Malware Analysis Report

2025-08-05 16:29

Sample ID 240614-bd377ssemj
Target a771a25f6f79009b51a94f671afa7d8d_JaffaCakes118
SHA256 f5748e2ceef6235c3d457d955f5b244ea2dc8dc8772b26355687c7f9e8ab3b9d
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

f5748e2ceef6235c3d457d955f5b244ea2dc8dc8772b26355687c7f9e8ab3b9d

Threat Level: No (potentially) malicious behavior was detected

The file a771a25f6f79009b51a94f671afa7d8d_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-14 01:02

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 01:02

Reported

2024-06-14 01:05

Platform

win7-20240611-en

Max time kernel

138s

Max time network

137s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a771a25f6f79009b51a94f671afa7d8d_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e02c4aa4f6bdda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424488833" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a807600000000020000000000106600000001000020000000953c09574bd0423291bc73ba7a6db81da3c7e66ff8e4c553cb209c7ac01e1814000000000e8000000002000020000000b3c7ac54024a159d82f678dbf3fe298a75e26c122413f12c3678738a235a62569000000039f1ebd578bc15130ce7adac5b38d2062b0f6046f135027647e9cd945b41997d1c1ec2d04ff112209f41f1da065fc4db8f821e57f6201cf1280288962f8ce3618001c9aa3bbbedafa16d8529bf93a9f5f35e20f931d7ea5c86a033250b472a8db2ce5cdcf137fdf4f51cebe04bac24efb1407521dac133678575d8e88fcdaa20b60109d211f27b687761d1d7337d6c2a4000000087932e24c1bbbfdedb0cfda746caac718b59dce1ba3bf31d7309a57b5d3ec4b443a26e3dc25af9ac99e6cb3bbf30c11e7d6e0e4344bfa7aac4671f474976e310 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a807600000000020000000000106600000001000020000000ac64d92de9d94f76c9534dcfe760567cbf6ba28d50b628d21588739976efdf00000000000e80000000020000200000008c47367f057fcb28b28be37a755309f49c23d9b61e3c25a9c20dce684814404420000000714303eb9a691f1aefcc112e1c2fbccb47993e5f10a63df21b00ec57c4e3554c400000002bab5d265faec2b6206019405c14085c32ad23f21d9d080b90b13ae76688b1e1e540cf7d7981e4bc77550faf04713c96c6cce1aa560921cefdf7570600354849 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{CC4799D1-29E9-11EF-9E55-E6415F422194} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a771a25f6f79009b51a94f671afa7d8d_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 ad.about.co.kr udp
KR 14.0.113.208:80 ad.about.co.kr tcp
KR 14.0.113.208:80 ad.about.co.kr tcp
KR 14.0.113.208:80 ad.about.co.kr tcp
KR 14.0.113.208:80 ad.about.co.kr tcp
KR 14.0.113.208:80 ad.about.co.kr tcp
KR 14.0.113.208:80 ad.about.co.kr tcp
US 8.8.8.8:53 adapi.about.co.kr udp
KR 183.111.131.73:443 adapi.about.co.kr tcp
KR 183.111.131.73:443 adapi.about.co.kr tcp
KR 14.0.113.207:80 ad.about.co.kr tcp
KR 183.111.131.73:443 adapi.about.co.kr tcp
KR 14.0.113.208:80 ad.about.co.kr tcp
KR 183.111.131.73:443 adapi.about.co.kr tcp
KR 183.111.131.73:443 adapi.about.co.kr tcp
KR 14.0.113.207:80 ad.about.co.kr tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
KR 183.111.131.73:443 adapi.about.co.kr tcp
KR 183.111.131.73:443 adapi.about.co.kr tcp

Files

C:\Users\Admin\AppData\Local\Temp\Cab957E.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar95BF.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b77ed6e3d86bc765b8929edca6c6dc68
SHA1 83acffd24573fefef3faa8ee9371350e27844851
SHA256 20777100ef0805936b296f5ffc7b1b542d16fe4f8f5e07cdf240cd300c2769a6
SHA512 abbe00e105e6cc5edb438c4f8082b7f20f3a988cec443966d8e971ed95450703a3c146dd78109e39cf93dcf4c8893e56e753982b3740b0b46ed254cfec8ea7c3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 66748c486562cb4b218d377b28313dd2
SHA1 3e52697b930ed471a3c6f5579c26dca99b11c806
SHA256 a37b2be6d86169fc8981194472e8d0cdbcb7bf745bc429b3d40800184294cae1
SHA512 034def3412175f0d992786c29dc75f68324f1b0f2e858dd845407610dc0acef584da6d99174c93c7f40d5e458a0b85abc4329ad9423dc668900fbc613ba535d6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5dcd225802770d66fa378e12daca9b5c
SHA1 6d59e4211d572a773f23d9c1a6e6a50c77778f4d
SHA256 fcbd0e8e70592755f326946080c33f5a1e17fee2fedd51795373223c92847b02
SHA512 50e9513b4e6ed3dd78e54550018187febf9e3cd024d77b8a760808b15f210d0ea73bb1ea01599e2b4568de4118bf482c3f3ff77437ec13aa8c62f5fd83c007e1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 131493b5c5ad3c11629790af22962bfe
SHA1 b2e050c3bd916126a1400c41dd1b190db8bc393b
SHA256 5d0f757431becc5070dc4501e8d2e0e119aecacfee63df63d00d8e8bff2f10fc
SHA512 a987ab9be1cc4f156c7117e0b4d435a7b2bf8cc28c83f2bc8b218d20dbfd62f0baece99f8ba4a2f586e08669c34deaf16dd3d754bdf48ad50fdf78575b57e484

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8a4972d075c17489564341430230fe93
SHA1 4bd6ace932480d6c93462f74c127ab75fce2b508
SHA256 b63b60180c4eb3d054359c43da3fc92195cc3708d5503a9448be59d67ff9118b
SHA512 da959182f459e6210f7f4fbe289895c8ba29e2659f736856924a7ff76625189a7daacf692120bcedbc5a81eb06edff9d5a0651976cac1bb9fb2d35f4c7cfde5a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e7d9925d3a4a5aa86b21edb6e585f63e
SHA1 2a2da79539675e3b9ab3429d92c50f17fa85fa4d
SHA256 39db719d8040764a6ddeaca9b4da6f7dd30081d83744fec3b487d70e58dae6e2
SHA512 ab5469c9d8c004c6bc5296b02f2e5931cb114bec3a4bef04162959c30b07220fb8a52015e394e055967ec2eb4cbf4824ee927d0940fd677d46fbd9f89fe8cb52

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 03ccb9516ea739da2c3e8b676eb8e9c2
SHA1 a2142f6f69f8e22e1a20e387f3a9e447c9560cfb
SHA256 5066c2a32f7a85961cc171a46ee0b79aff50bff7be355dd224c3543202eff7c7
SHA512 3289680b658663409dc20302edf2c35e84c67d9fc09ab26fd0567ba825451d60b95907d3047c99b5058838f3f1d05e876e5c001fdbb31148bbdd0223614b2a33

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 277e1df588fa5a6c0d8a7f9ccad91add
SHA1 be265183e1c463fa2fe93af4c1d595d5289eb228
SHA256 d3dc2f41645ff7a97055325ee89b7b59e89c14baa9538e3fcc59e140fee1329c
SHA512 8e93a7aa43fd18093f665e786ec643e69f5941e0d9b980c9a32499055fe8072a26420e551a40e5576d4819a33fc666fe170a3a9ad91e03a1a97475d05b084f10

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b6248d2d0abcf9eb096df2057597f797
SHA1 58f79610c349d6c75a5f8e53f6459e14ca3c0875
SHA256 8e50438da7eb1f19ca1f2d6ce61bf093469ed91708a3316a47e040c82df7c76e
SHA512 04e04ccf4fcc87d616e7c6c3364d0746e7fe79f5722ea5c797bed192cdde98d0e14ded3f9a0bca9126023ee569263caf789cd3952100e45c151bf17ca5714910

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 86b78be652389b665256495cd3752529
SHA1 c680fa2c9b831100f3183b033f0a45aa2f8bf26b
SHA256 de8c49391009355b05f8375ac9c79e86aab268dc62bafd114d09de89d8b0e8fd
SHA512 efa9685b94152de26cb5421045008aa3c743ef554923de9f8c4352d54e3028eb44793b8bacf9470be05dfe4ce409b30deab31c2e488e1f99a84fc06d3cec5398

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0e8d170827d7ce4f3b979ed929b95837
SHA1 14d25dba2837186e5c6710821c2b579a71553312
SHA256 381ed23f3c0716e7b2bcc4b3814ecda051e1f90ea792f57cc2959c5a8e4dc0e4
SHA512 285589e86f446d41f517588b89e8c3df85f017512c9c8a02c2cbc0356137f056bdd5828dd8e4c81046edde992e3bf40fd1f056f9a01213c90f76344b6d20d4c0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1ab835a5c7195730bb80b3532c86e4ee
SHA1 05ac50147540863954ef5f75ff89e15286e34f5d
SHA256 6aba8f394fd411b537e67abefa48b9c83a7116970c0ada246aa4607823c1b2dc
SHA512 196220a2c92cecaa6e393270e148fdd2667e9a30c7ee75739214f3d7e3c4eb8529a0b5354098c8bb0801ac35929e3038bdac9ea5b5bca88ed2a4adc3200aa2ba

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ad145a81ddd96bafb7e98386792e6667
SHA1 953c4d6939f0da227383eb11b8700d134d81b5d9
SHA256 7f1a09f6c86a5c178a12296ec055c3b2b52d4c122cd639fcdf821854bf0f4f37
SHA512 faa2eb834556a188faf0bef079b166377159d7c3a3c6d91e005548454d04a7aae79fa2d1d69761fff58855489a45f5c2aefb64a0c20a9e3d3f4e7310eaa6d353

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 01:02

Reported

2024-06-14 01:05

Platform

win10v2004-20240226-en

Max time kernel

145s

Max time network

154s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a771a25f6f79009b51a94f671afa7d8d_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a771a25f6f79009b51a94f671afa7d8d_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4840 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5356 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4948 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=2808 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5496 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=6080 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=4116 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=6048 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
GB 51.11.108.188:443 nav-edge.smartscreen.microsoft.com tcp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 188.108.11.51.in-addr.arpa udp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
GB 51.11.108.188:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 ad.about.co.kr udp
US 8.8.8.8:53 ad.about.co.kr udp
US 8.8.8.8:53 ad.about.co.kr udp
KR 116.120.4.215:80 ad.about.co.kr tcp
KR 116.120.4.215:80 ad.about.co.kr tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 215.4.120.116.in-addr.arpa udp
BE 23.55.97.181:443 www.microsoft.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 181.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
KR 116.120.4.215:80 ad.about.co.kr tcp
KR 116.120.4.215:80 ad.about.co.kr tcp
KR 116.120.4.215:80 ad.about.co.kr tcp
KR 116.120.4.215:80 ad.about.co.kr tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
GB 23.73.139.27:443 bzib.nelreports.net tcp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 27.139.73.23.in-addr.arpa udp
US 8.8.8.8:53 adapi.about.co.kr udp
US 8.8.8.8:53 adapi.about.co.kr udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 adapi.about.co.kr udp
US 8.8.8.8:53 adapi.about.co.kr udp
US 8.8.8.8:53 adapi.about.co.kr udp
KR 183.111.131.73:443 adapi.about.co.kr tcp
KR 183.111.131.73:443 adapi.about.co.kr tcp
GB 96.16.110.114:80 tcp
US 8.8.8.8:53 73.131.111.183.in-addr.arpa udp
US 8.8.8.8:53 17.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 52.182.143.212:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 212.143.182.52.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 13.107.253.64:443 tcp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
KR 183.111.131.73:443 adapi.about.co.kr tcp
KR 183.111.131.73:443 adapi.about.co.kr tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 6.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 172.217.169.74:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 24.139.73.23.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 104.193.132.51.in-addr.arpa udp

Files

N/A