e28b566cb1ce279cd7c2f34e95fdde92a3182fc5cbb6dba7835d2818bc916165afe18282ac0444f932783e20a9e C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000053dd498cc7c68843a323ae77a649378c00000000020000000000106600000001000020000000b0022ef9f7bde79924939c2812c582b6bd91be5ca7144023e721c1196a0ccfa2000000000e800000000200002000000069d82667db654b31b733052f6c8210f9aafea0ef6fb82aa8265bbc3600c6261890000000e0f5a0039a8054f228eb9aeffc36b0a95bb2d00307f6f2bab67bbbf85711c87415f2b0664eb598660724369d26f144aaf885287a0b66a713bcf115a706ccd1e5ca01c6f1a82e8b444f2f36d129ac350d9084e5d1773df2e2da8d9f68a87418f630100f5c295ff549463035183a0cb82acd77d4da1d5ad87bc3f9a1a99f248a5c047833f6583faa313fc7be1f60a3058f40000000176a27bb5583a258a0f9e7edce824c4267621e9540f1f8106300edb2317ae3cfbb912a2b1c52320a5dacc310f2ea098044d545bd9f2ecb7a2a350e8ff0454dc1 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2000 wrote to memory of 3024 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2000 wrote to memory of 3024 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2000 wrote to memory of 3024 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2000 wrote to memory of 3024 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 452 wrote to memory of 2864 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2864 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2864 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 960 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 960 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 960 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 452 wrote to memory of 2260 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\OneSwordGraund.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2000 CREDAT:275457 /prefetch:2

C:\Windows\explorer.exe

"C:\Windows\explorer.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6239758,0x7fef6239768,0x7fef6239778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=992 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1604 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2272 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2280 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1592 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1568 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3448 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3520 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3516 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2244 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2548 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2296 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2256 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3884 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2308 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3884 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=1908 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=2740 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4112 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4244 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4264 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1564 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=2568 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3392 --field-trial-handle=1472,i,12990321029487169183,9905196434599463250,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 dosya.co udp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.200.14:443 apis.google.com tcp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
N/A 224.0.0.251:5353 udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 dosya.co udp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.18.11.207:443 maxcdn.bootstrapcdn.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.152:80 apps.identrust.com tcp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 mwlle.com udp
US 8.8.8.8:53 duvuerxuiw.com udp
US 8.8.8.8:53 youradexchange.com udp
GB 163.70.151.21:443 connect.facebook.net tcp
US 104.21.72.31:443 mwlle.com tcp
US 104.21.91.188:443 youradexchange.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
BE 108.177.15.157:443 stats.g.doubleclick.net tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 pubtrky.com udp
GB 142.250.200.3:443 www.google.co.uk tcp
US 172.67.188.110:443 pubtrky.com tcp
GB 163.70.151.21:443 connect.facebook.net udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.bobgames-prolister.com udp
DE 18.158.88.249:443 www.bobgames-prolister.com tcp
DE 18.158.88.249:443 www.bobgames-prolister.com tcp
US 172.67.188.110:443 pubtrky.com udp
US 8.8.8.8:53 www.savinist.com udp
US 104.21.77.171:443 www.savinist.com tcp
US 104.21.91.188:443 youradexchange.com udp
US 104.21.77.171:443 www.savinist.com udp
US 8.8.8.8:53 www.opera.com udp
DE 18.157.200.109:443 www.opera.com tcp
GB 216.58.212.195:80 www.gstatic.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
DE 18.157.200.109:443 www.opera.com tcp
DE 18.157.200.109:443 www.opera.com tcp
DE 18.157.200.109:443 www.opera.com tcp
US 8.8.8.8:53 cdn-production-opera-website.operacdn.com udp
US 8.8.8.8:53 www.googleoptimize.com udp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
GB 172.217.16.238:443 www.googleoptimize.com tcp
US 8.8.8.8:53 www-static.operacdn.com udp
BE 104.68.66.120:443 cdn-production-opera-website.operacdn.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
DE 195.201.111.49:443 dosya.co tcp
US 8.8.8.8:53 server4.dosya.co udp
DE 116.202.156.22:443 server4.dosya.co tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 www.bbml.site udp
US 104.21.65.54:80 www.bbml.site tcp
US 104.21.65.54:80 www.bbml.site tcp
US 8.8.8.8:53 rx.tycm.homes udp
US 188.114.97.2:80 rx.tycm.homes tcp
US 188.114.97.2:80 rx.tycm.homes tcp
US 188.114.97.2:80 rx.tycm.homes tcp
US 188.114.97.2:80 rx.tycm.homes tcp
US 188.114.97.2:80 rx.tycm.homes tcp
US 188.114.97.2:80 rx.tycm.homes tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 172.217.169.46:443 play.google.com udp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 3808e34458dfbe8d3dca23774554b429
SHA1 6d15eb19c52416f5537cc1df6a7318d247e68037
SHA256 54530deaf8a5b92054259b127ba41c6ed4d86fb21d18733aa43f722d92f67de6
SHA512 fc96034d4334aa36c799b34d46acf6d2282c5557983245678dd2933b2dc3c468667f338e1bcb6dcffb1ffd9b786d52e8051930f9c93bb156ad8e493813c74266

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 f8aa1a291d20db704aff8dcc99c0782f
SHA1 52ce8f8661c98ed78ce5e778da3ee0a6063eee0d
SHA256 67e07cd7b225a0c1e39e6977f6c9605db430dc8bc953f619b8e6576c0bbc7d0e
SHA512 ad9c5756b501c2ab332eed9f82a3d8ab1efa36c1163bf875a249071ebc3ca12866c470396b42510f73a86117d56e074bdb4e82e55d8ce14f7028168a5a350cc1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751

MD5 0cd5f4412ca1842dc43d26d81c31dfa5
SHA1 280d2fb26258f8fd7f5ec372db79f46989be3838
SHA256 05291822d56e03cd2b1abf5aa92dbcd860a94171f084c8cf11cea801c18c0b13
SHA512 9b18534b6371c64e3bcb54ce26f89d855ff738b0d4ad6eac794c8bcca56a2da4becdef065fc6e4b103a3e2d613919e85433c7ef3e9359540e3feda96e4dba62f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751

MD5 822467b728b7a66b081c91795373789a
SHA1 d8f2f02e1eef62485a9feffd59ce837511749865
SHA256 af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9
SHA512 bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 2d4b4b32870d70032d2b77065c9121b1
SHA1 044bf17d943fc7a70b4b31420161cb87179d8017
SHA256 b953847814f559f7f68edfcc3771fc5c14368016a069cd0e461ed0b87af2d838
SHA512 c56576070387a02252231a7879a737c09db8503726e9c63232ede3c80e6add5202d689141bbbef9d7c61245c8b66042ca007b92744de5d509ffdf67356e78072

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\Local\Temp\Cab2454.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4E1544EACA46ABE403B306173AA66D38

MD5 7c4583bd9c9132b700c669c47c6f7dde
SHA1 014049c82cc026a841ec13155a3ddfac93dd6f0d
SHA256 106ba93a82a9a22d56b329d3780ee6c383dceb1bba3bc7495bdd34fe09eab036
SHA512 027dd790a3c2f6a88f7c50b9e064751d4cadb2a8de44b514a1cc3468fb138a28e7bffcc7d8696c24e644925b8fba2a5b5a508b28aaf7ff12ee8517ddb96752ab

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\css[1].css

MD5 f93df2556d35f939e3852ed473eba5ca
SHA1 10b4581f4cc38c3d67af4c67edaec0fad3e70d70
SHA256 e96b5a0748e7a352b8b49b2069d434edbbdd46ba5eaf6c32b635053868544543
SHA512 338578823b336f8eed9efb6254217ca1195dc0245de50341109c9a844db412ef7ea63073548444bdbacdda3819f6863819d60080a1b585a01c257675dc164566

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\platform[1].js

MD5 ca058c47f91fde91fe2689ab8e0b8a5c
SHA1 f49a88830ab0aedec26386d901232aba544e57d5
SHA256 376d19623973dd693148671943ac4e30194fc816761688e08ddfe9dc8553719a
SHA512 8bc32d1ea3217b651c9842f222612361c129ec5397f176d9724ea154012ffe774818d58292e6eea22deea5b466ae9667a878b5c1bbbf386070d74ed9764f2ab8

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\js[1].js

MD5 7a0b174eb15e71c8d25431ea7f2ddc88
SHA1 2215ce242a8df7cba17658e6e66996c0bc2df34a
SHA256 9dce7b91e94e916e7a62da8dcf7217dbf70d1bc6c0aaba94788f3155b69100c9
SHA512 310d55c8a4bcb389c64c947e488760ef7124437b5295c8a14a91d3f4da3e64eba9741e794c1abe2b92ad1120529b90de0ee95c5fd0de84dbaf548bd99a9e0e94

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\scripts[1].js

MD5 e9fb3cf87ee13f155ec562cd0da4c218
SHA1 10d89ced7cc970dbe934618775d45fa1a8dafc21
SHA256 5078e3c0bac573204f58dbd1c79b9c0b22512b694fb7ccde42033a21b4d8b3a4
SHA512 0334d96420885004cefaac0330373d181cfa28f6d9f5339aa6c9350ff9c7d5be49af920f8f3077ef1c5f2615cf4ac0c17368216e4cd066c7c42195536c11bab1

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\tabber[1].js

MD5 0880f2156f9558784310444fb6b655cb
SHA1 12a6fd1d0adedeaa2a3f833de2a5e0a3aa977776
SHA256 7ac6bf852bca18388c96034f79df97d36c49431eeca883e52dc26f43250b9dc9
SHA512 6c72a9acc8c849b994bc7c3911e5357c0616bf18e78378f73c2c78d6f2772c2bd49ac8f17c20a6982194fae3bd1abebbcdcdc731112a9cf900d24b4687b46bf4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cd7a2b9d92721d744e83d2a67b2cb048
SHA1 04fdb1e7c9cd14ec6b4fc2c42c34c9bab5d22540
SHA256 5c558b07769d47fcbdc9cbc3b59202d6fb6ce06d8c5e80e0828676b337099975
SHA512 a142cc6a76a9eacf498ef0bcfe2bb95311113b4ed50023c0626483d3809f643dbefd6248182f593680563264b4b60629c40e909acd83dbb79407b86acf4be88e

C:\Users\Admin\AppData\Local\Temp\Tar3B7D.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar3CDC.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0b1d3adafe8332fa2f3c9ac93c6c3061
SHA1 0fd91d683e607a596eb8d719debe4e13a1cf017c
SHA256 57ab596cffcb7c088260590f3f82fca155452e55d69aa38520d2e59406e1e447
SHA512 408ae3369b077d7ad34848647a37bf937389d20a232fadd61ee28f3b13f6b5593687bc015e8b8f767575dac7d40aa94cecc533096c7d7101e4a7e530081e0f0c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5373ea9ab33164ce854e55aeb6498b24
SHA1 180e3bedeb97005887a864dc4aed01b9791be7b4
SHA256 bac1f0ae2609aae94b6ee68b68d161fbac1980148638e9c8f05c65aa7b0ac656
SHA512 29e08ec8ee42f2d5a64530ea5515765f0f307401829c004f12ed19d0ca36ffa1f8002a08098aca0d69f77433b601c4376c47ea5255553bdabcf1c6603e28bfbd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d6715568714aa3a5afb314f394143a6d
SHA1 72930244447f60a51b511237a7b06328dfee8cf3
SHA256 bbe250671112c9b2f6f795056413855d605e77753799523f627cda9b4a0227bf
SHA512 3fe4891a12de7c8ea2caaa02dbca42f832490566e8f0e37626034ae2dde8b78ebc1ab6b6bbc1cabd36e23015ca194cfac243b296a60f4c9b470042ac69e87fee

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fa3a1dc700fd0aa635bb316c6fdb3e75
SHA1 66d52c441011fdd87abe0beb801323a6ae16fd57
SHA256 6b8d8b48ea746b1a10dfdd437707fd2296d3bdfc5b2d1275e8dd01082b220f8f
SHA512 2169d794cd4d5ce1199c64f42dffac797b2e5c806fd171f4cf65b2662f9bd9bef61dfd5c7681d7f7a5ed4cc6490dac4520e579a19ab99cccdcb78b4ecd7145f1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 92d13c7f7c3a4653eb7133027fec8dee
SHA1 91cb651ba35d111cd6138600fffee653ff9dde50
SHA256 7f5e93f19f5e1b8ec0ebb245cb6e6d52d3e8dc11eff56a67ba9c7e8293d79b57
SHA512 9615c666af0d86c77e2acafd70a77cb869d3b3aa0be296846eac0b3ccee9e3b9413996044f00b4f54b68a4bb52036453ee76dcbdbbcbdde12d8068660194929d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ad18d97dc2aafd1bab186404df91108d
SHA1 5d792c5a5e2539fe5c84422c1e21d23ae7c5b4b6
SHA256 02577bb157efbf14c42662633155ddc97dc36358d7df950a2de9bfcda7a0a447
SHA512 531a46908e3879f4ac3e758faf7c368e0609728c6fe18feeebd8bd88a0240f18265929e2c58a6b5b353959ad56ab14509813b0fa1aea273372abf7d910499e5d

\??\pipe\crashpad_452_DAKAJMKUKKSVHLJS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_0E84AD23AC2E74B30DEF739614C7EB94

MD5 fdd4fae6ea64878261a052af0ec203fa
SHA1 87ad368861589634b21d9f01ac78c7fc680fc252
SHA256 247160cf67963253907e2eaf1a9ea8fc4dba6a62b3a00e52c359dc2c1d21da1f
SHA512 79378d1523d76942561925dee3207b973e33f44e332d47e065fe657c2c8db86acfabf3d0d1b7c78b882255c9bcb6e64b6917758507987a44c3e8d1f1eb8f3044

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 532fd782826ae50856b676562f8cd953
SHA1 14a08ad3b2900d1e732bec9df059129005f39e2b
SHA256 aced8d904a3a63ec81bde27e1d3d67e0afe39174de8852f7a6d9b9164ba902ec
SHA512 62c04370ce8ce8f3eeb0628459720e6dc6e070436268638cea86fce07a1e019303812f535bbac9fd4b6c558490dd2e499790f41b05abc1d3eefaf7914d4af210

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_0E84AD23AC2E74B30DEF739614C7EB94

MD5 0a9713315ced35cc7016dc091830ce3c
SHA1 5d3524d8d6592cb9be436b53ec1e7d0d79fa9311
SHA256 83f4213cbbd1cdd4874c26aa1878972e381c14f7cefa922e9ff3d4376766635e
SHA512 25374068a8e5cb59d4e1ebff78f5be48a5709547c394092c492909981313be22460e2d39c73919068e538c86f627bebd160cc837db00933714b1ad4cf68cb18f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 2fb40a4c91d74c38eb5bc55014fedf92
SHA1 8f32021fc7f99a3da24b952379560cd213e69b11
SHA256 348726ae7197f0952a2a8e4ecccf40e917c161d03d6c3e14b660e91ec7339bc5
SHA512 c3175555be7c5f8c677c418f0cfea67ff8f9a4e420ef4a040e39041f5045a4e03d746bc0156be601b752c3148320e89b8e76a508d616ae8d96d0200381807ce4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_B1CFBA12A41AC8D422F96322D7435D7F

MD5 7516e07d5bf4db956d199edfc0118400
SHA1 c48661bf637fcc08c3afcda7daf1ac887f56bbe1
SHA256 a06fdf0e3343a88940ffee34f43bf463b7bc9b7cbe7e7eb3b3e58eb96fadab75
SHA512 3a2903b69b55d0ff7e44e4e14bcfa42468123ba79319171e5b44bb00b6cd0e8734cfa088bd2769ed92a946b5607b4c9c6410eb5a70256416a0b32c58fecb1716

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_B1CFBA12A41AC8D422F96322D7435D7F

MD5 ff64f6316d6614888eb0b3fe9e667642
SHA1 de1a1102f79670b6bc3dda36040d19e5582ec00b
SHA256 2ff199ad3e07a3533cb71a7afc2e46b0a41517fa4317645a6020c55c23a20081
SHA512 4662bd502895e14ec7da581930352cb81132e2dd7593716097969ab17a0e2a5f6a21079d59a68247f4d38a22d2a8c9618809d0525b1ce9c34c82d2bab6b0513c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 18f8b1fa0a23d7b8eb15aefa4cde5391
SHA1 2ce2b530bd6d8be21c9522bbcf84c56b0f561375
SHA256 c31820ace7512b998bf5962ab1dd36245d81bd9b55f49aa2400e9385900eeba5
SHA512 06b3c61c00656a830d3a366dbf1509958d7ce6665b14b6aacf4de4e3edd5ce876d969162ba41a1b40a2b0c18efcd03e7f84b63a79084cc4f4587449a6981572c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2fee3ee11ff4b5950b16969fc7211b3c
SHA1 f97a8c74e46aa16e580b6edf68884142827d9e78
SHA256 eeeb6ca8fb398e57e296686c828fd41bbbeea4429069a13ae44383b1dd56d943
SHA512 9c6d49f53e16ea59c016c2c460008b8e4ce59f182348b71ca53476a5210c3de82a2cc1efe3b9c8b9fd6a4536bd0cb1e5950abb1c5f3c5f20d16a1053d1bb8408

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 5fc10eeaaaa81b30a3afc08dca53043a
SHA1 875787a4757083fe9424c41b2bec367b30613ea8
SHA256 ea75d4039e619523fd4627e33004524fd90f5f04b0f7852ddfb634c0e4ba368e
SHA512 2e0cd8593f7f396636d8552be505154c1e0dc5b4dbf8d412ee10230e0ae70cf2246b779511ddec7b882c27b098584302640af98e1a04bc01bdd5c933825aa475

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d81432778b202131f6cc51d33bddbb22
SHA1 ae0714fbf3da36c58b346bc7330e00a057b78398
SHA256 3908e49df39c93ce9cd529c7edba120fc3d4f876cb2dfa3bf2064c11044a1151
SHA512 b3ad4e938befe283b8dbf0cd3f5228fe9c995204be5f6d89de7b5f1c087068304970a0bf3e1ec4eca7f6c8dee39b276176efdfcc2463ddc86242374c52b1fa12

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6fbd7f25340e66756aea39af7173277a
SHA1 137619ca57c910e394b6472574e2f823f368a521
SHA256 43987c533699501001f0fcfc017686d6089a7cd5c7bc9aeb397104fd66eb6f92
SHA512 f7119f3afe3722f32ca2e5fdd54f44ffcf5cdd1bc33cf073b35cb2374dff81659a35ccc6db7283b9d909408815ea887d9615d8409bda0f903edd086bcd9aed41

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b3e0635441f32fefe21ae308e1fcea06
SHA1 50927e591dc62683c608da9de634bbb8824ef960
SHA256 35cd666b1dcf1de63bf26a2c3558fb06d5316ab0ebc44838b6f6f33a666769d8
SHA512 3ac556e20585ea5b987d016088bc5b77aa42bda36b81c33fa41a3dfe690160868044882418432e091b45871d89ef58101d5e22ca3f37056710c4c177929c31bf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 069660696d311f7964565d31404df063
SHA1 cc16df41332eb666b6937b294421c134e0658482
SHA256 a677c7ad76b96fe1a4fb896331964d7bf37935f0312e1c56cec221cfd67efa61
SHA512 3efda3be02bebdac7c1b402568ee99c5501bda57d63174d7fcac1e65d73036bc5d59f8fb9c74548c000669ca20049b920a29215eddffd2dc0b39a447687f2bc6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 7fb1ef3220d9f3c700425fb63c67d693
SHA1 80f23cc9f2ae64483adbdd0893993c148cc6f8b8
SHA256 efad4c075648b32632081484a75ac60455cdb94924be747ead183abbf03e3d61
SHA512 ba1f0f1c9c5ef4e8c2ec3f8d05f92a1f203475e33b5424c6539269a9e6d5ba8e619a0ce357b211a6a48a0f347a68f445d25b47e9040b4212e066fa041ca3d432

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cd1a839abec42e0cfa3d9f7c6818c81f
SHA1 680ae1d6afa457aef4dca8b254b6a212adfbf164
SHA256 06c40c20fcf6cd0530129b0f3c7cb62a1a08b9340299a63a3990a2e24c8d8e3c
SHA512 b09ecda27893c0280680103eea08810f18df272e2258dad310354403754db598d4255016f61a61fe7d6227a8e4274c952ae334af78a9477df4421993339a0da9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2bdfc1ffdaccd38943809bbdfa388c20
SHA1 66ddc947bb96d4e0b8083b19f5e5a56a924873f3
SHA256 904c6bfb11e9ca4a924f542f6b2ca0016f0031424121098be882ea30e9210423
SHA512 6a1056c36dab897aa53e5cf300269479d3531fe218d387c25fa12c8c8c79e6597676e3e3ca48b661a533217b5c2d05a3324c0a27ae3c89363ff91abfa3067ed4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fcd06f7eef62d851045a5b4148881f83
SHA1 3a9615fb695353b6e6c3e716f3e2da24d2617098
SHA256 a4ab8c5c6bc65741cec28b81da52d8b9f6e95ce2e71bb5e11201a61fdaeaa601
SHA512 7a9b2d734d360c462e63f9d559d029b7a110e56f7e822309842b83db6e3cbbebf0843734327128cce8b9f368f9ddb09640ff72ddaa47005660d488486cb67f65

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 68afcffaad9304a6be292674971663b2
SHA1 0d740c2c1b22c7fb00d80ab205beb52d27df4ab8
SHA256 9f91f52863ad04aa770e089992445d9513fbbe9d517bf7bd37040efda21f6b07
SHA512 328752824ad1a0ab6ec6866f0caa8c8d10203822f6376f2819a6edf4f7a55ab04347d3eb4481de36445ede99e915b155fabf8e4bc2583c6b3aa09c7ae3a5cd69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fd623ee793d5b43bc9e943ac1beb9f8c
SHA1 3ef72593fb1f74bbccd1fcf0c2ca4296ccdb3b9c
SHA256 59081b72d874e6a76e978568e1988e44cb1230bcb7793d13f2c2d9884d02fb87
SHA512 8ea11a111344966e822ad31b77d440972d5951193cf94799f3b656b5f2b8eadbf0178ead5f6c473a8861b62c2492ba36d31948dbf8424711dc9e38c9ff7b9934

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751

MD5 ace27def5169fafe691175efd27096fc
SHA1 ddb5c4ee09e3d2aee90063e7eb157cfade823156
SHA256 ce5ff91efc5f743090a48231d9aa9fb63a7fcd5653a03f18d3fdf1e81610ddb1
SHA512 f053dc8271eb9ba2c06655a2b1638823311bade0a4f48b8e35b1c6dd84975a68d4fb3ffed3ba224b58ae3eb86ca78511630b2b4a9fba2556810fdc44ef8eaba3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4E1544EACA46ABE403B306173AA66D38

MD5 4ce444f3d59560b39bcf2deffc737035
SHA1 a206d4ab980f1cee4702e73818f8e86dd7798607
SHA256 3d8df3aa9019ffcc38209ff565343c51394cfe37f31323bc26ce304d842d1f91
SHA512 9b302b031a2cf466f117d3a62b9ffcf15528cefadb40a7f4e7fe23ac18cb6122149453e0c858de5295a01334967ebd38ccdde3691877aae9b2c391dffee8823b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0bd1e5faa7f11c621b3d924bedfbe37e
SHA1 695f6bdfe3732f82c7ff48bc543122414402dc4b
SHA256 5f967de10ca713bdf43b919e5a6481a792764b1a5849741dec4025a4d0b18e31
SHA512 8e9d4142139a620d676f4685c119f88e6732b47adfe1e159729b498ef2cb04f8fe2592d4ab8c2f2d169e627756a934e3953c24a4c152e747f5c4a46661703133

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f4e5fdb6c6b9944e7a6a9d5466a38e94
SHA1 aef41d40702688cee6ddfcd485a625559550ae59
SHA256 9518a93cfac581e3b197285fe4858dfe47db91b9e4c16b3ce44212b5e32e829e
SHA512 478caddc03a71b3e068607ea95b9a48443b6b71bcfde4b71877e24763046dd036d5b0960d1d15da970b6adf992454b2b5cd7ecd9b039068bb050d409e03af11c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_AB9E6ABDE5D225B32CD1A91CAF7467E4

MD5 3eee272c406d9656dd5503b541d99cf3
SHA1 539063cd848efbb1d037f56972c65decc8674abd
SHA256 84bfcab3ce3305ca5e540059d7c719fc455fc4d4429d4af42a15cfcc986984a1
SHA512 4fcd7761c9e2073555c55cf9744a71cd42495b628d90a46f1d3bd7fd4333b7e5930755c8bda68834019e76203b75e0520cb47b5e0c600b69795ef26da80cb006

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_AB9E6ABDE5D225B32CD1A91CAF7467E4

MD5 4d2164ff3f83dcb1d7762c940b4687f0
SHA1 a33b4d537633e826d99a568b82f9a819f46f186e
SHA256 09b11fab8fc28be9f94d76f92b293e694157f68800b4967f4f695dd33931faa5
SHA512 e05ea88f7c9dcbccdade701e396c85e4729a09ff1c39ef2fd4157698448485d83738e0797cd312c4bb88c8854a8b52ee806efd5f8f2d20deb8397ca1c8f02823

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fd63c8a469b2ce6d27b6c81896dbfdc8
SHA1 9ed307aea2d5c71e9874236a22ed57368f63e770
SHA256 c631fe4065ba9ead3bb8157cbcb4fca7591d6ad618ed3fa288e40588beee67ff
SHA512 413a9314a23167c89c0185823ebeb865df1dbc346859a27c0cfcc68ffdbdf0abe416fc391c96fb8302ab13a2fe85e26596d378f3e5fa59477a5f3989d1a4c850

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1af05a3bd57ef2fe06ffcfa9ab93a1d8
SHA1 a2b930800420980e61a75bb435f9c3fdd44ea0bf
SHA256 2cce7f8c5db6e5b58846e068ef78c117ffea568f19a958d3121622884d82c619
SHA512 aabf0f19579c4bb8fd9a2763fb2239c3d3ce0a51e5562e65dd23d9e1b80c9e155e587175faf265175d744a3b1f8196cb3a8993d1bc9d7517fe7ab393b8365a2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bf0ceab61bf0e6df9baaa3746d38ad26
SHA1 6749e4e6f333d08391aa8b349c5d1adc3deb0ce5
SHA256 53b72ad375c5044002729b096f6d8f1297175e2e6e94abc5d4ead629138725e6
SHA512 8401c5b12d3b90112b57a24c75ca07f0b4216057212ddbd4dce7e3e2d95cad9c000ab4933755da71c4ac60489ca2bd14da26cdb2424ad9a03acedb6f4ed12e2c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 64c0fa8fa1c1379c226541bbbdc44737
SHA1 e47b711297678d8f877d182b3a3c9211e021cc2c
SHA256 2ed2e621b91bb090d23f0fcebb4634e8ba0246c5210ba12f16b918680624bc8b
SHA512 23562fc2c6a10e4c838300c3556925ef7f8e8c5d2e51f5edd6d552b87da7e72c11585934eae8a0bd1ff2787e872141b77588832984a8a5713f17eeb5078c00b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 80056906947009026f069d72dc967b33
SHA1 574b820d94905d1850600b76a767f050ab0fe33f
SHA256 9d422ea5ddd6a67b4a2167c4ca1ea786f53952d252622d83012f32aa675461cd
SHA512 b8c6e3167e0daa41efc4a7c02a06a53e296a042e32f38ca379200f96d35bb8c1fe0830dcc9f6e540ef0bfde946c88afbceb9d1c2481797215f100d11efd74f80

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms~RFf77cd9b.TMP

MD5 3e19cf61a49dfdeac341043824fe1548
SHA1 d938394ea451e526568ce7b05e6a8b745c1d945a
SHA256 c7b47a949981ec04abff86b329204a87b724f39a565559164f7474bf6fe9a691
SHA512 9f18446980024e1d6540258b08b98f4e1959fc4ba22789d3c520e3e338becfec8115511ecf9b26c62ceef2979619e6fdd213cdbdce73f185e7c86f568fd3586d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b0f78d6c756d234eb36bfd4d8d2569d6
SHA1 4c66abdf9294a1a01f02ed769e17185db7f9fa18
SHA256 dd0a90eee9dd6204ae88176b1c2ef5ddb14b18714b410d0336d0aaa2d5f3e961
SHA512 e33d58bdd216d08e375ad454c8c457b1ff2686dfc5bc6ae84b540cfe6f2dbca8e63b76b96b9c22cb22183c9d06a578e9ef6d4195c6a4de9b40d36d956f407151

C:\Users\Admin\Downloads\OneSwordGraund.html

MD5 fb23723273f2846ac3eea64d5dca76fa
SHA1 992268b182b8563d5e596efadbb1b0dbe998ebee
SHA256 afa6a7270a8315942d277f886c2ce4d8e88a500838a4823cb5393eefdf78a2c5
SHA512 53ed7cbe034e12507a7a4406a7cbbb43cb899299fa8c5ad06c86f28d435fccf8beca7276bcc8909a7880fb3dbfc83251f5f1cd123abe8f017e99b2a43a63b512

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0a7621abeaf1f33d1b3bfa4e6a8d90d2
SHA1 980aa68403d4cc07265b0909ff6e6f4a7bbe187f
SHA256 8d7d2e43d544f151952428f3dbd4dca34ccca8052231f01360defbaab81bc4c9
SHA512 7f8b64578784229f2c6c7974813f03c4d12ad8a8e8bbb53ae186c4336a1a6274ad48f9292c0fedae05053cac099de084e1e45cf8c812b0f1cff76ee7af0a7bf8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e9ce15721f90479403c1c94049792a8c
SHA1 34967d415bc2ebc46b310cacd99b4febfd086a94
SHA256 cdbde8bb186688bfc67f6e643fd34c084b735bc8872ac8154424b515921b6eb2
SHA512 c53d63804a4dbcfc398c16416f41f4ba5c33169fd620223e0a337761b4436959e0d8ac8b662a2f7522fc93fca49c2b08e555287a589838e79b55c57ce6a58670

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 18:13

Reported

2024-06-13 18:16

Platform

win10v2004-20240226-en

Max time kernel

144s

Max time network

151s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\OneSwordGraund.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\OneSwordGraund.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3964 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4956 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5736 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5544 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6004 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 13.107.6.158:443 business.bing.com tcp
GB 51.11.108.188:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 159.113.53.23.in-addr.arpa udp
US 8.8.8.8:53 188.108.11.51.in-addr.arpa udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 dosya.co udp
US 8.8.8.8:53 dosya.co udp
DE 195.201.111.49:443 dosya.co tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 23.200.189.225:443 www.microsoft.com tcp
US 2.17.251.21:443 bzib.nelreports.net tcp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
DE 195.201.111.49:443 dosya.co tcp
DE 195.201.111.49:443 dosya.co tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 104.18.10.207:445 maxcdn.bootstrapcdn.com tcp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 225.189.200.23.in-addr.arpa udp
US 8.8.8.8:53 49.111.201.195.in-addr.arpa udp
US 8.8.8.8:53 21.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 104.18.11.207:445 maxcdn.bootstrapcdn.com tcp
US 104.18.11.207:139 maxcdn.bootstrapcdn.com tcp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.189.173.20:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 20.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 104.17.25.14:445 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 104.17.24.14:445 cdnjs.cloudflare.com tcp
US 104.17.24.14:139 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 142.250.187.234:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 connect.facebook.net udp
GB 163.70.151.21:445 connect.facebook.net tcp
US 8.8.8.8:53 connect.facebook.net udp
GB 163.70.151.21:139 connect.facebook.net tcp
NL 23.62.61.171:443 www.bing.com tcp
US 8.8.8.8:53 171.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 214.143.182.52.in-addr.arpa udp

Files

N/A