Analysis Overview
SHA256
e6482ead6680b93e24be08e4665783970fce43b177e823b77f6194e8de61a4f9
Threat Level: Likely benign
The file c03466bdda39a251e7b4ba51fd96d8f9_JaffaCakes118 was found to be: Likely benign.
Malicious Activity Summary
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies Internet Explorer settings
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-25 07:05
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-25 07:05
Reported
2024-08-25 07:08
Platform
win7-20240708-en
Max time kernel
132s
Max time network
141s
Command Line
Signatures
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10613" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "27741" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "37945" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000062974e5b5f804e45b98349be16bffb7800000000020000000000106600000001000020000000048be418f41809bea827d3bd92bc802668e4a0d811ade793c9bb3d3808bca453000000000e8000000002000020000000bac66f51c08fa2fcec4ca818486c8d8b4bed4ef95787be6191771b4176731b0a2000000052e46cb3bb85d9c85b594cbc40166cf208b93943c734f1c8a2cd743194fd24db40000000475668100e5211a3debfdd91e0a3c450454589a496aba34fa6861b0729d9ecdeccf1dcf3e3772d349c00b6262940813f58c0ca48fdab3c74812e0fb31e0b2d31 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8199" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9341" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "19457" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "18670" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "27829" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "28610" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "7989" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "7995" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9253" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10613" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "18670" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "27829" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "27829" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10613" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9341" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "37945" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "7995" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "18670" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "18588" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9335" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "8107" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9341" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "18676" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "18676" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "18676" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "27823" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8107" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2372 wrote to memory of 2928 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2372 wrote to memory of 2928 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2372 wrote to memory of 2928 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2372 wrote to memory of 2928 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c03466bdda39a251e7b4ba51fd96d8f9_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2372 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| FR | 142.250.75.234:80 | fonts.googleapis.com | tcp |
| FR | 142.250.75.234:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| FR | 172.217.18.206:80 | www.youtube.com | tcp |
| FR | 172.217.18.206:80 | www.youtube.com | tcp |
| GB | 157.240.221.35:80 | www.facebook.com | tcp |
| GB | 157.240.221.35:80 | www.facebook.com | tcp |
| FR | 172.217.18.206:80 | www.youtube.com | tcp |
| FR | 172.217.18.206:80 | www.youtube.com | tcp |
| FR | 172.217.18.206:80 | www.youtube.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| FR | 172.217.18.206:443 | www.youtube.com | tcp |
| FR | 172.217.18.206:443 | www.youtube.com | tcp |
| FR | 172.217.18.206:443 | www.youtube.com | tcp |
| FR | 172.217.18.206:443 | www.youtube.com | tcp |
| FR | 172.217.18.206:443 | www.youtube.com | tcp |
| FR | 172.217.20.174:80 | www.google-analytics.com | tcp |
| FR | 172.217.20.174:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| FR | 216.58.214.163:80 | c.pki.goog | tcp |
| FR | 216.58.214.163:80 | c.pki.goog | tcp |
| FR | 216.58.214.163:80 | c.pki.goog | tcp |
| FR | 216.58.214.163:80 | c.pki.goog | tcp |
| FR | 216.58.214.163:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| FR | 172.217.18.206:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| DE | 157.240.27.27:443 | scontent.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | scontent.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | scontent.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | scontent.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | scontent.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | scontent.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | scontent.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| FR | 216.58.214.166:443 | static.doubleclick.net | tcp |
| FR | 216.58.214.166:443 | static.doubleclick.net | tcp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| FR | 142.250.75.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.179.86:443 | i.ytimg.com | tcp |
| FR | 142.250.179.86:443 | i.ytimg.com | tcp |
| FR | 142.250.75.234:443 | jnn-pa.googleapis.com | tcp |
| FR | 142.250.75.234:443 | jnn-pa.googleapis.com | tcp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| FR | 142.250.179.97:443 | yt3.ggpht.com | tcp |
| FR | 142.250.179.97:443 | yt3.ggpht.com | tcp |
| FR | 142.250.75.234:443 | jnn-pa.googleapis.com | tcp |
| FR | 142.250.75.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| GB | 92.123.142.59:80 | crl.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\CabC592.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\TarC622.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 4ed13233b14fb10108a3622bb33cf471 |
| SHA1 | 11fd79ed360332f2e8582a8cd7f91d40070b05fc |
| SHA256 | 381b202acebbe5c1414d3427a8053ff0d1896afa73b103689cf513d032c620df |
| SHA512 | 41ac41adb18d4e1ec79025043fb415dbf1accbeff7e9400c16b9b3c6c6ce9dec07f1e14bb9d591d37f016ca8baf7da9147e0fa459f80ad4dd05b71729f5f2ce5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 1aa607fcc86dc218e04febbf0484b0c8 |
| SHA1 | 04ff72f900cfca65306f61aabd4b6ea337740961 |
| SHA256 | 02cf8ed5e9267c2b9658c3e07951626d85e6f5ebb3eb032e58abd347bba18199 |
| SHA512 | a2f99e445d78c1107d1c000c639fa988f71faf51ebd2a35f7ae55c8fc7160798b51c3e5de69ed99b25c5bd31c31df9508b161c31ce778b548fbdeb2aafdca1c7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
| MD5 | e935bc5762068caf3e24a2683b1b8a88 |
| SHA1 | 82b70eb774c0756837fe8d7acbfeec05ecbf5463 |
| SHA256 | a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d |
| SHA512 | bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDE8B1B7E253A9758EC380BD648952AF_68D058512F3515153DEB95A1F4E72552
| MD5 | 73e50f3167b61d7f543301b649858a33 |
| SHA1 | fe3521a9a8490aa63dd96c5750ca55583e47dad7 |
| SHA256 | ffab5722bb1b7c00b1e4d946988b1de6227a2c6f3296f94721c9773c79a58f8e |
| SHA512 | 5bab5d1ba933603d10b19f04f5c0ad6afbdd3cc1f8501bef7737b452285ede552addab2873989c1a100312940d24b0b92c778c89cc74d174abf73ad0b8848c2e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 93ff357eb6453d02358e9b5b4ccf134c |
| SHA1 | 4cd04b8c55dfb4a8da95dcb302e1f6d159039340 |
| SHA256 | e92ea351cbfd232fea125092acad8150ed69b7ae5c247dc49cb3503a6654b734 |
| SHA512 | 8114f759dd265caaa714c237963d7ce0fddeb356b21b7a6d99ee7e95ba948e4f6d17a381c11ab8d55aae989303d2e2164fe07ab859a4443b7a4146ca629e032d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\www-embed-player[1].js
| MD5 | 4841d7c0dc8687067a5c67940f823387 |
| SHA1 | e050231d82ac5d32046fe9c07c1524fcb85b81d3 |
| SHA256 | 5a087880cd4c7ed70516c480f29206db256642795dfe0880fe346d394f4d088b |
| SHA512 | 1a2c8a0e541ebba3f37dce4b9c4d62b310faf6bd8fa1138502c07cebf033a88499e6e745ff049df52419ea2b06bac9451be9cbfeb609239ea4d4ebd1c8785d32 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\base[1].js
| MD5 | d7ab337b769d56f2c9bd297d5ec43470 |
| SHA1 | e2d570c11052e235217e8b3cdec95a9c1ffd7431 |
| SHA256 | ffe4a2763153d6edc9ddee2d6dcc83adc31f859b20ab7ebd5efb1d422593dbd5 |
| SHA512 | a78e7eac541f402136a00c9840ca8b8f80112516038586377397405e8ae248a04cdc0f6fda71791565870d75d87943cb4b157b5d7fdd7b02b2ae433d158898df |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X761FPIN\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X761FPIN\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 4d9fadee07c549a5f5ddc58ad1033ee7 |
| SHA1 | 9b7721bee118d5953e1dd03b120c0d9fe04af329 |
| SHA256 | 05957881325ea561dcd883b20c913e8fc032d488e9d112280747baf19c6bff1c |
| SHA512 | 5e2ba83e05480f5b19f45e3408068ee280effad76195ec8bb6f66634516758074b0020749c85b63bc30f21eca2a1dc52c1326d4838fa663d5b88b58d0c2611c0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | a47e9942c1bd356e43cd501761ff7fe9 |
| SHA1 | a0983ad22cfa112295fd1b510b3f99333c67e695 |
| SHA256 | 8506f5b522aac180daa9fabe8611d81a1c8db71887f33a51f5aec2261c9205b5 |
| SHA512 | abc279c13095010397764c1cac96da0804173db7ee1040675aa636f966daefc9803bbdfcdda64db1034504f3191d2ecad7a7f83ffdb3d20a4d9d31975948536c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 36e0298ceea0a76c548c19dc36e33845 |
| SHA1 | db57ab00fc8b58dcdb9de2f5d7985d019c8143c8 |
| SHA256 | 2cd5a07e5ae3330538bafa1ce8a2751e3500ad393de7b28c4c338faabbf69254 |
| SHA512 | d548bfb2c98b8acca9e9010615add3ab5f41dce0d1f3bd86d1c09da09e1576930c0bb0079324fa5b6746b7a0106780e05869b05b9645bde15229db2b9a91f67d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\embed[1].js
| MD5 | dcda3db9fe4534651fca1debf672bf26 |
| SHA1 | cc55669fca772346c54eed31fd61c08c4c6d7c4d |
| SHA256 | 521516edbb1c5a9222b3702cbe053a4602623780a49f4d8d3c5f2fe9c66ec273 |
| SHA512 | 7b99c1b615484a73f8b5281286138e07b6cf2b1912c8bdc33eca4d8cfdf94307f320b42633f04c6423840cda814ee74128fc01db79b58ff00053d1918a646557 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 07599725cba1a6ee875848975fb35b1d |
| SHA1 | ef6d3ca486588ff0515a81fa658ecded4dea8a7c |
| SHA256 | 44d01a340f2e155723ab1e525a94055d0a67d0a412cf27a0abff0669187f26a1 |
| SHA512 | 31bdf4715c3f2be3cf84e595acab2fc9da2b1f4e22a149a918795670c323cf4db60669e493b182c46904f14f5ccdc1560a211124a4f5f48233ad18eb474be3a0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 4b5800bb4c60f3ff4595eee7543ea799 |
| SHA1 | 3c0244254d1ad1cec4c9b26ab7edb04dcf7000e7 |
| SHA256 | a36f8412c579f37e0ed28e8c64ab8d68519e1be0cf331fad247945041a154efb |
| SHA512 | d4d9eb5f43b896ad047c9ab88ca87621d4b5e86ea7f02645bcf5780000e2479402b5acdb24f577dd6a311346c1d87eedefc7ad36dad8b460697f19ac0783b6d7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 4076e58722d778beb3a3ae8d54715763 |
| SHA1 | 1308aab678f5da2d295ff187cba0aaf9d4c772d9 |
| SHA256 | bf2fddf2588edd58021892f95ee5cca2f6b3cb69285c902d45758ac6b51d152f |
| SHA512 | 52e2da053021496a0d38eb640ded8d64fe4a82a5f55e2ac77c2cecfc1b0ef6e513dfad8332528f69506688c542f8b22be45831cb68190ecf3b7fba8fb596e581 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 08a76bc6f03e6cbd829d9caa38c9b3b0 |
| SHA1 | fee6f6287243422d6a55d30df01362b51b2b0a6d |
| SHA256 | 64e06745dc7c2ea18900565a4e15ea3fe675b62925f1505ab56bb41faf04f4b3 |
| SHA512 | ccca2d707fa8d51ceb124bbc24fca82b3160ab47a9f26d92c03b90c394de6b8b32aa4f9a527077120a4182d351ee5d7a98b9302fefd28cda948ac31442c1caa5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 9790cccc3c34968e941cebfcda48b9fa |
| SHA1 | 56f0d4fd6e6894646395861e156558b7324bbc24 |
| SHA256 | f3f6d81a8e580404a9fc406a80b2bd9e2ecf9ee9b8974a0ef00a87d92e890fee |
| SHA512 | a057bb0440b4db0897feea1d967e54bdd612d28ae30b947f90be7f8f45885625fffde4f0b5955bb3998701473c30f551db3683d19a3c60610858c88fa52dff13 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | b1c8908b3f262d043cc5843c07eba66c |
| SHA1 | c1a3b377fadc774a1efa5e86f97760e295c1350a |
| SHA256 | 14c66ff01b179f2be73a1cb3f7a89c9fbc0cbae0737fdd28da99af53983cccfd |
| SHA512 | dbe2beb18b64726822154cf011147973e580c4e757d81a7203848626a9d8af5bee17fa5fcd8f62c8f313f26390985eabef8eb233ac42d63dd179a84ae4463d46 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 3f6a46c1a2f28344e5b5908393182f3d |
| SHA1 | 21733cf2fbbf0d5995f0b76dbf7096ef8c43d10a |
| SHA256 | b3b7746633108230a03f577184583372016149a5384bc45b58c2d1e31f19a05f |
| SHA512 | 2aa8f1cc67f6048fcdc2809af3e701e89547c2d8007d76f29d15558d06d66d5171e07fbd6e587b02bde919c73e3a1b1ae07a0b26f1fd51c601430bdd42149833 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 8390a00c6e3332fedc020a153a10d6b3 |
| SHA1 | e89a8c1193dd173af4dd652af552053e33baf508 |
| SHA256 | c10fed7078f50a7b8ee274d3edc25147852c30156cbde62a5a045488861bf0bf |
| SHA512 | 136603e591c01454e19e5abf27a5722cbd446a7123fc6cd86eaa2f5035c60b7626032ee3d5beda01e1416041d8d3cde182447f4abf964861c33a53fb5605d159 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 9df174335346b2713f7cc93ca6891cfd |
| SHA1 | b157b143a9ffb8d6f19bed11324c420055c50607 |
| SHA256 | 2e904b774a6c39985b12f3963a3422e840830f3767c6626b38b0b3e2ae6bc38e |
| SHA512 | c707d31e8fc02a2e01de92d785bb8bd440257242baadad47c34ad7c4166fc283c72afd660b1abd8daad3ab12a738c9f5d61e87a367bc4cec3664f3944511494c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 1bb034a1f92ce8b383036923f37fec07 |
| SHA1 | 70c85f565a045444434312f940881f9860c1b33c |
| SHA256 | 0cdced857ea5c15292bef9a7223a9f2ec85a65ab306c7c31a37ab48a5f94a619 |
| SHA512 | 1249905ab76364f79c30188ff945a62390392434aefcf95eb9a152619be381c6b6337da1c56180111b5ca15f5bca7d4dba634205a5b878ea9c0dcccf3f2ce019 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | ac2e6d8e88eae65d61f1f153971ea12e |
| SHA1 | 18c4fa8ac140f9be5a617c07501cd66252aea092 |
| SHA256 | 36c4207b0fdd0dc94021362efd776d18141430b64746f2a42e34488912300a08 |
| SHA512 | 08afeb2c698d0fdf12e4d0bfb6e2235e77f7319d3f81a56bc03928752a9ee97cb423dafe5576f6c6345867b4eb0f3f80e4ff2048e6fe8a715c9807dcecf975d0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 9b94770397ee201d1851cc80c6168371 |
| SHA1 | 7a713aa6471e659b7d1fce5e9c1809b090d6c6ad |
| SHA256 | a0bec94741f44aeb59325ee7f757621036f3e2e5e4fbdb564f5373238b613e0e |
| SHA512 | 0e1b732f39af24fbb5bb092d389a23fe130ab37b7ea3b7f4fc7eafb10e5fbabf0a073b44d61c945db51f0c9556b19a9ab713daf4c8135de4adcaaf89d58320ef |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | e4b8680d660db20f31b7cb4875bcb8a5 |
| SHA1 | 4e825b0e05905599aceb5ec319d08cc38d6d040f |
| SHA256 | 3bd78dd663e0ca529419f838bb864120aa1f70f4d5722f799aaf6ce64c633765 |
| SHA512 | 426101653b6fbd0fd342c12a0a01964ddfec6cd3438e99712d74b0afc99310cec5d5919bb8f729ffc6a3eb8a0dbe1345bc43394fb98e8b906ab7cb811e99526b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | edadbe6ee2443aeefbdf075203d6d088 |
| SHA1 | e7cd2e27d225266871fb79b26fbfd0c13d8c44ad |
| SHA256 | 5d9341d15d477d57597c93c097460c30bd881a6c7e1f805f600cdf7c9fdd8c2c |
| SHA512 | 661771f5d04c6316b6e998d1bceda7e7af29bec7b6b32c082f911e7c7a3780b6a2974010667b64db7df23922dc321817f52e6c76fec9e9d773467963f129028e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | aa11bf63c62d04181ac49f7352db2f59 |
| SHA1 | 4d3ba1274fc45b6f4202d1cd0d53ba4ccfb10ef0 |
| SHA256 | 59fe4012d2295d5fd2bf6faa2ff371b1ac9bf058ef67057e5ea8fc67343d33a7 |
| SHA512 | 812b8104e3a05c44e28b653ae4c9c3daeee45fd1b09a246765d0b62d2c9eb2170ebea98b09d9286945cb92f20788cffa6c733baaa6999473e67577902da698d2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 764b45babd0e3504067e0131de30790a |
| SHA1 | 2f241b12e04907751cb8b89d75449683c661f448 |
| SHA256 | 78c119bc0a3816c89cbf768bfc3b3361d987fdf792bd8734b7dfe6f451730ec4 |
| SHA512 | b9bff9d38bfcbf07b8de1c46b0979759aadf5e350918c6e3a94a0fba9bf5f6565715c5f8464a89589864e371015b2b91937b4cb20d40b2c7d5cb9aa74637cc65 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | f7e48d0ce2658b5dd5afa3e7ec96782f |
| SHA1 | 2b7bb475d13d01ea203fe7212c93d1b6844e58fa |
| SHA256 | 8ab5fdbb16f3d4e3d91e9114d6dcb99a1c03abb9a9fbd24e8aad463760220145 |
| SHA512 | a2671eb96a03c9b18e4cb8b399f3216571250ab2a46f82c3942924167085a719947c25ac9b8d7f30e731e2003343197ce15a816e185157f66109a82735744b79 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 7805cbba401cc93f209c8ac65f3e3540 |
| SHA1 | 98cfc0f4a0448b5f40ac23aa76fc5521b78fce4d |
| SHA256 | 752e2a6a1b3ba3f179451a9c5fe039d41cee8794d5c6072d07032b823f13f76f |
| SHA512 | 491b49b3e87b11ab25f6cb330b3146c73c9c28f43c0bcc3133d86f606dc93abdbd44462dfd3e15065ea022b11ff14cf19e972ddbf6f116bb931209d83e3a1fe2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 391bb1bbe2249a422ae9d024f25b1057 |
| SHA1 | 8098b5c6c9bdcf8614266c8b39923c438ef6ea34 |
| SHA256 | 953d131b011f3c9d722a4069427b8bea1cf965678814e02ea69ea90081ce2af4 |
| SHA512 | eba03573692369ceda9314c86718bf1302ebc2a72d10df373cdc7d7d2f1e0b37cb5969092005190b7c6f5bff62797b198900c2626573ffada87798a842e9968c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 0cf8e954eb013166e772d31116368a84 |
| SHA1 | 32ea8b799126c177fa56dda043c5798254bd3d91 |
| SHA256 | be97b8427545c44247b7b5c9aad6dede6188b33714d1a8ea64eaa3b62265367c |
| SHA512 | 2caa3831a0e50676da984be57d68255c281aaa6535b461ce5ca1424d97b98fe4999a3bdb348aaebb8e5b6d326e1e6955887f2b2959b14fd7e3fad0d522df5ff8 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 7c97756c2c035ebcfe9208dd86591df7 |
| SHA1 | 57e29d637804dff916a207896274157342cf68ab |
| SHA256 | b7fbec450a4da215d0f778737445d0d3ad164d12e33b31e982eb75b64b4585e0 |
| SHA512 | 5b44f363277a9902132cdaba7b84e2cab60592d37c39fca6c64074e62fc6189f72f6ad4d3d98f65562ab435de1b213b42824f8319b678e845314d68445733208 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 4473a417f27965137c8ff14cbcdac651 |
| SHA1 | 5b4618ddd58fbe54d393d9a83c74299e065cf9af |
| SHA256 | 8393da4e4ec81887368b10c4755b09a8b492fc22d7ac467ee907e0a98f8f2506 |
| SHA512 | 0323aa45c554a7cebff1be29213650ee87ac2a6181d2cbc63340a33b67e4844af3767fa6a40f765fe3be7ff0918c6d5fcb4d675b1690c0668f9df79c954a0363 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | a9bacc1ccf4247e753c79c631803bfd9 |
| SHA1 | 7d7a018a11eebcaa86f228d899071061ee6ff4f3 |
| SHA256 | 1c9e990e227de6631e027875fdd435e2893ead1306acb04e7a487ec3d282ec67 |
| SHA512 | df80b7b3c2fc1a9b06c57e1d82625f96e4a03e898cfedbe009c814931f787c472af552a962d6725dac2088268b370f2c7c6b83ac911ff61e9bfd3f9653944dae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3e317fba2923976e9a1d7b0a21a0e801 |
| SHA1 | 17aaa39b239908a178a0e07eeb41dc387d67d889 |
| SHA256 | 05fe36e237ecf65db7d289703a48847bf38fdb507f87c9f6e3f8ce1b72244e2d |
| SHA512 | 1ae5e8c0d118fda5a3cffdaad4a9ecb575c24448a5ef1d18c6b94823600d224bff559b671f5bf4f002e768235323f5fffde98e4ad037d2ef8fae5a3b270049a5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 33d7cdd35a68047d36be2ea344fe40e2 |
| SHA1 | 6b6ffb4eb1be80c102391a112a87cd93d1f584fe |
| SHA256 | 6f2904ccb59fc19eb26aab6a8d6f9602211d0d4cf3ede9de39a66e740079c648 |
| SHA512 | ef1d1bcdf0680024c0f0e60aaae4ae44fbb448bec5cf574f10fb438df1ebd802a8f8ff12972f1de30defc499ebabbc736f89a9186a0888da2bf8ee1f12aa8b78 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d19192c67eef23665d1a13fb9eda5516 |
| SHA1 | 30d3157c1b9b21860b4530d121e3be11679c4d5d |
| SHA256 | 0d54685294f56d013a53e9deb8799ff69e0bcc79185e3c1d3a126c974c8d49a1 |
| SHA512 | 419da21c7ca00e0c14e11dbc05cd7d1f4c6c9d50e83d5c3fa490e673c780d2186d71d8dd7911776e28f076f9ad71394ed806602dc1dd3a784500c51efc87558b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 38a4be4b5644c958e685416e63e5855c |
| SHA1 | fe8cc0d6adc294467a67d08b4a0dadadb0aad56d |
| SHA256 | 1d3d924751957c1dfeda51f6ebe8b688fb77125142a593f47cec59f7adb06faa |
| SHA512 | eb36907f631d0c4ba316af352c40cb926ffe790b9834ff6802f956bf225b8b5662ef37297f71e90c81951e40c95862352493cc5f8ef4b4eff5c54b0eccbbf132 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9f36c1f3f8761ccd4a659b8cdadb33f7 |
| SHA1 | a46894a427f66979235912ca486536f6058df582 |
| SHA256 | b5dcc9a08e8f8b43bc5736b29a586fec17c495366f780a8bdb04a960c3a73473 |
| SHA512 | dd11ff97de0c1c1ef3220b4b9c3b00ed8d98f1ad6a68e1baf8e785723053a2ce54e1af048eeaa46751037c740899a7fa32e781823bcff0fbf499554dd32166e0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cebce821b6ee66d7ab6597a8584b7f17 |
| SHA1 | e39d7212b32837d697794843bd04c5ec538f573a |
| SHA256 | 53430f011c405a7769c52260c9fe5dafd6b9acd59368bf34934fbe4dcfd482bd |
| SHA512 | 7483b0b43bf82b30c78af42efdfa5ee68d1dc43bc12c4387e759e6948782b08acf051ad29215a5ca47d552c9f391a8faa08c64b1eef1680279fee61b104874d3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 66d50e847a2716ba8ca04129c880d75b |
| SHA1 | 294594ca45d33ae39b0f2baa2b5518d757d8973a |
| SHA256 | c838bd7780450774672f77788704725293db645f75ebb50753721715b11ea441 |
| SHA512 | 25008af77e67602a55fa483276a912c99100a575a26d54c6d7f94ad140abc9d616e74394da481492148354303647cde0a320717857609e01436f058ee4680038 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2bfc00c122ec6988addd8308db2eee35 |
| SHA1 | 46b8ccce41a1308ef5b7f88496fe86747330e579 |
| SHA256 | 9db545b5f430978bdf377c8c9476eaaebd001fe4f4b9cfb0ad7ff90b86655457 |
| SHA512 | e65e498b9f27e7ff2a410539d304250eddfc04b15a74b51b8dbfad597fb1b70a19b185467187fb6cf735d965e9ddc527771b750ab7caa059aecb11c5eb6a91e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 31a2d01ace85d0db3e9437bdd9d8fc3a |
| SHA1 | 0e2a481bdd8ec0a293d3a1f9ea5d9e1133989d4f |
| SHA256 | c8534c8a8cae50c7dfd1f3f39c7300fd8e18ce9562ae82a1ecc394c08a2e6721 |
| SHA512 | c253afed27a158273f3e0b9f6962c2457827ca32f012ac92aa5f3edd92beb92d99022695128e1f6c0e257fa1e7a8de3cb60450befe94fbcdf768062c46994ba0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | e761e86a96dce49614af61a6de131b79 |
| SHA1 | 33abeb3dd8a2efb9c47ed52c462b1fe38f28a46c |
| SHA256 | b79c8828b231e6bf6946315cc506b54f44e31c13a1f2f5ebb400bf52ba4f45f9 |
| SHA512 | 1043588cd6e81ea0fcbf3fb939c83dba8172a7889233d600935b4562d62f69736c3e91f2f245d015d7a28b5cf776922b2fb8c33e2caf5d2b08ded18ea47429d2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 044a9a496f8037f8a1534e5019846fb4 |
| SHA1 | 8a3fcb20b2f8776dbc636b2d04b23b5336ffd763 |
| SHA256 | 92c3ce3b890f70e9d1396e472d3f544a32246bafece3c06923eb7b89da230fe3 |
| SHA512 | 70f5a7f723aa2714d794e1d3ef11b00d0558d529de39d1dcd48151f0170da1b637a17294d1dc8381248681f3a2642a505d5de9a39b40d5969a47c80b824f43dd |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BDYHZM61\www.youtube[1].xml
| MD5 | 40409a8b8b6ee97663ece1c2d90fab49 |
| SHA1 | dfa4adaf89fb961b2ba007bfa480b20da6fbeaa5 |
| SHA256 | af349db838382b6f1923098865fd969a9e4b2c7213a178393f7162f4a9bee6cb |
| SHA512 | 2a5739b56ba85b9a1325a53ac649d44054170bbdd2d6fe7afa0c3783ee525f0f598e7ccabbe8280d0d2c9fe420f4eb871247cfe265080631fd23ea23ea62c209 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2fd234f09dfa29029a1a98ba87ce0ff6 |
| SHA1 | 2fb1815c1f5e18b87145500ebdef1e106278feaa |
| SHA256 | 2eb13260b3de15a9b7d624cd368df7ac1a1c0c7a69b5106d4521f63c5a5e92c3 |
| SHA512 | 7455e6cd207fa3b05e06a20858c94a988a6bbf31b3175da52fd62a1deb2c09b242fabfbbe2b68484196b845a0c664c59a7366cc0f0453cec4409dc9235cd0423 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c2a9a31604854801f1f200b8f1ce1a6c |
| SHA1 | 86a4bbe7f6e7cbc5dd6a45db55e44a3d5020a3ea |
| SHA256 | 16bc460630a0af67dd3a659998c0c278361b4a80357edbf302d6b2b2f6e767ec |
| SHA512 | 6bdd11f66aa9cd14d7bf32c3fc48529bcfba95ed9d50c74ab4bcb208a3670a905170d0e116a0dd8b8211e74d7223166f78147a2f830cf5e1dec79875f56b139a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 68a4ad2fe723ab1df8b4e9a20ebadde8 |
| SHA1 | 2eac1a46eb1c21efe4945cedb49c363d42a3f3b8 |
| SHA256 | e2b621a99a0377fb23e7061200d0f03e85f0443e1b6ce835e2daca3578fd1346 |
| SHA512 | aa159e65d34840fa7a0ff17a55893d7802f72040239db2456a98117df749300e2bc83224ddb584d34259f779c6d8a713b853c784e6b0c594910a7a3af67fcf12 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c236e0e4356fedfde1e1ae8a30a84d1c |
| SHA1 | 8b8e0e339b916bfb6f16f45e49183c3700a3fbd7 |
| SHA256 | e6496873e6443e856d995add4809b5ce491f2f1915c6fcf5130df8c0f47e4540 |
| SHA512 | a6c20a869fb496cbcbb6869ec05e9a9780ded0fe2de111bfd4cf77ed0f8abc11272f6bf22a894e0d6c292d09451bc476c5332fa5a67a3027ff35735343f86001 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 52c89edb517fa6b298326411774c2a06 |
| SHA1 | 9fbe9186720e55796b10db1eb50b2d1cf6ecf476 |
| SHA256 | c7626a6fcff818b9599d70c7c89dde930d714f35e4d00eaa34072d7ff2415a6b |
| SHA512 | 22741df0e14f4d3bdd703586a736d6cfafe5debdb2dcb94d810f2ae65775c3c755fe66567ea831eab9e66b8bda6088e35a43167881aeabdcca3b3a1274df9d3e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 01a0d42373ac14634375cb38dc91a004 |
| SHA1 | 06ea5a9b9a9d80c26541afa319caf1ca0a020301 |
| SHA256 | 833d05e1aba89f23a87a5005c3e5852a11616308a6492065923f4fdae898a07d |
| SHA512 | f2f12cc97c80344139a045ec94fcc5fc478654181834d97fb2d2a6c7b95f2912080bd8be0d61785ec88b309a4f4c471105a9942c94f9ea35044281dbf908a16c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5d0c1d8550bdc61cee69f7f4d2e4c051 |
| SHA1 | 174e7032b956543ed7ca3540adb3bc2caf2c56dd |
| SHA256 | 70a0899b62ec973c98702cf4fb3163d2603ea7e304160af1315fc0f985a84207 |
| SHA512 | 5244f6adf2375ee70bbc7ca070a2882e5b0d06013277b82f215058ea59396901522325d07e019395d6c4b9a4aa47c51dac3441a3b6b59c6f909661bd9692b4e7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e0af7999ee539dbb472a69fdd5d56cd9 |
| SHA1 | 2330e230237f589b3b6cea231519cb6a9ebad325 |
| SHA256 | f4edde862d928568b2d46c57dc73619e6bf670704e50e79a229ac47ad063fba4 |
| SHA512 | 105956d09909c828a8b5537f2b064cc1294946f299fb4048f52d795b30dc921ea94f1f293feca676306a8ec7dae415abeae7d86b3bc94707abff9853bf8686ba |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8dbd659b030e80e0c77b9de1af6dd188 |
| SHA1 | 88f8ba03d89f8606af2ceffe89763d0ac5267a68 |
| SHA256 | 6345a62eb3c50bcd10f477cfedef3c110f5b2f6a120790a4e1f459e7c45cd634 |
| SHA512 | a8ea4220b392b8f16b6ecab577fd21068be4770d98d1c551122455ad9a657986281bc24cf99fce8c12efa1fe439e36b59c36a05dea780eec8116cedc3c90f60f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2d3da9936b494be1aee199553a168a9b |
| SHA1 | add6ab123c9798604e92f3a9cc3851575b27319f |
| SHA256 | 0d7bf97bf612e27ec87e56c6b868df70cc185528c7c30bd3ed2e723b8f957bb3 |
| SHA512 | 868bfe74020dda89ab7e4bd1b5154a8234488b96dbe27beaa31939a792e76e847279c537e858d7a674389dcaf59431e0fd88334b2761c73a2b300cc0dc48822c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ce81d865bd57846ecb8794d3bf039942 |
| SHA1 | a38770b305d9f636758ab27c7116502cca90e192 |
| SHA256 | eff2fe8b203744df60dcca025d1be41b7c03289ff25502ecabf6fe2f25a08eb0 |
| SHA512 | 1a98e7a9779a3dc0609673a0c7c586f15ded2f67b3f704e3254a215bbc5666a15729f11391087976a4382472df6defa752637f123d2b206316f41c8f29ada751 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b92305084de3aaa6279c997df1a2c2d2 |
| SHA1 | 3cc7b0d84617b08cb06c52938d416314435cdfdc |
| SHA256 | cb4c2b4a2aef08c4c2db40e6aa5c2b73dfa1aa706238b198f363d5fc3a5c1243 |
| SHA512 | 7412d41f4a0a2918d4b2ca9415baaa2bad0ee084d222fed9be18b141625c67a27018d56597c0d1efaf5ae7c4347444c8a70ffcdce4ac19c3cfe802d4773afcb8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dbd901c4e2e1964d24f595150a80274e |
| SHA1 | 2ccb8c7726874cd3193ea192e8f81b5685eb8c91 |
| SHA256 | 79a4614241a6d035f49d6aec1a31e6a481a62eb081dc95528f2594eea82ca7c5 |
| SHA512 | b0f030c519d147083ae3699c19974860d51cdd3273e8d148bda22d1a2f22c6008499cde2db60136edff5b27e6c763103669b6c7947952fe14928beb669a1bd9b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8b8defeda773532a2abc096e86c3869b |
| SHA1 | 883f029e6fb22caba34f5064149ab58eced907ff |
| SHA256 | 504798066c060daf385bb1b53bc4fa8416f23854c50eda49751176923c4dc8b2 |
| SHA512 | 8da2f05294ae121fbdfdcc804486089917f2db9a9a5c20607450fa277142a0852b43b2aa3131edb06cff13d8870b13454eb394f166878064f43bea862c679851 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-25 07:05
Reported
2024-08-25 07:08
Platform
win10v2004-20240802-en
Max time kernel
145s
Max time network
141s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c03466bdda39a251e7b4ba51fd96d8f9_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8841246f8,0x7ff884124708,0x7ff884124718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2032 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2816 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4812 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4812 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,17065672303164832762,4082925246656239388,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| FR | 142.250.75.234:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| FR | 142.250.179.78:80 | www.youtube.com | tcp |
| GB | 157.240.221.35:80 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| FR | 142.250.179.78:443 | www.youtube.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| FR | 142.250.179.78:80 | www.youtube.com | tcp |
| FR | 142.250.179.78:80 | www.youtube.com | tcp |
| FR | 142.250.179.78:80 | www.youtube.com | tcp |
| FR | 172.217.20.174:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| FR | 142.250.179.78:443 | www.youtube.com | udp |
| FR | 216.58.214.86:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| DE | 157.240.27.27:443 | static.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | static.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | static.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | static.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | static.xx.fbcdn.net | tcp |
| DE | 157.240.27.27:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 78.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.27.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 130.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | udp |
| FR | 216.58.214.166:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 216.58.214.170:443 | jnn-pa.googleapis.com | tcp |
| FR | 216.58.214.170:443 | jnn-pa.googleapis.com | tcp |
| FR | 216.58.214.170:443 | jnn-pa.googleapis.com | tcp |
| FR | 216.58.214.170:443 | jnn-pa.googleapis.com | tcp |
| FR | 216.58.214.170:443 | jnn-pa.googleapis.com | tcp |
| FR | 142.250.179.97:443 | yt3.ggpht.com | tcp |
| FR | 216.58.214.170:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 142.250.75.238:443 | play.google.com | tcp |
| FR | 142.250.75.238:443 | play.google.com | tcp |
| FR | 142.250.75.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 166.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.27.10:443 | g.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| FR | 142.250.75.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2783c40400a8912a79cfd383da731086 |
| SHA1 | 001a131fe399c30973089e18358818090ca81789 |
| SHA256 | 331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5 |
| SHA512 | b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685 |
\??\pipe\LOCAL\crashpad_2536_CVRCOBKOVHIEDEAS
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ff63763eedb406987ced076e36ec9acf |
| SHA1 | 16365aa97cd1a115412f8ae436d5d4e9be5f7b5d |
| SHA256 | 8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c |
| SHA512 | ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d2733df883c123b3a8b5c7754b0ce539 |
| SHA1 | 44138fdeed5d625c1e695c94c39de3071800315a |
| SHA256 | 5b3e4f0ed5da1709702207ee8893243f52c42e77263718c970727275d82601f6 |
| SHA512 | 6ffa56cb3ea33f9192dc1a11eaa25ea739c3c131db75499849fae475fd77c48f5f7a32a57cdee6926388202ebbe73aec84f55edb3e879449679ce3cbb48d0029 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\50c1dc5d-7b51-46b6-8c97-fad2da1c5206.tmp
| MD5 | 131fcea82afb15e5424097d28397f3ff |
| SHA1 | 939a9e8a6af9df77bafa468ae7ca233fd178d714 |
| SHA256 | bbc13d556e0b2c71541878952621cef89838fa5adc32b2752d627654244b0497 |
| SHA512 | 098232c8b19202e9aacafca13f0ff0538d4fc52308d253182b9d527fdfa804738f80277ba8eab097ccf03b84b9712910afb8ca1d093bab1f12603493abca79c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 04a0b2759216e199123ad54c149a3e44 |
| SHA1 | f78c3501b0a7b4b9f664f9fa9c79b0395f0248b8 |
| SHA256 | 102d832d215fc68733e606e86aadcc5cbdc4c505e82f9b37238bb5b1119850be |
| SHA512 | e88e73b5258de51bb4ae7ca4cecd4fcfbd0c0b442ac6dafeb37b92e7795815e49fca3d39d4e2e5a74d31a32334bc88552ace9e24075ff51c84cd2cf393a6c7c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 688409c14586fcd1e8a0571083ce9e02 |
| SHA1 | d650e8c979d76e3b732cdd7cba916f308534e004 |
| SHA256 | a5588d487d25b8158c95dac5c03cefd449cdea9687528942b0be81aab8cd3d15 |
| SHA512 | f26f96d58724507876ac6c5828203f26acad404431992a60b479f2f1b1cbf5db31d806380b845f1384fb71e2b0ff0a7764c3c8db803fe83d70bf490c9263153c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d1803266ae8b08eb46dbe07e8910e447 |
| SHA1 | f4d7dc0056d0b25b50aa9aa9b3b2d58b862340fb |
| SHA256 | e54ed4b8af5b769c1aa6e0bb5cf739c6a6cb23c9dfe17c60c9f385ed2c715f30 |
| SHA512 | 032d31f04db8ce0248525e4a80a1d16119b0bf256a0c9c6f0e84035c2dea4110d2c1fec62f090e50a1052b76f7e15e41784c40967a321a1b134dc41b9cde45c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 62cce2e7c46ad0f2f860d0260988a2ec |
| SHA1 | 4ebb7f34f3cf0229225e7029d9ed45bc6abc7e5e |
| SHA256 | 127606b0319199f332b29b493a7660ccbff56a29392ebbdeb7a7aa2028b3ae29 |
| SHA512 | 8e81587c33c7abb9d825390b4d62cbd00d49f34dfafbe7f14628fe7c5a45831455635ee8d5be66724ad7f004e2539c9add8a0d9b8a65b5a005c5760100559c60 |