Malware Analysis Report

2025-08-05 16:29

Sample ID 240614-bd3axayenb
Target a77165a30e64d292708150aa34747995_JaffaCakes118
SHA256 4d1629e2e1bb197f9ddb83758d7d6a0b74dca2814d528657afd7a67c0875b9c0
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

4d1629e2e1bb197f9ddb83758d7d6a0b74dca2814d528657afd7a67c0875b9c0

Threat Level: No (potentially) malicious behavior was detected

The file a77165a30e64d292708150aa34747995_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-14 01:02

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 01:02

Reported

2024-06-14 01:05

Platform

win7-20240611-en

Max time kernel

142s

Max time network

148s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a77165a30e64d292708150aa34747995_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424488837" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{CB17CC61-29E9-11EF-8156-CE03E2754020} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a77165a30e64d292708150aa34747995_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.mega-premium.com udp
US 8.8.8.8:53 www.opendrive.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 lh6.ggpht.com udp
US 8.8.8.8:53 img843.imageshack.us udp
US 8.8.8.8:53 img155.imageshack.us udp
US 8.8.8.8:53 img839.imageshack.us udp
US 8.8.8.8:53 img837.imageshack.us udp
US 8.8.8.8:53 img338.imageshack.us udp
US 38.108.185.79:80 www.opendrive.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.200.1:80 lh6.ggpht.com tcp
GB 142.250.200.1:80 lh6.ggpht.com tcp
US 38.108.185.79:80 www.opendrive.com tcp
US 38.99.77.16:80 img338.imageshack.us tcp
US 38.99.77.16:80 img338.imageshack.us tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
US 38.108.185.79:80 www.opendrive.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
US 8.8.8.8:53 img404.imageshack.us udp
US 8.8.8.8:53 uploaddeimagens.com.br udp
US 8.8.8.8:53 a.imageshack.us udp
US 8.8.8.8:53 img408.imageshack.us udp
US 8.8.8.8:53 img198.imageshack.us udp
US 8.8.8.8:53 img375.imageshack.us udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 feeds.feedburner.com udp
US 8.8.8.8:53 www.centralblogs.com.br udp
US 8.8.8.8:53 whosread.com udp
US 8.8.8.8:53 pr.prchecker.info udp
US 8.8.8.8:53 whos.amung.us udp
US 8.8.8.8:53 img705.imageshack.us udp
US 8.8.8.8:53 i40.tinypic.com udp
US 8.8.8.8:53 img69.imageshack.us udp
US 8.8.8.8:53 www.contaspremiadas.com.br udp
US 8.8.8.8:53 lh4.ggpht.com udp
US 8.8.8.8:53 lh3.ggpht.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 losolvidados.com.br udp
US 8.8.8.8:53 www.cursos24h.com.br udp
US 8.8.8.8:53 settings.messenger.live.com udp
US 8.8.8.8:53 messenger.services.live.com udp
US 8.8.8.8:53 www.e-referrer.com udp
US 8.8.8.8:53 www.wieistmeineip.de udp
US 8.8.8.8:53 jb.revolvermaps.com udp
US 8.8.8.8:53 dl.dropbox.com udp
US 8.8.8.8:53 js-kit.com udp
US 38.99.77.16:80 img69.imageshack.us tcp
US 38.99.77.16:80 img69.imageshack.us tcp
US 38.99.77.16:80 img69.imageshack.us tcp
US 38.99.77.16:80 img69.imageshack.us tcp
US 38.99.77.17:80 img69.imageshack.us tcp
US 38.99.77.17:80 img69.imageshack.us tcp
US 67.227.215.171:80 pr.prchecker.info tcp
US 67.227.215.171:80 pr.prchecker.info tcp
US 172.67.215.45:80 uploaddeimagens.com.br tcp
US 172.67.215.45:80 uploaddeimagens.com.br tcp
US 104.21.73.83:80 whosread.com tcp
US 104.21.73.83:80 whosread.com tcp
GB 216.58.204.78:80 feeds.feedburner.com tcp
GB 216.58.204.78:80 feeds.feedburner.com tcp
US 38.99.77.16:80 img69.imageshack.us tcp
US 38.99.77.16:80 img69.imageshack.us tcp
US 172.67.8.141:80 whos.amung.us tcp
US 172.67.8.141:80 whos.amung.us tcp
US 38.99.77.17:80 img69.imageshack.us tcp
US 38.99.77.17:80 img69.imageshack.us tcp
US 38.99.77.17:80 img69.imageshack.us tcp
US 38.99.77.17:80 img69.imageshack.us tcp
US 38.99.77.17:80 img69.imageshack.us tcp
US 38.99.77.17:80 img69.imageshack.us tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 38.99.77.16:80 img69.imageshack.us tcp
US 38.99.77.16:80 img69.imageshack.us tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 162.125.64.15:443 dl.dropbox.com tcp
GB 162.125.64.15:443 dl.dropbox.com tcp
GB 162.125.64.15:80 dl.dropbox.com tcp
US 52.86.6.113:80 www.mega-premium.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 52.86.6.113:80 www.mega-premium.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 104.26.0.2:80 www.e-referrer.com tcp
US 104.26.0.2:80 www.e-referrer.com tcp
DE 185.44.104.99:80 jb.revolvermaps.com tcp
DE 185.44.104.99:80 jb.revolvermaps.com tcp
US 192.0.78.208:80 www.centralblogs.com.br tcp
US 192.0.78.208:80 www.centralblogs.com.br tcp
FR 52.222.169.3:80 js-kit.com tcp
FR 52.222.169.3:80 js-kit.com tcp
US 52.203.100.79:80 www.cursos24h.com.br tcp
US 52.203.100.79:80 www.cursos24h.com.br tcp
DE 18.193.135.209:80 www.wieistmeineip.de tcp
DE 18.193.135.209:80 www.wieistmeineip.de tcp
US 38.99.77.16:80 img69.imageshack.us tcp
US 38.99.77.16:80 img69.imageshack.us tcp
US 104.21.73.83:443 whosread.com tcp
US 172.67.215.45:443 uploaddeimagens.com.br tcp
US 64.4.45.211:80 messenger.services.live.com tcp
US 64.4.45.211:80 messenger.services.live.com tcp
US 8.8.8.8:53 centralblogs.com.br udp
US 104.26.0.2:443 www.e-referrer.com tcp
US 38.99.77.16:80 img69.imageshack.us tcp
US 38.99.77.16:80 img69.imageshack.us tcp
FR 52.222.169.3:443 js-kit.com tcp
DE 18.193.135.209:443 www.wieistmeineip.de tcp
US 192.0.78.169:443 centralblogs.com.br tcp
US 192.0.78.169:443 centralblogs.com.br tcp
FR 52.222.169.3:443 js-kit.com tcp
US 67.227.215.171:443 pr.prchecker.info tcp
US 38.108.185.79:443 www.opendrive.com tcp
US 38.108.185.79:443 www.opendrive.com tcp
US 38.108.185.79:443 www.opendrive.com tcp
FR 52.222.169.3:443 js-kit.com tcp
US 8.8.8.8:53 losolvidados.com.br udp
US 172.67.210.16:80 www.contaspremiadas.com.br tcp
US 172.67.210.16:80 www.contaspremiadas.com.br tcp
FR 52.222.169.3:443 js-kit.com tcp
US 8.8.8.8:53 widgets.amung.us udp
US 104.22.75.171:80 widgets.amung.us tcp
US 104.22.75.171:80 widgets.amung.us tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 c.pki.goog udp
NL 23.63.101.152:80 apps.identrust.com tcp
US 38.99.77.17:80 img69.imageshack.us tcp
US 38.99.77.17:80 img69.imageshack.us tcp
US 8.8.8.8:53 ocsp.starfieldtech.com udp
US 8.8.8.8:53 ocsp.starfieldtech.com udp
US 8.8.8.8:53 ocsp.starfieldtech.com udp
US 192.124.249.23:80 ocsp.starfieldtech.com tcp
US 192.124.249.23:80 ocsp.starfieldtech.com tcp
US 192.124.249.23:80 ocsp.starfieldtech.com tcp
US 8.8.8.8:53 od.lk udp
US 184.105.177.70:443 od.lk tcp
US 184.105.177.70:443 od.lk tcp
US 184.105.177.70:443 od.lk tcp
US 184.105.177.70:443 od.lk tcp
US 8.8.8.8:53 crl.rootca1.amazontrust.com udp
FR 18.164.52.64:80 crl.rootca1.amazontrust.com tcp
US 8.8.8.8:53 ocsp.r2m02.amazontrust.com udp
US 64.4.45.211:80 messenger.services.live.com tcp
US 64.4.45.211:80 messenger.services.live.com tcp
FR 3.162.33.170:80 ocsp.r2m02.amazontrust.com tcp
US 184.105.177.70:443 od.lk tcp
US 184.105.177.70:443 od.lk tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 img812.imageshack.us udp
US 38.99.77.17:80 img812.imageshack.us tcp
US 38.99.77.17:80 img812.imageshack.us tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.200.1:80 lh6.ggpht.com tcp
GB 142.250.200.1:80 lh6.ggpht.com tcp
US 8.8.8.8:53 lh5.ggpht.com udp
US 8.8.8.8:53 www.powertrafego.co.cc udp
US 8.8.8.8:53 s10.histats.com udp
GB 142.250.180.1:80 lh5.ggpht.com tcp
GB 142.250.180.1:80 lh5.ggpht.com tcp
GB 142.250.180.1:80 lh5.ggpht.com tcp
GB 142.250.180.1:80 lh5.ggpht.com tcp
GB 142.250.200.1:80 lh6.ggpht.com tcp
GB 142.250.180.1:80 lh5.ggpht.com tcp
GB 142.250.180.1:80 lh5.ggpht.com tcp
US 8.8.8.8:53 www.freedownloadbr.net udp
GB 142.250.180.1:80 lh5.ggpht.com tcp
GB 142.250.180.1:80 lh5.ggpht.com tcp
US 104.20.18.71:80 s10.histats.com tcp
US 104.20.18.71:80 s10.histats.com tcp
US 104.20.18.71:443 s10.histats.com tcp
US 8.8.8.8:53 s4.histats.com udp
US 8.8.8.8:53 jf.revolvermaps.com udp
US 8.8.8.8:53 rf.revolvermaps.com udp
CA 149.56.240.132:443 s4.histats.com tcp
CA 149.56.240.132:443 s4.histats.com tcp
DE 185.44.104.99:80 rf.revolvermaps.com tcp
DE 185.44.104.99:80 rf.revolvermaps.com tcp
DE 185.44.104.99:80 rf.revolvermaps.com tcp
DE 185.44.104.99:80 rf.revolvermaps.com tcp
KR 175.126.123.219:80 www.powertrafego.co.cc tcp
KR 175.126.123.219:80 www.powertrafego.co.cc tcp
US 8.8.8.8:53 img80.imageshack.us udp
US 38.99.77.16:80 img80.imageshack.us tcp
US 38.99.77.16:80 img80.imageshack.us tcp
US 8.8.8.8:53 powertrafego.co.cc udp
NL 37.48.65.153:80 www.freedownloadbr.net tcp
NL 37.48.65.153:80 www.freedownloadbr.net tcp
KR 175.126.123.219:443 powertrafego.co.cc tcp
KR 175.126.123.219:443 powertrafego.co.cc tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 cc.cc udp
US 52.26.18.68:443 cc.cc tcp
US 52.26.18.68:443 cc.cc tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 use.fontawesome.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 pcp-img3.cc.cc udp
US 8.8.8.8:53 pcp-img1.cc.cc udp
US 8.8.8.8:53 pcp-img2.cc.cc udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
GB 142.250.187.234:443 ajax.googleapis.com tcp
GB 142.250.187.234:443 ajax.googleapis.com tcp
US 172.67.142.245:443 use.fontawesome.com tcp
US 172.67.142.245:443 use.fontawesome.com tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 8.8.8.8:53 crl.comodoca.com udp
US 172.64.149.23:80 crl.comodoca.com tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 172.67.142.245:443 use.fontawesome.com tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
US 52.26.18.68:443 cc.cc tcp
US 52.26.18.68:443 cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
FR 18.164.52.100:443 pcp-img3.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.165.136.81:443 pcp-img1.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.25:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
US 3.164.163.49:443 pcp-img2.cc.cc tcp
CA 149.56.240.132:443 s4.histats.com tcp
CA 149.56.240.132:443 s4.histats.com tcp
DE 185.44.104.99:80 rf.revolvermaps.com tcp
DE 185.44.104.99:80 rf.revolvermaps.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\TarA29B.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\Local\Temp\CabA299.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751

MD5 7a553f67ff5e447b7d3c11034909972e
SHA1 1da9074c6d31d8bcb5f67118bf243a71857d9b00
SHA256 664ce22294619a6bf05d20c03b66007a5df415c8ec030124e9eca598889a2734
SHA512 b9ee9fccec617560df8768f7f7cd84f0c8f9695918121aa023c405c9c0986e132e58c1872754ca916b6314ce7125f906340f054416a0ebf6e939e21fb15253a5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9f4394e8054961a92acf8095124a207b
SHA1 3977f379b166ffbbf866d23c72dd68c3d3838ebe
SHA256 47197c20a87e87279f65e0a0aeb6d6e1e7bea797b1d60d384dd2bd16468dae73
SHA512 fb14578b0946522c8fb59332871c7a43bef2a384cba01af97dbd50a38c554f605a965e907c947c9cd2064f71458bbc620bf95385a4f79b5d5b3be26c09b42713

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 a43e802d463dd8cc95d030f3fc334830
SHA1 759c88dbb8104844478d04c09ca9caeac2485dd0
SHA256 aa1aba26fd9d799a3c2aba00f063076698fc77a26e8ecb7b52f6582f26ec5ade
SHA512 14afed2d5cab2d8833a7f6dcd180712a15842e7798320a7d720f9914f7b9481573ef7b5ec2dae46ffae0da9e213b9a9715f303a0b855bab8d6c799fb3a5a6b5e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 acb20d7f1b3652fbe2f79f6f55057100
SHA1 beba8a4b856c1d796fa7e5fdef20ed799fd9cc28
SHA256 e29ce95c8f8001a01f4b3dbefb2c81cdacef25c23d53245597fa30ed311d7e5d
SHA512 ce452dea59b8eabd6a69f70b397e53abdd90faec75f3d10982829bf617ee78d472041570137b384869c6dd5ad4e5c0461031a9418940a42872cadfd45adced3f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 232d81b6016b1e2d036feafc87ff9477
SHA1 673aec351fff7d6da3f70f50f88426965284b79c
SHA256 8612d1d686e3d973fd70d1be1b43a6cbe3268dfe8ee548e4b8279b3078fe35aa
SHA512 fbe5e73459219bea6dbe93e903adf07aa1edd2f05f52de9b6891fb55dd54c3b893f0a543075cf13124918662273376762c3db63423b9b2572e7603c56dda5c2e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 926a599039b16f22d393830ba14dd2a8
SHA1 453618e9d7e25638aaac6c323dccc6b98424be8b
SHA256 582f57b2e45433b2b66114c07a636a985cc1f45f66e5d1a60330a661edccdaab
SHA512 cf76326b5847e3ed077a65aa81afdfc41902dd8ccae5ba4e403551c7579115aa5f6b42b495caf069e918c67dac4379edbd66e1a02809e90de5de3f8cb9ad46bc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 d8f70c096c602cb7922b77b5aa3f3b88
SHA1 4a59a78481c7b667a4307c81df9bbf68fc5a27a6
SHA256 68ef5c9cc131c63b1143884362ab065aac6fafa041488dafaee40ef6deb8e9df
SHA512 07ca71029ff4dd1620b37bb9bb738971db0c8e5604fc7c4524cb312a49c30776fb084bb72d380b742799d57834cc88f126d022f9ac75fd1b8d37b63689f62315

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a9e47fda703caf61f6f513ac2fae78f3
SHA1 55a8cb2306106de618333440daed0073b5a848b6
SHA256 dc8bd8bb58a32ce52c2c26f704d26d22ee4b30bcdf53bcef11d26f254694fa82
SHA512 4b59f8b46feb53d0b103863cd881e38ec611a4245ddba2cf5ba92e98ca4d74fb253440ca1e147ae20e95f58e9aaedc1322c067354c8c1560202f65ded4444f77

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 25dd5649ead1134fb0e5e355e61e0a24
SHA1 69b137027385016d363943ccb325f26787e46791
SHA256 c3b9eec7f52b8aa995799b6a3d467232ebc3d37772e9c6407442a0b543b0d83c
SHA512 0f6f88490300ba96462985e0a4157a812bb2c5e0424bb8a0e78308c5590495da95ce33e8277b1690b1e2f296369dd652cf83a8d831b9c320d3068277b01e03e6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 107b8b94e0697d0526d9f2b2688e948b
SHA1 254f0926f50306f5b60db3ce22318d8ace7c2736
SHA256 37cc7fe73a4e665bb252a4b73f9b40f3b8e96cd88424c1cbe748ce2c3edc2718
SHA512 762b41c8b797af9b032db6809191591eef0f48aa686c0ccb58b576a75842c27160e1e738b383b6b5bcd14d32686ef4f7e3450b6ae87fb38628a64ad9dc3c3fb6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 315113fb45ffa3c6ca347c2dfcc1670d
SHA1 bbde4ab053716973841c2f123a7bd695038b3577
SHA256 10deeeafba3c3fd006d4243a67ba6cd5489a622fcfa2d1a451f56bb2d097128c
SHA512 fc8ee5985f772be37ccd3bca62bad9fa2d2de610208a1e2e7f5a2e11434993512a71761d1c2ffc99ecf08c6a32abbf806d0b1d6b5cf2e64d5a66e6c36a174353

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\84AFE219AEC53B0C9251F5E19EF019BD_2C9D5E6D83DF507CBE6C15521D5D3562

MD5 d2827f443deeb1dd2b0cb0a9f61cfcbf
SHA1 516216e2e47499698687b24efdf2fd091f9f3cd7
SHA256 5e351cd8d219a72058eab79e500435ede946a98813ad05e04ecad138cf018aaf
SHA512 696586cc3880ee4af9a8e0d288adcdb21728e8ef47679d6206f6d8a1b9c1ed1ffaefaead23c7b4d5a51f5d50212155bb4e73710a80038af279c10e4ea24c6d2c

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\featuredcontentglider[1].htm

MD5 3ea1c8d079b38532a6e01a96216ba5e2
SHA1 598d3ff91d3e252f1e13df8cf0348b270ff2da3f
SHA256 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
SHA512 cb4f800a735d5ec435844ac114a81ee6c4a429138119b97f2266edb87cf729f1a64662190d04917ce955b0bd3681610d49be42cd6782989ecd4b0d87ddf8a03a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cb6cea46c85279c749d42013bf0fc169
SHA1 f8826b0ee7947a0a6e00d2bc6c627b1afe014053
SHA256 8d48f92ec684f056adade55d713f86f3374ea15cee79c8ae0fb3db2038f80d53
SHA512 b5053c19ac0a438e35b98bc29a22e96497bb3750dbb42f7f0ecf2e111de4ac2464d92b4e0ca5da7cf489aabc0f97800de0439cbdf764fa8c5ac3c47bb01c4d63

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 54d1899177999543e9bfb44030a1a99a
SHA1 ebf42d56632bfce819606d6cbbecea77dc728463
SHA256 9e12b2a7fda0f6784dfee5de24d354ab57575e2a808a3a2462635586b860fe89
SHA512 c8c0368127951c8cbe2bac56123be8da6e071e4396c63a67906cd005b9efef7c9711ea1903d789bf5ddc98e52efab68882bbf6b86a0d16a52f2525753c145d8d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0c15094649bf5575bbafca88baeb7cc0
SHA1 cdef6074cf6f877b3ae036ff210c857638973a79
SHA256 a3e35de9596181ff57303676950ea97ea3c70bb1721228089b4811008db8715c
SHA512 914d3563c11f06fa3cfca765359d0c9ee68c3ea78f4e9bd233c5a1c42d96367cbc682a7a0561111feec2c8ee50875526255edb28aea37c969c6c2c591abd2662

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1fc205dcdc7a185a6309a46010ebfbba
SHA1 e84e1e74ccf30f2001b3a66336d55b2b51a1f175
SHA256 7ed98fcde2fc4603abc4a4392a2efb1e3d0e22034dde34992aa3545c7f54cb1c
SHA512 6e10b28ae4a16a5b228b65cc81c47713fa8f0757ae1940500a7e6de2a5853fffe67a8ebbc013d7bed793ff238c427a68239322c4d0bc978a7bbff97e74da94b9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 107b72b5135e36ca030990d64430bbe8
SHA1 fc6bed973b3cc1e54cab82fec93ebb462d420dd5
SHA256 598c1fbd6da23c5134b9e598ce20e0d33dedb861b099bea9b985e2fff76378fd
SHA512 b2781c4d31bfb71cc4816cc2a7e74a516846722a1f998971c5d15f62cd34ef259a661b734403da80662bff878b0208f8e32585667cb47e001ab4b573be4b8201

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 278ec21053da1d5b3ce6dc064bd86838
SHA1 e0b733169b1c910ea0677a88ac42317cdab09e36
SHA256 c6f88bd71ca3acfed90304a3780c04cadad64d36a1135875928f3888f451c492
SHA512 d2fce879629de9fe45a286d5cedff9baf4673350728d0b8cd579320dea4c586b21c7f5383cf1760cabfe36e05a2c550d1356c9aed9e4f7a298ca8c6765b217e3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4594302e5abdf847fc7d92c0a796a518
SHA1 a0396c55a659ac7c0e04a33555e361ad27ca6b5c
SHA256 15492af44a96101074f657ccc0694dd7ec7f093e37b22ba8e4c95226f8229c47
SHA512 325b8bd40bcd592ff719a75837f22e3edd41358c80980d1c3ae1c46b3e0102927177c10921a0e4af2fc0b68992fab5bd97df96da6fb5a069c733ec73055ac9c7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a36d7a5337fc1490105f25a75322a068
SHA1 ab321103968e6c5979e8a2817334e44dec3e72f7
SHA256 ab88e3a435c7d6bd062ae279344ec31392b5f763b2537447d952af9b3606a70d
SHA512 925689b8be45c23733cdd545c40f57c852e668dafb7c8b69f1313cab46378aa3df42384145744e856b67611e6e091386630387d4a1ee7937ed5b7d1d3884d620

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWTP8BNA\platform_gapi.iframes.style.common[1].js

MD5 682c26af19b240f98d2cb951721fa54d
SHA1 18e58b652c7f82a55ab4b1910693686049e25d62
SHA256 96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980
SHA512 078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\cb=gapi[1].js

MD5 f9255a0dec7524a9a3e867a9f878a68b
SHA1 813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b
SHA256 d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d
SHA512 d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ca7547104242e3ca5f395a82e31f891e
SHA1 f0de8f360ac554e62e9229fe18157fffd9762d8a
SHA256 d9a98a85c14dc9234bc9bfe19a8c593da90264a06e95b6ab7646bb29b0d812c0
SHA512 97d522a2a3ff232c5e1f00e18cc1c77a5a8df25fce063c6e8da6d7b4daf927b455b1eda395df675d4036b0a4b957d1840439d49f90f8cdda425250709d70965d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b6901ad02e57df6a3915feface3bb9e4
SHA1 2620f0772e8b5c2a7cb290c29836077528ab860e
SHA256 e06ad7ff829c95dfe25acb80cc35dca13f7a4c2968b97d22ddd67a28f6d65d48
SHA512 ac174173b324895ea5e9382b9755584e7ef1d7a94603f04a3a8c223a98ba6cef6fef5fb178e64bbd2d1c73a49ef5d7d9738320dfde309df8e37294248318df07

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 aff0001d9e45d3d8238b17e19830a2c0
SHA1 5c1bba06eb92dbdbf4cb4ee53494925f50fb5385
SHA256 d6a8353688e26746133bf837f85508cbde2a2ed29a2249ea57ca08ce861994f1
SHA512 4eacc0b93fd7cf3d503dcf12fe52d0032dfde98636251960bc628ae1b7ccc37066c883a7797a52197b672b76b3a2560c77df73225e2ecee3e7044d7a7796bd92

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6624748c6a3fc26cf91d334d00cba1d0
SHA1 aae4819fbb3385cd43fe15ff87b9e4ce950e3c24
SHA256 73788b70b17524ddd5e38a2258432fb71483f7258cc6b373b9bd8acfa7c6f8ec
SHA512 3544046a92c3dcfe2175481ba79b458caaac2a0a5bff6938521707d986847d52717bd2732bc6247d5921340e2c9677f647f489af4df73c80be1cf9273b6865a4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1

MD5 c5dfb849ca051355ee2dba1ac33eb028
SHA1 d69b561148f01c77c54578c10926df5b856976ad
SHA256 cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b
SHA512 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 48579281bae5c9eb5bfdc76a113838b2
SHA1 b5f30de14b66ff74c05738968c638491580e4417
SHA256 62da2dfcfe051d3e65e2a2503ebd743e550bd66bd3852bea255656de5dc5ed23
SHA512 89d4fa5b3980dbe17aa3f10654009668429f85a42b035fce6f0d500f7af82645bdb5f7d309ccdb24c3a0523204ef56d3dc8ac8e25e90e87d0e643d78414180b7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4714d6924351077c5fa429b442ed1023
SHA1 c772e71ab950baa42b20b8936894e5f7039da9ba
SHA256 915cd4258c67779d41c8f8b4a9b1a7b33c8f0d62c50d32f80f5d9c453c9c4efb
SHA512 f645db035aab35c0f4c4553acc9f52d5e6b655a6a8150348ea98e296d265952aa7f39abbaf7a4a0ec018f667ad4ca1215210a9e157b6053bafefcdd2701425ef

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 035daa667567e6259f185b6ec079d43e
SHA1 2cfa4cd5fd405f51b8297919a41a1e8f232204d1
SHA256 2c71c61a33761e59a2140d4de4971b2c3e6fd5ae767ab7cba17748289bfbfd71
SHA512 181260ed6ccb6735253ca22dce40ef2dbe7acc0798a733b69912b1b362b6ea63ce02a30af0d6817d1cc65fa31854db9b301f13542889671776ee4623c699c430

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 360ba198c635c8f68812d336c8f782b5
SHA1 39c4fd4ae6da29d14e8d662b3645650b77169196
SHA256 1702ef97d6e661fe5574c49c3cceadc762e62bc9bc3c9a9f35e7bd3d4be5fe24
SHA512 da1f94cd98b51318a155d413da85e116e9441320aa9874e96099cab5c730b32a0342f862c6214eb710f2a6a0eb82a57d0336f3bece0cdbe39befe8b2cfe751b6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f753d2a561052d95dafc1957a20cf0ac
SHA1 aa1da3ca70db9b8def73283c997a8044438097ab
SHA256 1abea81e22b3f9a1017c45b120891bc414cf7dcde97d97755bd9240a1ccb953d
SHA512 983adf0a3f49e21885d56706e379caa817affb7fc096c3344f6c0236f82ff691c3ddbcc3b408c83c1ea037ea84835b13cc51c389d765871f6decd6b979e7091e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d025cae32899db3831a63efb2a75bb4e
SHA1 73e68d6343aa680d4473228c4bc8ce80d35fedf2
SHA256 abb029f71a62ef69cf9ed88162b0cc1a2836f0477f61fc35de29dd21a4537d9f
SHA512 92f59e04a6d1cacfe2910fdc328c3d2bb6e95b1197f0058ac1e4e6412a768f7fdc5aa3baf8a44aced52b3e133de6a90e8be19ebd0d1b68eccb4bc3b8cb25a1b0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1

MD5 8ae43f0379ee712290aacb7a34e10492
SHA1 37cd952bbd61035dfcb8adaa943f97ccc98b96b1
SHA256 c2f01db852a4a55dad080177712abe7ef1da4313598277ba924f1639875df821
SHA512 0abcfe4ccde1562159f62ae3e9bebc2272c5ec8d53deb8be30e02f28f2802ace2a9f7fc6d1c7e6c18aa411fd9401a61ef58204f5ab54d8216d600aad66e60426

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 80872506a7f717d79b80fa99c225bbcc
SHA1 b28fa864e921cf3ea4b8c5fcc37f7f19cc048177
SHA256 d5b97921ef3f96a933832bb39a854d0dd1e2bda7279a993b2b374e340f139efa
SHA512 690af27f70bbc3a2f235f9095f4cb0e2272e1e039738037297a294b671f51e4352ff528378e2d7e27b2bee51dbd479accf944c109422cbb1f42b77e6b7f71bb4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7e775f50c60c6b3e3c72202ffa0ae367
SHA1 971db5cb0b91c733367699276a7e855386ddf88a
SHA256 6d4301b4515e7cc5ac9d97eb2f9d64e2b0b9e5854ce8ddbc7952ffc82e7cd2a6
SHA512 eea63fa37506633ef5f256c69264df32035074f774044529a574e774c44b22660269af190e40bea748396de109cddbd0a2c532f061f8e647fa1e6dd432a72a1e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 29185d069b071b67eb6f2cf5b54ac982
SHA1 4b6fabbf795ff899f86c78b7080abb02b7233228
SHA256 49cfac96847429f57bffc28cb70af115a0c39db193862d6461e16c3e7d8bfb06
SHA512 cab3fdd98472bd129fd24fba3ca3b759b2537dfe1685f853fc539447ac914a6e03ae4862b4008efae7ccb3f8f51ba8fc73acd7044c9d970ed308a7963d052322

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 56549cc68056a7ee286a3f9f5349e552
SHA1 1525ea553cc99b65998d30653b825482d1426480
SHA256 cca0c867ebdd3cd212923ff927331e310f2bbf31391eff5abef690b14dc50693
SHA512 82305a88a55955e443ddc9a0691d849c66b2f8d4f1151f4524b9d54cd110194d5de59f62f878429b199d1c5bd7d908073f1e8a77884f224ec0d66a9216fcd556

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ac67c11e63586856fe5ed2cb9261688e
SHA1 dc17f9f7fd1750a38d866c0b2536fa39b560c5ba
SHA256 d233adfc10fb66f382088358b274390452f0dfa8c1b83e9f580ab948847639fe
SHA512 c3ea14dfc6c0a0a5dacd63e7c300269d64ec2d5fb5b56fe15dd5fc0239775e87d9bb869ff891f93d9811a001ccd31f971e569d0d660b7c8dca2f397e3362f935

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4f71569b938f5f03ad49ba52e77d7a8e
SHA1 4090dff376653dd9029fdbce10f9fda7361c6f68
SHA256 bafed1c7b728894533d3c1d5ef49eeab05b4b3d54bc1c17ac9fb85cb492eb828
SHA512 2be26349b7e8d8389525075059b35dd5fd6f1dd56c570ecdb9f3899d604720a3bdd15da54034dd7ab9a1c22172cf80677931a7669b3236937d2423d4e27b3486

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6b5cd2cda641ded9fadd4325fbda66bc
SHA1 6e1322b846a0201615433cadcc2daa928c6eb30f
SHA256 b6898f2bd97d4774c612d1f7458c5b0901c225db4df6e34093bff48f3a7f0597
SHA512 f3449c435c72402567a1f958dbaf51ce75058a40b837087a2644a8c02ece3812166e1bee15dfc33326f6398df55504b8724fa57b076e5048b0ba6752074f5f99

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fb2bb07f24b1c0b39c3005043fa042e8
SHA1 eee05780f820473c5124f3bc200f3a68b7f85103
SHA256 c86b70d49aff52a78fc35c117a8673a2e66d768b0899ca75dfe962c6a5513f56
SHA512 c3d0b1c3ac68fd39cfb2115975d61b81b88937b10019f60fe98e42d4a7789881e6a54ca879cb2a7a00e9ffce0b1645bab0837ef3fffb1c63f672e819cd0b2b7d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1a5a709052d22af41c1513b37068027e
SHA1 4c76996355f2f4f4ede28714a3d02fb17eeea4b4
SHA256 730e80c5ff1d35d4342e3aefcdc99abcd36756a7147ad6fe01da4f8cf715a7f9
SHA512 6b122a59f8ed4ebfdb37fbdcd814a463b8eac05d235a3372dd3b91e7d872618c643d187f6ffd7a14ac2402a84beaf3ae559eee22757c1f290ab5111674996705

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2bb2c5c4c3e9ba6bf6e6070bd025b79f
SHA1 d1cb63a60ae9107eb461e6414511f4a8dcaa781a
SHA256 7c570ec24553bbef875126f698a55f3a24376eb3c5513ca72045668c3415d3ba
SHA512 3b4a23fe7e1a14241156617b0392a1837d0caceaa6bfa65fd94fc0de02b1dc0125b93ae4c664479195cd6a3ec17916554199eb4497842e4601659bcde280b878

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2eacec30cef719bbf4d392ed4ed5c323
SHA1 c14078bf0b2d6157cf61071fe95d8beeeee8ab1f
SHA256 ad00e16163b6e92765014a53b32846420a9f3d2d0623472cbe584795b2e27600
SHA512 6602700063d3438ec6751d2318c2174e01a1d49f929ee53e28d263caf9726afe98ad0d8fc02332db7fe9848447636c227f50ec3a398e7b02fa3f62f8a5c99139

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d2e636e1f1c75068e525bc9d30902ab5
SHA1 5858de0ae058ba4c75c260e0467aa4abc41b0613
SHA256 d45118035a73c8a74a84a3519946ac952ea0d00ca63eb004ab859b382d21cd93
SHA512 34ec847569f601dfa8ef203b76e67d45e65704cbf07da33dcf0470f118e6e6d7b07dea72e952a40ccbbd09a9eb4f0f5d744c81ff3a5ec31b53fa0af34fea004d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4670a97ce01e6559504513952d5e791f
SHA1 29497daf88e749099d35f5bbb1dfa87e76bd7482
SHA256 5fa7d884610278a161be5f5f72aca39f6b625279abde24f98a80c63d1748dc4e
SHA512 37ce105fcbc1f7ac0b5da87d98012eb2d688b0e4291c806889f6769c8ccb9a59f57825dc50da7174f27d1d1df5ef8f1976f22d4c26ab2074819b0c475e97fea2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0c32964ee7fd47b4d71da1ebd3224b9a
SHA1 72d95afd1ee2fba7b25131fb74567bd863e56ce6
SHA256 147536394899b4e575a3a09d98d16ae0636837fbba465d604823e5949d1af5f0
SHA512 a34e5069f24261fe8e5a0eaaead11b361044789619c0049ac540e5b5814a2095067aa75152ec925fb6c530d555f34d15cf9a8dce26d4d41f93691c21d12f0216

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 23a6d9a29d0ae683ed4a90a19db4b992
SHA1 deaa302674b30adaee9497c17f37f168cd40d92e
SHA256 f7f2ddd2e9247522c491c7a980b16bddade85733ad098c7f8c1ff88c27c75723
SHA512 bd067422a64457ee5f6887f1c9371c3a38cd80d298d08cd05939acfc4d7079935864e75af50d4acf4ac9d68140edcea2f3eb28b21375ef1e654b6455f0d18ea3

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 01:02

Reported

2024-06-14 01:05

Platform

win10v2004-20240226-en

Max time kernel

142s

Max time network

155s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a77165a30e64d292708150aa34747995_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a77165a30e64d292708150aa34747995_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4924 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5792 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4072 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5464 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=4560 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=6036 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=6316 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=3960 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=4600 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=6064 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 13.107.6.158:443 business.bing.com tcp
GB 51.140.242.104:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.opendrive.com udp
US 8.8.8.8:53 www.opendrive.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 lh6.ggpht.com udp
US 8.8.8.8:53 lh6.ggpht.com udp
US 8.8.8.8:53 www.mega-premium.com udp
US 8.8.8.8:53 www.mega-premium.com udp
GB 23.73.139.50:443 bzib.nelreports.net tcp
GB 142.250.178.9:443 www.blogger.com tcp
BE 23.55.97.181:443 www.microsoft.com tcp
US 38.108.185.79:80 www.opendrive.com tcp
US 38.108.185.79:80 www.opendrive.com tcp
US 38.108.185.79:80 www.opendrive.com tcp
GB 142.250.200.1:80 lh6.ggpht.com tcp
GB 142.250.200.14:443 apis.google.com tcp
US 54.209.32.212:80 www.mega-premium.com tcp
US 8.8.8.8:53 img155.imageshack.us udp
US 8.8.8.8:53 img155.imageshack.us udp
US 38.99.77.16:80 img155.imageshack.us tcp
US 8.8.8.8:53 img843.imageshack.us udp
US 8.8.8.8:53 img843.imageshack.us udp
US 8.8.8.8:53 www.opendrive.com udp
US 8.8.8.8:53 www.opendrive.com udp
US 38.108.185.79:443 www.opendrive.com tcp
US 38.108.185.79:443 www.opendrive.com tcp
US 38.108.185.79:443 www.opendrive.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 img839.imageshack.us udp
US 8.8.8.8:53 img839.imageshack.us udp
US 38.99.77.16:80 img839.imageshack.us tcp
US 8.8.8.8:53 104.242.140.51.in-addr.arpa udp
US 8.8.8.8:53 158.6.107.13.in-addr.arpa udp
US 8.8.8.8:53 9.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 181.97.55.23.in-addr.arpa udp
US 8.8.8.8:53 50.139.73.23.in-addr.arpa udp
US 8.8.8.8:53 1.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 212.32.209.54.in-addr.arpa udp
US 8.8.8.8:53 79.185.108.38.in-addr.arpa udp
US 8.8.8.8:53 16.77.99.38.in-addr.arpa udp
US 38.108.185.79:443 www.opendrive.com tcp
US 8.8.8.8:53 settings.messenger.live.com udp
US 8.8.8.8:53 settings.messenger.live.com udp
US 8.8.8.8:53 settings.messenger.live.com udp
US 8.8.8.8:53 messenger.services.live.com udp
US 8.8.8.8:53 messenger.services.live.com udp
US 8.8.8.8:53 od.lk udp
US 8.8.8.8:53 od.lk udp
US 184.105.177.70:443 od.lk tcp
US 184.105.177.70:443 od.lk tcp
US 184.105.177.70:443 od.lk tcp
US 64.4.45.211:80 messenger.services.live.com tcp
US 64.4.45.211:80 messenger.services.live.com tcp
US 8.8.8.8:53 img843.imageshack.us udp
US 8.8.8.8:53 img843.imageshack.us udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 edgestatic.azureedge.net udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 8.8.8.8:53 c.s-microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 64.4.45.211:80 messenger.services.live.com tcp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 www.e-referrer.com udp
US 8.8.8.8:53 www.e-referrer.com udp
US 8.8.8.8:53 jb.revolvermaps.com udp
US 8.8.8.8:53 jb.revolvermaps.com udp
US 8.8.8.8:53 dl.dropbox.com udp
US 8.8.8.8:53 dl.dropbox.com udp
US 8.8.8.8:53 js-kit.com udp
US 8.8.8.8:53 js-kit.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 img837.imageshack.us udp
US 8.8.8.8:53 img837.imageshack.us udp
US 8.8.8.8:53 img812.imageshack.us udp
US 8.8.8.8:53 img812.imageshack.us udp
GB 142.250.200.14:443 apis.google.com udp
DE 185.44.104.99:80 jb.revolvermaps.com tcp
US 38.99.77.16:80 img812.imageshack.us tcp
GB 142.250.178.9:443 resources.blogblog.com tcp
US 38.99.77.17:80 img812.imageshack.us tcp
US 8.8.8.8:53 70.177.105.184.in-addr.arpa udp
US 8.8.8.8:53 99.104.44.185.in-addr.arpa udp
US 38.99.77.16:80 img812.imageshack.us tcp
US 38.99.77.17:80 img812.imageshack.us tcp
US 8.8.8.8:53 img843.imageshack.us udp
US 8.8.8.8:53 dl.dropbox.com udp
US 8.8.8.8:53 js-kit.com udp
US 8.8.8.8:53 js-kit.com udp
GB 162.125.64.15:443 dl.dropbox.com tcp
GB 162.125.64.15:443 dl.dropbox.com tcp
FR 52.222.169.52:80 js-kit.com tcp
US 8.8.8.8:53 17.77.99.38.in-addr.arpa udp
GB 162.125.64.15:443 dl.dropbox.com tcp
US 38.99.77.16:80 img843.imageshack.us tcp
US 38.99.77.16:80 img843.imageshack.us tcp
US 8.8.8.8:53 www.e-referrer.com udp
US 8.8.8.8:53 www.e-referrer.com udp
US 8.8.8.8:53 lh3.ggpht.com udp
US 8.8.8.8:53 lh3.ggpht.com udp
US 8.8.8.8:53 www.powertrafego.co.cc udp
US 8.8.8.8:53 www.powertrafego.co.cc udp
US 8.8.8.8:53 www.powertrafego.co.cc udp
US 8.8.8.8:53 img338.imageshack.us udp
US 8.8.8.8:53 img338.imageshack.us udp
US 8.8.8.8:53 img404.imageshack.us udp
US 8.8.8.8:53 img404.imageshack.us udp
US 8.8.8.8:53 uploaddeimagens.com.br udp
US 8.8.8.8:53 uploaddeimagens.com.br udp
US 8.8.8.8:53 js-kit.com udp
US 8.8.8.8:53 js-kit.com udp
US 8.8.8.8:53 a.imageshack.us udp
US 8.8.8.8:53 a.imageshack.us udp
US 8.8.8.8:53 img408.imageshack.us udp
US 8.8.8.8:53 img408.imageshack.us udp
US 8.8.8.8:53 img198.imageshack.us udp
US 8.8.8.8:53 img198.imageshack.us udp
US 8.8.8.8:53 lh5.ggpht.com udp
US 8.8.8.8:53 lh5.ggpht.com udp
GB 142.250.200.1:80 lh6.ggpht.com tcp
US 8.8.8.8:53 img375.imageshack.us udp
US 8.8.8.8:53 img375.imageshack.us udp
US 38.99.77.17:80 img375.imageshack.us tcp
US 38.99.77.17:80 img375.imageshack.us tcp
US 172.67.215.45:80 uploaddeimagens.com.br tcp
US 38.99.77.16:80 img375.imageshack.us tcp
GB 142.250.178.2:445 pagead2.googlesyndication.com tcp
US 38.99.77.16:80 img375.imageshack.us tcp
GB 142.250.180.1:80 lh5.ggpht.com tcp
US 8.8.8.8:53 52.169.222.52.in-addr.arpa udp
US 172.67.215.45:80 uploaddeimagens.com.br tcp
KR 175.126.123.219:80 www.powertrafego.co.cc tcp
US 38.99.77.16:80 img375.imageshack.us tcp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 feeds.feedburner.com udp
US 8.8.8.8:53 feeds.feedburner.com udp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
US 8.8.8.8:53 www.centralblogs.com.br udp
US 8.8.8.8:53 www.centralblogs.com.br udp
GB 216.58.204.78:80 feeds.feedburner.com tcp
US 192.0.78.169:80 www.centralblogs.com.br tcp
US 8.8.8.8:53 whosread.com udp
US 8.8.8.8:53 whosread.com udp
US 8.8.8.8:53 pr.prchecker.info udp
US 8.8.8.8:53 pr.prchecker.info udp
US 67.227.215.171:80 pr.prchecker.info tcp
US 8.8.8.8:53 whos.amung.us udp
US 8.8.8.8:53 whos.amung.us udp
US 8.8.8.8:53 www.e-referrer.com udp
US 8.8.8.8:53 www.e-referrer.com udp
US 8.8.8.8:53 lh3.ggpht.com udp
US 8.8.8.8:53 lh3.ggpht.com udp
US 8.8.8.8:53 www.powertrafego.co.cc udp
US 8.8.8.8:53 js-kit.com udp
US 8.8.8.8:53 js-kit.com udp
US 8.8.8.8:53 a.imageshack.us udp
US 8.8.8.8:53 a.imageshack.us udp
US 8.8.8.8:53 img198.imageshack.us udp
US 8.8.8.8:53 img198.imageshack.us udp
US 38.99.77.17:80 img198.imageshack.us tcp
US 38.99.77.16:80 img198.imageshack.us tcp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 45.215.67.172.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 169.78.0.192.in-addr.arpa udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 219.123.126.175.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 171.215.227.67.in-addr.arpa udp
US 38.99.77.16:80 img198.imageshack.us tcp
US 8.8.8.8:53 img705.imageshack.us udp
US 8.8.8.8:53 img705.imageshack.us udp
US 8.8.8.8:53 i40.tinypic.com udp
US 8.8.8.8:53 i40.tinypic.com udp
US 8.8.8.8:53 i40.tinypic.com udp
US 8.8.8.8:53 img69.imageshack.us udp
US 8.8.8.8:53 img69.imageshack.us udp
US 38.99.77.17:80 img69.imageshack.us tcp
US 38.99.77.17:80 img69.imageshack.us tcp
US 38.99.77.17:80 img69.imageshack.us tcp
US 8.8.8.8:53 www.contaspremiadas.com.br udp
US 8.8.8.8:53 www.contaspremiadas.com.br udp
US 8.8.8.8:53 lh4.ggpht.com udp
GB 142.250.178.2:139 pagead2.googlesyndication.com tcp
US 8.8.8.8:53 lh4.ggpht.com udp
GB 142.250.180.1:80 lh4.ggpht.com tcp
US 8.8.8.8:53 www.e-referrer.com udp
US 8.8.8.8:53 lh3.ggpht.com udp
US 8.8.8.8:53 www.powertrafego.co.cc udp
US 8.8.8.8:53 js-kit.com udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
FR 52.222.169.79:443 js-kit.com tcp
FR 52.222.169.79:443 js-kit.com tcp
US 8.8.8.8:53 79.169.222.52.in-addr.arpa udp
US 20.231.121.79:80 tcp
US 104.26.0.2:443 www.e-referrer.com tcp
GB 142.250.180.1:80 lh3.ggpht.com tcp
GB 142.250.180.1:80 lh3.ggpht.com tcp
GB 142.250.180.1:80 lh3.ggpht.com tcp
GB 142.250.180.1:80 lh3.ggpht.com tcp
US 104.26.0.2:443 www.e-referrer.com tcp
US 8.8.8.8:53 2.0.26.104.in-addr.arpa udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 losolvidados.com.br udp
US 8.8.8.8:53 losolvidados.com.br udp
US 8.8.8.8:53 www.cursos24h.com.br udp
US 8.8.8.8:53 www.cursos24h.com.br udp
US 8.8.8.8:53 www.wieistmeineip.de udp
US 8.8.8.8:53 www.wieistmeineip.de udp
DE 18.193.135.209:80 www.wieistmeineip.de tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 8.8.8.8:53 losolvidados.com.br udp
US 52.203.100.79:80 www.cursos24h.com.br tcp
US 8.8.8.8:53 losolvidados.com.br udp
US 8.8.8.8:53 209.135.193.18.in-addr.arpa udp
US 8.8.8.8:53 79.100.203.52.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.189.173.20:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 losolvidados.com.br udp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 8.8.8.8:53 20.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 powertrafego.co.cc udp
US 8.8.8.8:53 powertrafego.co.cc udp
US 8.8.8.8:53 powertrafego.co.cc udp
US 8.8.8.8:53 uploaddeimagens.com.br udp
US 8.8.8.8:53 uploaddeimagens.com.br udp
US 8.8.8.8:53 whosread.com udp
US 8.8.8.8:53 whosread.com udp
US 8.8.8.8:53 whos.amung.us udp
US 8.8.8.8:53 whos.amung.us udp
US 8.8.8.8:53 pr.prchecker.info udp
US 8.8.8.8:53 pr.prchecker.info udp
US 8.8.8.8:53 www.contaspremiadas.com.br udp
US 8.8.8.8:53 www.contaspremiadas.com.br udp
US 8.8.8.8:53 www.wieistmeineip.de udp
US 8.8.8.8:53 www.wieistmeineip.de udp
US 8.8.8.8:53 www.freedownloadbr.net udp
US 8.8.8.8:53 www.freedownloadbr.net udp
US 8.8.8.8:53 centralblogs.com.br udp
US 8.8.8.8:53 centralblogs.com.br udp
US 8.8.8.8:53 settings.messenger.live.com udp
US 8.8.8.8:53 settings.messenger.live.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
NL 185.107.56.194:80 www.freedownloadbr.net tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
GB 142.250.178.9:443 www.blogger.com tcp
US 8.8.8.8:53 194.56.107.185.in-addr.arpa udp
US 8.8.8.8:53 powertrafego.co.cc udp
US 8.8.8.8:53 powertrafego.co.cc udp
US 8.8.8.8:53 powertrafego.co.cc udp
US 8.8.8.8:53 uploaddeimagens.com.br udp
US 8.8.8.8:53 uploaddeimagens.com.br udp
US 8.8.8.8:53 whosread.com udp
US 8.8.8.8:53 whos.amung.us udp
US 8.8.8.8:53 whos.amung.us udp
US 8.8.8.8:53 pr.prchecker.info udp
US 8.8.8.8:53 pr.prchecker.info udp
US 8.8.8.8:53 www.contaspremiadas.com.br udp
US 8.8.8.8:53 www.contaspremiadas.com.br udp
US 8.8.8.8:53 www.wieistmeineip.de udp
US 8.8.8.8:53 www.wieistmeineip.de udp
US 8.8.8.8:53 centralblogs.com.br udp
US 8.8.8.8:53 centralblogs.com.br udp
US 8.8.8.8:53 settings.messenger.live.com udp
US 104.21.45.138:443 uploaddeimagens.com.br udp
KR 175.126.123.219:443 powertrafego.co.cc tcp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
DE 18.193.135.209:443 www.wieistmeineip.de tcp
US 8.8.8.8:53 www.blogger.com udp
KR 175.126.123.219:443 powertrafego.co.cc tcp
DE 18.193.135.209:443 www.wieistmeineip.de tcp
US 8.8.8.8:53 138.45.21.104.in-addr.arpa udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
GB 142.250.178.9:443 www.blogger.com udp
US 8.8.8.8:53 whosread.com udp
US 8.8.8.8:53 whos.amung.us udp
US 8.8.8.8:53 www.contaspremiadas.com.br udp
US 8.8.8.8:53 pr.prchecker.info udp
US 67.227.215.171:443 pr.prchecker.info tcp
US 8.8.8.8:53 centralblogs.com.br udp
US 8.8.8.8:53 settings.messenger.live.com udp
US 172.67.210.16:443 www.contaspremiadas.com.br tcp
US 172.67.210.16:443 www.contaspremiadas.com.br tcp
US 192.0.78.169:443 centralblogs.com.br tcp
US 192.0.78.169:443 centralblogs.com.br tcp
US 172.67.8.141:443 whos.amung.us tcp
US 104.21.73.83:443 whosread.com tcp
US 172.67.8.141:443 whos.amung.us tcp
US 104.21.73.83:443 whosread.com tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 widgets.amung.us udp
US 8.8.8.8:53 widgets.amung.us udp
US 13.107.246.64:443 edgestatic.azureedge.net tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 widgets.amung.us udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 83.73.21.104.in-addr.arpa udp
US 8.8.8.8:53 16.210.67.172.in-addr.arpa udp
US 8.8.8.8:53 141.8.67.172.in-addr.arpa udp
US 104.22.75.171:443 widgets.amung.us udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 171.75.22.104.in-addr.arpa udp
US 172.67.70.165:443 www.e-referrer.com tcp
US 8.8.8.8:53 165.70.67.172.in-addr.arpa udp
US 8.8.8.8:53 67.31.126.40.in-addr.arpa udp
US 172.67.8.141:443 tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 52.26.18.68:443 tcp
US 52.26.18.68:443 tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 powertrafego.co.cc udp
US 8.8.8.8:53 68.18.26.52.in-addr.arpa udp
FR 18.164.52.20:443 tcp
US 3.165.136.61:443 tcp
US 104.21.27.152:443 tcp
US 8.8.8.8:53 s10.histats.com udp
US 8.8.8.8:53 s10.histats.com udp
US 52.26.18.68:443 tcp
US 104.20.19.71:80 s10.histats.com tcp
FR 18.164.52.20:443 tcp
US 104.21.27.152:443 tcp
US 104.20.19.71:80 s10.histats.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 52.26.18.68:443 tcp
GB 142.250.200.42:443 ajax.googleapis.com tcp
US 3.165.136.61:443 tcp
US 8.8.8.8:53 pcp-img2.cc.cc udp
US 8.8.8.8:53 pcp-img2.cc.cc udp
US 3.164.163.110:443 pcp-img2.cc.cc tcp
US 151.101.1.229:443 tcp
US 104.21.42.204:443 www.contaspremiadas.com.br tcp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
NL 23.62.61.194:443 www.bing.com tcp
US 192.0.78.169:443 centralblogs.com.br udp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 204.42.21.104.in-addr.arpa udp
US 3.164.163.110:443 pcp-img2.cc.cc tcp
N/A 224.0.0.251:5353 udp
DE 18.197.237.253:443 www.wieistmeineip.de tcp
US 8.8.8.8:53 rf.revolvermaps.com udp
US 8.8.8.8:53 rf.revolvermaps.com udp
US 8.8.8.8:53 rf.revolvermaps.com udp
US 8.8.8.8:53 jf.revolvermaps.com udp
US 8.8.8.8:53 jf.revolvermaps.com udp
US 8.8.8.8:53 img80.imageshack.us udp
US 8.8.8.8:53 img80.imageshack.us udp
US 38.99.77.16:80 img69.imageshack.us tcp
US 8.8.8.8:53 rf.revolvermaps.com udp
DE 185.44.104.99:80 rf.revolvermaps.com tcp
US 8.8.8.8:53 jf.revolvermaps.com udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 38.99.77.16:80 img69.imageshack.us tcp
US 8.8.8.8:53 2.36.159.162.in-addr.arpa udp
DE 185.44.104.99:80 jf.revolvermaps.com tcp
DE 185.44.104.99:80 jf.revolvermaps.com tcp
DE 185.44.104.99:80 jf.revolvermaps.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 52.26.18.68:443 tcp
US 52.26.18.68:443 tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 151.101.1.229:443 tcp
US 151.101.1.229:443 tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 104.21.27.152:443 tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 img297.imageshack.us udp
US 8.8.8.8:53 img297.imageshack.us udp
US 38.99.77.17:80 img297.imageshack.us tcp
US 8.8.8.8:53 pedroreidodownload.blogspot.com udp
US 8.8.8.8:53 pedroreidodownload.blogspot.com udp
GB 142.250.200.1:80 pedroreidodownload.blogspot.com tcp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 rf.revolvermaps.com udp
DE 185.44.104.99:80 rf.revolvermaps.com tcp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
DE 185.44.104.99:80 rf.revolvermaps.com tcp
US 8.8.8.8:53 10.179.89.13.in-addr.arpa udp

Files

N/A