Analysis Overview
SHA256
39e7d258a6f1dc38e7a3715788be486cb78c774a3db59c41e3e7a1d2048c8db9
Threat Level: Known bad
The file 2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe was found to be: Known bad.
Malicious Activity Summary
Detected microsoft outlook phishing page
Executes dropped EXE
UPX packed file
Adds Run key to start application
Drops file in Windows directory
Unsigned PE
Suspicious use of WriteProcessMemory
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-18 08:38
Signatures
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-18 08:38
Reported
2024-06-18 08:41
Platform
win7-20240611-en
Max time kernel
150s
Max time network
148s
Command Line
Signatures
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\services.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\JavaVM = "C:\\Windows\\java.exe" | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Services = "C:\\Windows\\services.exe" | C:\Windows\services.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\services.exe | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | N/A |
| File opened for modification | C:\Windows\java.exe | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | N/A |
| File created | C:\Windows\java.exe | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2644 wrote to memory of 2472 | N/A | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | C:\Windows\services.exe |
| PID 2644 wrote to memory of 2472 | N/A | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | C:\Windows\services.exe |
| PID 2644 wrote to memory of 2472 | N/A | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | C:\Windows\services.exe |
| PID 2644 wrote to memory of 2472 | N/A | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | C:\Windows\services.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe"
C:\Windows\services.exe
"C:\Windows\services.exe"
Network
| Country | Destination | Domain | Proto |
| N/A | 10.126.94.178:1034 | tcp | |
| N/A | 192.168.2.157:1034 | tcp | |
| N/A | 10.227.85.66:1034 | tcp | |
| N/A | 172.16.1.5:1034 | tcp | |
| N/A | 10.179.108.182:1034 | tcp | |
| N/A | 10.241.35.61:1034 | tcp | |
| US | 8.8.8.8:53 | alumni.caltech.edu | udp |
| US | 8.8.8.8:53 | alumni-caltech-edu.mail.protection.outlook.com | udp |
| US | 8.8.8.8:53 | gzip.org | udp |
| US | 52.101.194.13:25 | alumni-caltech-edu.mail.protection.outlook.com | tcp |
| US | 8.8.8.8:53 | gzip.org | udp |
| US | 85.187.148.2:25 | gzip.org | tcp |
| N/A | 192.168.2.111:1034 | tcp | |
| US | 8.8.8.8:53 | alumni.caltech.edu | udp |
| US | 99.83.190.102:25 | alumni.caltech.edu | tcp |
| US | 85.187.148.2:25 | gzip.org | tcp |
| N/A | 192.168.2.12:1034 | tcp |
Files
C:\Windows\services.exe
| MD5 | b0fe74719b1b647e2056641931907f4a |
| SHA1 | e858c206d2d1542a79936cb00d85da853bfc95e2 |
| SHA256 | bf316f51d0c345d61eaee3940791b64e81f676e3bca42bad61073227bee6653c |
| SHA512 | 9c82e88264696d0dadef9c0442ad8d1183e48f0fb355a4fc9bf4fa5db4e27745039f98b1fd1febff620a5ded6dd493227f00d7d2e74b19757685aa8655f921c2 |
memory/2472-11-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2644-10-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2644-9-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2644-8-0x0000000000500000-0x0000000000510200-memory.dmp
C:\Users\Admin\AppData\Local\Temp\zincite.log
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/2472-18-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2472-23-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2644-24-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2644-25-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2472-30-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2472-32-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2472-37-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2472-42-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2472-44-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2472-49-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2472-54-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2644-55-0x0000000000500000-0x0000000000510200-memory.dmp
memory/2472-56-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2472-61-0x0000000000400000-0x0000000000408000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\zincite.log
| MD5 | 5ec00036cc827057cf9fdb011627c514 |
| SHA1 | 6cb12d259d0a885029d1ae7f54569eaac777f389 |
| SHA256 | 05c554789990d93be0c48fb9d4a787711d76a0ff4745590be17a2b78578b5b11 |
| SHA512 | d090138b6d6dc3a11bef3de830aa548e4f1c050426b170f3150d7f5b29967156f1262fd593fcb8373ca08e2ed99ea13d6f8e93ab13dd80e0d75aea09cde6a578 |
C:\Users\Admin\AppData\Local\Temp\tmpCCE3.tmp
| MD5 | 5eaccb71601b4bf5a6128c1bbb880267 |
| SHA1 | 700792cdc2a8a09a4ab5141d8f7693ebce851504 |
| SHA256 | 7d0d98e4b02da5c5b11699434fe072918c78a1836187336964aba720af0d0f7f |
| SHA512 | 2beca064c60c4aa4642995db020d7dd8de6a656fbeb6466c2f8f0560ae553be85b8b3f21cc1e1f5b2b11aea7de100f0645001db17ccf2db50528ee5f626353d3 |
memory/2644-87-0x0000000000500000-0x0000000000510200-memory.dmp
memory/2472-88-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2644-89-0x0000000000500000-0x0000000000510200-memory.dmp
memory/2472-90-0x0000000000400000-0x0000000000408000-memory.dmp
memory/2644-94-0x0000000000500000-0x0000000000510200-memory.dmp
memory/2472-95-0x0000000000400000-0x0000000000408000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-18 08:38
Reported
2024-06-18 08:41
Platform
win10v2004-20240611-en
Max time kernel
150s
Max time network
151s
Command Line
Signatures
Detected microsoft outlook phishing page
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\services.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\JavaVM = "C:\\Windows\\java.exe" | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Services = "C:\\Windows\\services.exe" | C:\Windows\services.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\services.exe | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | N/A |
| File opened for modification | C:\Windows\java.exe | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | N/A |
| File created | C:\Windows\java.exe | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 4912 wrote to memory of 4628 | N/A | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | C:\Windows\services.exe |
| PID 4912 wrote to memory of 4628 | N/A | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | C:\Windows\services.exe |
| PID 4912 wrote to memory of 4628 | N/A | C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe | C:\Windows\services.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2e44355a41c2cf29f749f39907916170_NeikiAnalytics.exe"
C:\Windows\services.exe
"C:\Windows\services.exe"
Network
| Country | Destination | Domain | Proto |
| N/A | 10.126.94.178:1034 | tcp | |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| BE | 88.221.83.251:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.56.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| N/A | 192.168.2.157:1034 | tcp | |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.139.73.23.in-addr.arpa | udp |
| N/A | 10.227.85.66:1034 | tcp | |
| US | 8.8.8.8:53 | m-ou.se | udp |
| US | 8.8.8.8:53 | aspmx4.googlemail.com | udp |
| US | 8.8.8.8:53 | acm.org | udp |
| SG | 74.125.200.27:25 | aspmx4.googlemail.com | tcp |
| US | 8.8.8.8:53 | mail.mailroute.net | udp |
| US | 199.89.3.120:25 | mail.mailroute.net | tcp |
| US | 8.8.8.8:53 | cs.stanford.edu | udp |
| US | 8.8.8.8:53 | smtp1.cs.stanford.edu | udp |
| US | 171.64.64.25:25 | smtp1.cs.stanford.edu | tcp |
| US | 8.8.8.8:53 | burtleburtle.net | udp |
| US | 8.8.8.8:53 | mx.burtleburtle.net | udp |
| US | 65.254.254.50:25 | mx.burtleburtle.net | tcp |
| US | 171.64.64.25:25 | smtp1.cs.stanford.edu | tcp |
| US | 8.8.8.8:53 | alumni.caltech.edu | udp |
| US | 8.8.8.8:53 | alumni-caltech-edu.mail.protection.outlook.com | udp |
| US | 8.8.8.8:53 | gzip.org | udp |
| US | 52.101.42.18:25 | alumni-caltech-edu.mail.protection.outlook.com | tcp |
| US | 8.8.8.8:53 | gzip.org | udp |
| US | 85.187.148.2:25 | gzip.org | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | search.yahoo.com | udp |
| IE | 212.82.100.137:80 | search.yahoo.com | tcp |
| US | 8.8.8.8:53 | search.lycos.com | udp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| IE | 212.82.100.137:443 | search.yahoo.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 8.8.8.8:53 | 137.100.82.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.altavista.com | udp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| BE | 2.17.107.153:80 | r11.o.lencr.org | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 8.8.8.8:53 | 10.254.202.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.107.17.2.in-addr.arpa | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 171.64.64.25:25 | smtp1.cs.stanford.edu | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | 34.56.20.217.in-addr.arpa | udp |
| N/A | 172.16.1.5:1034 | tcp | |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | alt1.aspmx.l.google.com | udp |
| NL | 142.251.9.27:25 | alt1.aspmx.l.google.com | tcp |
| US | 8.8.8.8:53 | acm.org | udp |
| US | 104.17.79.30:25 | acm.org | tcp |
| US | 8.8.8.8:53 | cs.stanford.edu | udp |
| US | 171.64.64.64:25 | cs.stanford.edu | tcp |
| US | 171.64.64.64:25 | cs.stanford.edu | tcp |
| US | 8.8.8.8:53 | burtleburtle.net | udp |
| US | 65.254.227.224:25 | burtleburtle.net | tcp |
| US | 8.8.8.8:53 | alumni.caltech.edu | udp |
| US | 85.187.148.2:25 | gzip.org | tcp |
| US | 75.2.70.75:25 | alumni.caltech.edu | tcp |
| US | 171.64.64.64:25 | cs.stanford.edu | tcp |
| N/A | 10.179.108.182:1034 | tcp | |
| US | 8.8.8.8:53 | aspmx5.googlemail.com | udp |
| TW | 142.250.157.27:25 | aspmx5.googlemail.com | tcp |
| US | 8.8.8.8:53 | mx.acm.org | udp |
| US | 8.8.8.8:53 | mail.acm.org | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | smtp2.cs.stanford.edu | udp |
| US | 8.8.8.8:53 | smtp.acm.org | udp |
| US | 171.64.64.26:25 | smtp2.cs.stanford.edu | tcp |
| US | 171.64.64.26:25 | smtp2.cs.stanford.edu | tcp |
| US | 8.8.8.8:53 | outlook.com | udp |
| US | 8.8.8.8:53 | outlook-com.olc.protection.outlook.com | udp |
| US | 52.101.11.6:25 | outlook-com.olc.protection.outlook.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | mx.gzip.org | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | mail.gzip.org | udp |
| US | 8.8.8.8:53 | mx.alumni.caltech.edu | udp |
| US | 8.8.8.8:53 | mail.alumni.caltech.edu | udp |
| US | 85.187.148.2:25 | mail.gzip.org | tcp |
| US | 8.8.8.8:53 | smtp.alumni.caltech.edu | udp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 171.64.64.26:25 | smtp2.cs.stanford.edu | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 8.8.8.8:53 | snai1mai1.com | udp |
| US | 8.8.8.8:53 | snai1mai1.com | udp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| N/A | 10.241.35.61:1034 | tcp | |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | alt2.aspmx.l.google.com | udp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| FI | 142.250.150.27:25 | alt2.aspmx.l.google.com | tcp |
| US | 171.64.64.64:25 | cs.stanford.edu | tcp |
| US | 171.64.64.64:25 | cs.stanford.edu | tcp |
| US | 8.8.8.8:53 | outlook.com | udp |
| US | 52.96.228.130:25 | outlook.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | smtp.gzip.org | udp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 8.8.8.8:53 | alumni-caltech-edu.mail.protection.outlook.com | udp |
| US | 52.101.10.12:25 | alumni-caltech-edu.mail.protection.outlook.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 171.64.64.64:25 | cs.stanford.edu | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| N/A | 192.168.2.111:1034 | tcp | |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | aspmx2.googlemail.com | udp |
| NL | 142.251.9.26:25 | aspmx2.googlemail.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 8.8.8.8:53 | mx.cs.stanford.edu | udp |
| US | 8.8.8.8:53 | mail.cs.stanford.edu | udp |
| US | 171.64.64.160:25 | mail.cs.stanford.edu | tcp |
| US | 8.8.8.8:53 | mx.outlook.com | udp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 8.8.8.8:53 | mail.outlook.com | udp |
| US | 8.8.8.8:53 | smtp.outlook.com | udp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 40.99.213.50:25 | smtp.outlook.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 75.2.70.75:25 | alumni.caltech.edu | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 8.8.8.8:53 | kinoho.net | udp |
| US | 8.8.8.8:53 | aspmx3.googlemail.com | udp |
| FI | 142.250.150.27:25 | aspmx3.googlemail.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 8.8.8.8:53 | mx.cs.stanford.edu | udp |
| US | 171.64.64.160:25 | mail.cs.stanford.edu | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| N/A | 192.168.2.12:1034 | tcp | |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| IE | 212.82.100.137:443 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:80 | search.lycos.com | tcp |
| US | 8.8.8.8:53 | 6.173.189.20.in-addr.arpa | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| US | 209.202.254.10:443 | search.lycos.com | tcp |
| IE | 212.82.100.137:80 | www.altavista.com | tcp |
| GB | 142.250.187.196:80 | tcp | |
| GB | 142.250.187.196:80 | tcp | |
| GB | 142.250.187.196:80 | tcp | |
| US | 209.202.254.10:443 | tcp | |
| US | 209.202.254.10:443 | tcp |
Files
memory/4912-0-0x0000000000500000-0x0000000000510200-memory.dmp
C:\Windows\services.exe
| MD5 | b0fe74719b1b647e2056641931907f4a |
| SHA1 | e858c206d2d1542a79936cb00d85da853bfc95e2 |
| SHA256 | bf316f51d0c345d61eaee3940791b64e81f676e3bca42bad61073227bee6653c |
| SHA512 | 9c82e88264696d0dadef9c0442ad8d1183e48f0fb355a4fc9bf4fa5db4e27745039f98b1fd1febff620a5ded6dd493227f00d7d2e74b19757685aa8655f921c2 |
memory/4628-7-0x0000000000400000-0x0000000000408000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\zincite.log
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/4912-13-0x0000000000500000-0x0000000000510200-memory.dmp
memory/4628-14-0x0000000000400000-0x0000000000408000-memory.dmp
memory/4628-19-0x0000000000400000-0x0000000000408000-memory.dmp
memory/4628-24-0x0000000000400000-0x0000000000408000-memory.dmp
memory/4912-25-0x0000000000500000-0x0000000000510200-memory.dmp
memory/4628-26-0x0000000000400000-0x0000000000408000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\zincite.log
| MD5 | ed3831d018ea6f9a9563d8f4824ecb37 |
| SHA1 | 47f1a0909f9a9d8a1b0c54703f413314488110f2 |
| SHA256 | e4e25d6e7dbfdb550cbbe36979110c6a139eda2aa999af19a11c7efbda38a365 |
| SHA512 | 4bf7f4d48055225700b4c3696a10c590c0f59b476b2de1a43957dcdd963f0bc27a7409ccd8c07d4129f0bdf0df7e69dca2c2a1e8d963342ba53a34ed57663b1f |
C:\Users\Admin\AppData\Local\Temp\tmpF61A.tmp
| MD5 | 303239a88e842596edd99020950694cf |
| SHA1 | e64381fe3adace127f84e5f9d610bb47c9e6498c |
| SHA256 | d446a45a199bca21ca6ff8972c03cd9c5cc2e9bd5c4315689d4cd77439f6932a |
| SHA512 | 1eee4485d410f35681e3d14fbc7f46c9b0b5fcba7b721a0116c6a17934efea5153da650809b0bb426d9a1f429a6e827f90cd99d22c992ad1b9f6d3500c79d44d |
memory/4912-84-0x0000000000500000-0x0000000000510200-memory.dmp
memory/4628-85-0x0000000000400000-0x0000000000408000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\3NQFXGDW\X2ALISWN.htm
| MD5 | 3c1ca620a8620e13642ad3c381f78b8c |
| SHA1 | 3ea7000e25591200f740904b01fb40c71ec84e7e |
| SHA256 | 6169fd23b3a1f58c5bacc82e76d6317fd2e592b03d1892e1c8d810dde5b32abb |
| SHA512 | 9e65f8f99e3442a947ee246af5b30366f0296ef942c839dad327617898e60f6e47e75b1573bf9581be59799b00438da83ebc772a26588ca05ed7c89f9f61f2e1 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RYAG7OSV\search[3].htm
| MD5 | 8ba61a16b71609a08bfa35bc213fce49 |
| SHA1 | 8374dddcc6b2ede14b0ea00a5870a11b57ced33f |
| SHA256 | 6aa63394c1f5e705b1e89c55ff19eed71957e735c3831a845ff62f74824e13f1 |
| SHA512 | 5855f5b2a78877f7a27ff92eaaa900d81d02486e6e2ea81d80b6f6cf1fe254350444980017e00cdeecdd3c67b86e7acc90cd2d77f06210bdd1d7b1a71d262df1 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RYAG7OSV\search[4].htm
| MD5 | f111a22ee985757b3eae19e0c5c4b55d |
| SHA1 | bedf4bb71f3143cfa9d5748e76be326030ab55e3 |
| SHA256 | 798cbeb1ccce733f4a300e7576203e1946ffac56b0c9e1f83a90f8cc41015f06 |
| SHA512 | 902dddbefb5e5a6ee79641da75c5fbf8deefa4c0894ddec650017d62b474dbab0e400e8f97b0418e6a1eb9ca9ccd009843ca98568e6263638165319ea0d34137 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EROQDKB0\results[4].htm
| MD5 | ee4aed56584bf64c08683064e422b722 |
| SHA1 | 45e5ba33f57c6848e84b66e7e856a6b60af6c4a8 |
| SHA256 | a4e6ba8c1fe3df423e6f17fcbeeaa7e90e2bd2fffe8f98ff4b3e6ed970e32c61 |
| SHA512 | 058f023cb934a00c8f1c689001438c9bdd067d923ddcbe7a951f54d3ca82218803e0e81fbc9af5c56375ff7961deed0359af1ffa7335d41379ee97d01a76ded6 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\3NQFXGDW\search[3].htm
| MD5 | 2f81cc76bea5dffd859929ddb546114a |
| SHA1 | b49f16f857322446d69f54521ee18536caaf1b2a |
| SHA256 | dbb645503ff13823f4f1e91e1b8dd2ca34bf797dd96db2ad5b92cc3705971444 |
| SHA512 | ec0f5c759856f99501c46dceb191c0eba12723cca5455f0294a276ae8df817c9e7e6fa3e581f3a84f1ebc2797691d95dd298e81970d709d15304c2165f172750 |
memory/4912-253-0x0000000000500000-0x0000000000510200-memory.dmp
memory/4628-254-0x0000000000400000-0x0000000000408000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\3NQFXGDW\results[3].htm
| MD5 | 211da0345fa466aa8dbde830c83c19f8 |
| SHA1 | 779ece4d54a099274b2814a9780000ba49af1b81 |
| SHA256 | aec2ac9539d1b0cac493bbf90948eca455c6803342cc83d0a107055c1d131fd5 |
| SHA512 | 37fd7ef6e11a1866e844439318ae813059106fbd52c24f580781d90da3f64829cf9654acac0dd0f2098081256c5dcdf35c70b2cbef6cbe3f0b91bd2d8edd22ca |
C:\Users\Admin\AppData\Local\Temp\zincite.log
| MD5 | 40a9a2b0abd3afa612b5b0a4272a49a6 |
| SHA1 | 2cf1afa90275c7860d2113b6a2aa3c540d2dfa3f |
| SHA256 | 0f76581530a82730abad23d76b50b527c63cb4c6ce9748c6f2f24a8da219d2b1 |
| SHA512 | 0dcbcc56520e1ae8ea714fc17dfce396761a4ecde03fe2f360b3bb882254d836def91d0ff55e302ad63a6878e170fd6bc8c3d92f3e63312e2589b032ac7a4367 |
memory/4912-283-0x0000000000500000-0x0000000000510200-memory.dmp
memory/4628-284-0x0000000000400000-0x0000000000408000-memory.dmp
memory/4628-288-0x0000000000400000-0x0000000000408000-memory.dmp
memory/4912-292-0x0000000000500000-0x0000000000510200-memory.dmp
memory/4628-293-0x0000000000400000-0x0000000000408000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\zincite.log
| MD5 | db23f58b8337fb92026ff50113c84ac4 |
| SHA1 | ce93954c0ea1e170135873ca2052c79900931f44 |
| SHA256 | 663958b457948649009a2f9092a517ef14d2c01cbe4ac5ff279f6ba75ec348dc |
| SHA512 | 5cdb6726a778793b62efb7f7c2ba9e33a2c1f4e66c097bce406ac36dc73741ee4d4a2eabb850edb774faf1794a33f3510b8e729a04406772cdf852b453d60f38 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EROQDKB0\search[8].htm
| MD5 | 1eed096759228050791be87bed9c3f72 |
| SHA1 | 2056e628b4a218b052db8f867ca9faae692a096e |
| SHA256 | ec73df10561e6e5325a714e3591b047e652442f226375c2b577e7287fcb8a99f |
| SHA512 | 13bc8cbe2392694cd53e6e0155adb9bac8242d15a938685bb0c1f8ed167b6c044da9b83fb2950531017ea523165a9bfd758d73b005a33a674471e7e87841aca0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\3NQFXGDW\searchGRF4QXW6.htm
| MD5 | 02827b7c38a6b3cc825488930b96eca5 |
| SHA1 | 940256c1fa7546816602bf44def2f1eb7a9f11d4 |
| SHA256 | 2d1eeaa61ab2caab940a3451e0bfdca4cd6b3bafc9fc162892d2cca69931a86f |
| SHA512 | 87092d24e9a6351394c9de900540bb29146a4ea489584ebba20323045643a79b8b20938cdd126ad21a9874ccd909be15807cf42354bb4cfa8fcfca37084c3df4 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\3NQFXGDW\default[1].htm
| MD5 | c15952329e9cd008b41f979b6c76b9a2 |
| SHA1 | 53c58cc742b5a0273df8d01ba2779a979c1ff967 |
| SHA256 | 5d065a88f9a1fb565c2d70e87148d469dd9dcbbefea4ccc8c181745eda748ab7 |
| SHA512 | 6aecdd949abcd2cb54e2fe3e1171ee47c247aa3980a0847b9934f506ef9b2d3180831adf6554c68b0621f9f9f3cd88767ef9487bc6e51cecd6a8857099a7b296 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EROQDKB0\search3X763PW0.htm
| MD5 | 87405cac25b337d5a7ed71d1126fde4d |
| SHA1 | 423090601ccb64234619b4fad906b463a503c7d2 |
| SHA256 | c26559d0b5ca3bf2c34e72db5de62d4b9eb9c36302aec43c6f5468bd3672f615 |
| SHA512 | 29d55276288eac0479824dfb1b6bee4cb38403aa298eae51c42db9a0a3619f474c9aad18c0bd4884c569c94f0da1bcc4f84e647ccef560231137a0503a23e786 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0K2PF59Z\searchA9WJ5FPL.htm
| MD5 | 07ad779c83e79ebe529ced6f048314a0 |
| SHA1 | 92d523e53a99ab06c5d38a223fa4cdcd2d622e94 |
| SHA256 | 555ee733f4cc7d0b0fa9a2c7e1858abee57907f83ac21e77f05b0f48238b242e |
| SHA512 | 6a9162809e6d2e6428d90a1a34c83c4c84080406a7ab126b5ecfa0c558bdef31d1ba337cc7ddc095d9345ddfa1597cb52c8c9114fac63100adae0bde855aae79 |
memory/4912-425-0x0000000000500000-0x0000000000510200-memory.dmp
memory/4628-426-0x0000000000400000-0x0000000000408000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RYAG7OSV\search2TQVLSGF.htm
| MD5 | 19661ce43b6e08b0af432a3940c37cc9 |
| SHA1 | 29df072b144a9a6fdd37a45206e4809fe887769c |
| SHA256 | 8c2708bade36bf262f5089967edbdbb3d69ac7d42a93edaa6abdd0e813248316 |
| SHA512 | fdf7053ac1975f6b0dff1f0aa096721df4979814e3be5b01509e6bf421254270ed1a0fc3cdbcfb2be7a66413c5eaef0c36bf3a2331d1fc8f310abf290f09b0bc |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0K2PF59Z\results[10].htm
| MD5 | 35a826c9d92a048812533924ecc2d036 |
| SHA1 | cc2d0c7849ea5f36532958d31a823e95de787d93 |
| SHA256 | 0731a24ba3c569a734d2e8a74f9786c4b09c42af70457b185c56f147792168ea |
| SHA512 | fd385904a466768357de812d0474e34a0b5f089f1de1e46bd032d889b28f10db84c869f5e81a0e2f1c8ffdd8a110e0736a7d63c887d76de6f0a5fd30bb8ebecd |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RYAG7OSV\searchWPQFT3OD.htm
| MD5 | a54bb7134ca4e832544b79943e860d31 |
| SHA1 | 1ba3a0d8c76e4c3bd30a9bab091e08fd40e65f4a |
| SHA256 | 37952ed5050d830514a5344f8477b8b465a7c190aecbc1748798360db9aadf1f |
| SHA512 | a4744c3f6e61cf84118962f2f037bdb98928b19b7775c59befb303a3f6fe7bea2b9062d943241b47992106503b304281987d8bec0bcc0133ec2f988095bfc592 |
memory/4912-585-0x0000000000500000-0x0000000000510200-memory.dmp
memory/4628-586-0x0000000000400000-0x0000000000408000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EROQDKB0\search23QA20QB.htm
| MD5 | 3a2463a705a18e1767a12d7b7ef81f7d |
| SHA1 | e8492200c2f00111290bd613fd9186b00b75a55b |
| SHA256 | 99ced0e98092722b4de3a620349cb6065543041e0faeda41b87b429ede07f8a4 |
| SHA512 | 9508fd6f7a80236c4d15e34cd02fc93d6dd6340fd921c40ab25782a5bb0565e2f90c75b9355ceed9c1c360e020ed5f88fe8f81427bd882384058717146c6cb34 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0K2PF59Z\searchWGMPADF2.htm
| MD5 | 26b4ab912a638839f5ea593c4672cb3e |
| SHA1 | b61da357b4222cec2b5621669f970f9b370e8d0b |
| SHA256 | 25604e4f157c51a5cfdbf6666ebcdf47665883c9c29ef66bf7d33e325e2ee740 |
| SHA512 | 73e5860eb4412724f887759f3faab7f420fd12a151e3fad00899e65d93d7c87798348ad564186aec25fb76f51e1211e5bc59c9260dedfbace7a24fc17fb9ea41 |
C:\Users\Admin\AppData\Local\Temp\zincite.log
| MD5 | 039a8410d252d330f65f8e453e10ba1a |
| SHA1 | 48dca3e31a6066d471c408f667df2abb8588cb59 |
| SHA256 | cf13731bc9a44fa2546ba517c8a34f17bb8ed245a207ff35903092de64e98141 |
| SHA512 | 3a027f87f9aad1699625174a7d91d5e5800156b66f6efe15780dcb5441a62ea80ab515e1c2f563b3bb75051869b35bc734944ed02d06082ae44724fb40f068fb |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\3NQFXGDW\default[3].htm
| MD5 | 157431349a057954f4227efc1383ecad |
| SHA1 | 69ccc939e6b36aa1fabb96ad999540a5ab118c48 |
| SHA256 | 8553409a8a3813197c474a95d9ae35630e2a67f8e6f9f33b3f39ef4c78a8bfac |
| SHA512 | 6405adcfa81b53980f448c489c1d13506d874d839925bffe5826479105cbf5ba194a7bdb93095585441c79c58de42f1dab1138b3d561011dc60f4b66d11e9284 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RYAG7OSV\searchX643TUWV.htm
| MD5 | 785635bd82b5558a38a9b34bb4b9f4eb |
| SHA1 | 4d18085592825666d954386bdb8e052f8822d4f3 |
| SHA256 | 932abd1c883be26d06de8aec4d044d7158c0cf91a1f0d2924d49edf2563e05e9 |
| SHA512 | dcf9fddc603114d266b7af8f8a65b366076e5b8092f27b5b610c1e405c7384f0a3b036eff7811449b6a887903bc1c4edd971c70ce7bd30b2dcb0caf2ab646c34 |
memory/4912-754-0x0000000000500000-0x0000000000510200-memory.dmp
memory/4628-755-0x0000000000400000-0x0000000000408000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0K2PF59Z\searchWKSZ6KLK.htm
| MD5 | 91ea201575abcb25ac5281045b47d717 |
| SHA1 | abaadad6a96f0ed033ff0580a1369ffbc9026fbc |
| SHA256 | b0ff5110c3fd82d90684402143b8a49b88228244a03c8b3192e79689f73650f0 |
| SHA512 | e009dbf6f96aaba9cedb32c2bfda11d092bd0812dc5a64fe7d338e7a8553f95d4d5da7a804207d819d347ca4741a94909fd9e367014e8403f9eebd8f16862b7b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0K2PF59Z\searchO0WQHPBW.htm
| MD5 | 83b9c3eae434e0dc1c27b162fed69636 |
| SHA1 | 740378adef48a4b4daa455cf860fdce693d4cb73 |
| SHA256 | ccd95185e6baf0013d2cd2c9e8b605db9d9d3b69ae65fd3dacce7e5374e3319f |
| SHA512 | 44d754154141869d2cbd2cb4a59df5ae2aad3b08b357082574909d2077c64907d1eb22f6cc4942f75c273d1956f1150ec21567db60d755f4af7bfede40c44b5a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EROQDKB0\searchXVOW7A1V.htm
| MD5 | 4617743d6ee34db8d20960e901b42ce1 |
| SHA1 | c9c23f243f8a2c9e23ab9d19e03889693ef96b5c |
| SHA256 | 6086aa50634151c152b963562913421fbaeeac97f171ff20b132808ee655ed36 |
| SHA512 | 462c4e8e6a1ae8f7ab09fe5bcf4f36b2dbb3d1c171f1718a0d7a06bc2a42566e0148fff9d657b96285265dc950daf3af02b946d1e4ba817e4b8968744a48f8ce |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\3NQFXGDW\searchN6JPZJJM.htm
| MD5 | 1e4f7a338c406663d2253e1693b0dc11 |
| SHA1 | b2803e62f9bdee31dcabd5ad0491705b728809c4 |
| SHA256 | f6259e72a295db3be7b5060f5adfde74e4f2265cc202d5e8d642277372a32ca3 |
| SHA512 | d855c1f1e10bed73b746991a45a82cd1b18feb69d1fd19f5de52303f1551fb424a66ba920c7317f1a310850686e6ce26978bfa80e6449ff7983cb504deccf2ca |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\3NQFXGDW\search6YNXK56B.htm
| MD5 | 17f0cc9ac6497d5d0fa4e3872a1cdcac |
| SHA1 | f1bbadf432a7744b4ae92657053201d7c2a15ec2 |
| SHA256 | c0b87338d311e4ce49176113fe15c177a62a73315fccdbd5eed7e005f905382c |
| SHA512 | 3c75061d200d0e7213874b0395461db3b3e3c3232bf89a3d6c4e457989cb6f32e4e3829006446903f5483f2f6c0d007d081fb133ab743faa90f9e8e3e0461b85 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EROQDKB0\searchCOQWDZUC.htm
| MD5 | 36433600c805ac9bdd30c1e73bcca05f |
| SHA1 | b24d29b446ffe404bf0b674681a0090561ee7736 |
| SHA256 | 64c3a131fc6aeac3226d3c0ea71adf49228af0beaba0fa832ce3e1d397c31a22 |
| SHA512 | 36769798c6f8e19d3d5f1e3f158a00d8d6b7d465fb1640a9fd2b0b65c4fb1bc50428c0801e2103d0b30a1e8ca5f326bf9abbcb2a28adf1202e49600b680b52d5 |
memory/4912-926-0x0000000000500000-0x0000000000510200-memory.dmp
memory/4628-927-0x0000000000400000-0x0000000000408000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RYAG7OSV\search4IYCF8KZ.htm
| MD5 | e99302eb39b39446011127d0f5819eff |
| SHA1 | 50d31df81d931356e8e3029e232665b71913b7e7 |
| SHA256 | fd042845337ce09b90beb58e123cfc62c6dd550fdce722dcfeca0d4642dabd68 |
| SHA512 | 8b475cb249110f52ceaedb7d00c04f034a84ee9533f0f24575e9b6ab47a3a17237c932faf9877e1c197d773a938519012ce4afa055709f8dbf9e9a5ae34d0a78 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\3NQFXGDW\searchMGQG0EP0.htm
| MD5 | 7c006333d85090660a9759a917dc4cb0 |
| SHA1 | 7056c18030c9137fe81f5d0cc977bb47b5798f9b |
| SHA256 | e3a5ad5e6c6520ea6ef189e4396e73c48ebcc48f520366b75e2f360333a4d0c6 |
| SHA512 | ed6a00d284ae8b02d7ddb2cfaf452ab20aec1dd8d4995e1f58e6711cd07a1f61419aa0fc74f0b4ff23dae4ac98fa147e1180a20b5ae97f6972cf1cfc8fa27652 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RYAG7OSV\search5LZOATJY.htm
| MD5 | 08296bcf9ae9531922114f27ccc199b8 |
| SHA1 | 0cd6f8b43b3fb63245df9ddf261320abc94e363a |
| SHA256 | 31298dc6faeca2730dd3d50983352eb8bcf18ff2b36fd2956adb6bd956d0ff12 |
| SHA512 | b2a3593d05580793cf1ede5fa8e34de4f9c25dd61e474e4714d68aabaf3882f8d82a513809902172ee39fdb2cbf50997a59940e8022a683879bd709fe95bee85 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RYAG7OSV\searchZA4EWRE7.htm
| MD5 | 18025158cccdea69e42cdd21103324e0 |
| SHA1 | a1547c080c4a3d23274f705b3135b0f7600416f0 |
| SHA256 | e16d2679e67ee24cc60a60356e9d3cb5d8fc221981e5aac7c48e57499e087291 |
| SHA512 | 181b431e11d9388df007855ce0f96587cdbf3677f383aa0260bdb42bd57c996e60cd306c37cfcd8d1d4992dc99bc4c4ee41b604b53eca723cae9df9c881b4faf |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EROQDKB0\search[9].htm
| MD5 | 9707b27b57be0c588156098476254235 |
| SHA1 | 0c3218e072a29bd37107cec1413e004e1121083f |
| SHA256 | 422c3451b9aaff7bbe00e4d949ebeb84bcca98c2d95092af3abc258f754dded5 |
| SHA512 | 698642d1fe0b20f5455c18cb38a52965ab62d42a59d9aea6611b94bf3f6f0a41489fb49b6391d2f3706fb6817fa8f80a94d91ad588b16d7a75e9266ac854aeef |
memory/4912-1114-0x0000000000500000-0x0000000000510200-memory.dmp
memory/4628-1115-0x0000000000400000-0x0000000000408000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0K2PF59Z\searchWAAMIK2D.htm
| MD5 | b6d2e6701c8454e49f132b3ff5b138fa |
| SHA1 | 6bd4930e64519905b72fc15dc567f5c762149ea6 |
| SHA256 | 092569e8a0a40fa7a1be1ce128e8a8e8f2b35fd72a6c1f7484369d7525159c23 |
| SHA512 | 75f80dba56d9e7325faef219a9826ee035c17425700c38c31c202ea5e0ed00f964c4b224d8fd3e56b121931a57dfb265828bb65daa50621e697e00fb0810560b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0K2PF59Z\searchH361PZNN.htm
| MD5 | 6d28ab39bb5c412d693d2c436ed6b9f6 |
| SHA1 | 58e5e349ff8dc6f0b4cec7ed15627ba16226aacc |
| SHA256 | 6b028bed08fc9f2930f17a35d1fbcf516a1bec3cc9b0152996e467e08c1703ad |
| SHA512 | a1191c255efb99d32f3f00df9bd72f82f08e93465da5c3ea7a76c234fade8cb078309df275f8d1e8bbbd49efedc7fd9f1482ad3d544989d809ad039fc16788c4 |
C:\Users\Admin\AppData\Local\Temp\zincite.log
| MD5 | a13c6f271d861b3567a4febcef6de7ac |
| SHA1 | ab1e9374dda5d6895830346e9344af9c83bd5f4c |
| SHA256 | 4cef30b91e5806523dde70e78ccaf9247e6e191bd216faf572823019c7d503fb |
| SHA512 | ca1a6913883e48500f1a3c1cce41103bbc113b0b3bb7fe8148a8f3987b617053721695ab4bdff334290a895d05b0135378121c1e1463eb53956ef55e67f12a74 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RYAG7OSV\default[6].htm
| MD5 | 14b82aec966e8e370a28053db081f4e9 |
| SHA1 | a0f30ebbdb4c69947d3bd41fa63ec4929dddd649 |
| SHA256 | 202eada95ef503b303a05caf5a666f538236c7e697f5301fd178d994fa6e24cf |
| SHA512 | ec04f1d86137dc4d75a47ba47bb2f2c912115372fa000cf986d13a04121aae9974011aa716c7da3893114e0d5d0e2fb680a6c2fd40a1f93f0e0bfd6fd625dfa7 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EROQDKB0\defaultWU16HBP6.htm
| MD5 | 267ddfdbb8d492b25de208d84b290f1c |
| SHA1 | 9f57d9f19f25549e1232489a0c101a92e851de2f |
| SHA256 | ef1f87447ae1ab45548d2934cf0dbd15a32b86359ff9fccfa48d76c1badf6586 |
| SHA512 | 0709aa62d39d419d335183235dcf328e1dfe6997bd9bfbdeb01bb050df8dcab63ec2d4f46e4718ab389fa8e12af66dec2e3019c8871ac6e40927a25cb706c6b3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RYAG7OSV\search2YU4OUAQ.htm
| MD5 | e06c37ececed0ed0c11e39915d01f585 |
| SHA1 | 5e172a3378ed56df4468e27a5c3e1ac8d0c2853a |
| SHA256 | 902eb03b7b12202a903cff7df41933fbfe2728bf145dc76bfb1ca90d37a3c1c8 |
| SHA512 | ca37a0a0af77be71b47de64c46279dd55d80f2d283795d20cb9c133f626795f05811c0d5f425a32d0fb5fa1bb4cbf07f01fda3338614b89bda1490a148fc27d3 |