Analysis Overview
SHA256
c53157a6908839c427f6fae93ac14aebaa05f7437ead973b8592e37baa8e7a07
Threat Level: Shows suspicious behavior
The file c055a6b97c1642c34b7088326e637a0a_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Browser Information Discovery
System Location Discovery: System Language Discovery
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Modifies Internet Explorer settings
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-25 08:26
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-25 08:26
Reported
2024-08-25 08:29
Platform
win7-20240708-en
Max time kernel
144s
Max time network
145s
Command Line
Signatures
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://jira.ops.aol.com/secure/attachment/688199/failwhale.html | N/A | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430736284" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10424" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10418" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10424" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "20249" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10418" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "20249" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "20249" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c00447c1c8f6da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10424" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10336" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10336" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000062974e5b5f804e45b98349be16bffb780000000002000000000010660000000100002000000007a1c867fb4edce41995f90e578e224e9dcc0c99d0b85c298839cab3e4fe7b96000000000e80000000020000200000009256e32b33f98f53d4c51efeea94755e1c783c093c5d1c36e302fd5818added420000000bbea4e4574a3f84bc0c4cabf7c2a1e86849cf5b8ee83ec8669cbc7be4c896a6440000000ba8c29a3906066ab06eb818976ad0eeef774d911a71e9a7dc27a79a1f2420ed3f1af1aeb5dd644f8bff2b852bb4d6a1b842c4e73ea4c03e669133d61a894f923 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10418" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000062974e5b5f804e45b98349be16bffb7800000000020000000000106600000001000020000000a5e900622a1e14beecb9720dfca35a29404664fe1d4ff0b274acc6401bd9b86c000000000e80000000020000200000007f34331e094d98ac34c26eb9096873b52bbe5c0922d568f67badad94ea3f097e90000000bd09e5f6b287685902ddf5674d620f9edad237912d626b904e597ee73d421bdba8f41ced4c088a4de4eda311fdc2bb12be03281b575f55234d7800e6fbf0561cf56e923159c1ce297bfa6f7063a27fc344934b229c9d9390e94e16c1c9014d19a51b829bc492f006eb7cb57577f6065358c4c83c0b07ea2ddcdd6339fcf4c26ff4787c57f7383bb63edc3489e6d8c02140000000a4a0bcf34d97b408ef3501e9e8e37ad469ad37d1cdac94758ca977021b73d8ca5668fbc651148065200d60e1cd9a3dd83a0d7a5268546776e4b30593ac6cb64c | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{C8791E91-62BB-11EF-B903-D22B03723C32} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2372 wrote to memory of 2748 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2372 wrote to memory of 2748 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2372 wrote to memory of 2748 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2372 wrote to memory of 2748 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c055a6b97c1642c34b7088326e637a0a_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2372 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www2.smartadserver.com | udp |
| US | 8.8.8.8:53 | www.universalwwe.es | udp |
| US | 8.8.8.8:53 | www.statcounter.com | udp |
| US | 8.8.8.8:53 | goviral.hs.llnwd.net | udp |
| US | 8.8.8.8:53 | feeds.feedburner.com | udp |
| US | 8.8.8.8:53 | www.feedburner.com | udp |
| US | 8.8.8.8:53 | us.i1.yimg.com | udp |
| US | 8.8.8.8:53 | buttons.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.bloglines.com | udp |
| US | 8.8.8.8:53 | favorites.my.aol.com | udp |
| US | 8.8.8.8:53 | www.netvibes.com | udp |
| US | 8.8.8.8:53 | www.newsgator.com | udp |
| US | 8.8.8.8:53 | widgets.bitacoras.com | udp |
| US | 8.8.8.8:53 | img233.imageshack.us | udp |
| US | 8.8.8.8:53 | static2.bitacoras.com | udp |
| US | 104.20.95.138:80 | www.statcounter.com | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| FR | 142.250.178.130:80 | pagead2.googlesyndication.com | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 104.20.95.138:80 | www.statcounter.com | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| FR | 142.250.178.130:80 | pagead2.googlesyndication.com | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| FR | 172.217.18.206:80 | feeds.feedburner.com | tcp |
| FR | 172.217.18.206:80 | feeds.feedburner.com | tcp |
| GB | 87.248.114.12:80 | us.i1.yimg.com | tcp |
| GB | 87.248.114.12:80 | us.i1.yimg.com | tcp |
| FR | 193.189.143.34:80 | www.netvibes.com | tcp |
| FR | 193.189.143.34:80 | www.netvibes.com | tcp |
| US | 15.197.148.33:80 | www.newsgator.com | tcp |
| US | 15.197.148.33:80 | www.newsgator.com | tcp |
| US | 76.223.84.192:80 | favorites.my.aol.com | tcp |
| US | 151.101.130.114:80 | www.bloglines.com | tcp |
| US | 76.223.84.192:80 | favorites.my.aol.com | tcp |
| US | 151.101.130.114:80 | www.bloglines.com | tcp |
| US | 38.99.77.17:80 | img233.imageshack.us | tcp |
| US | 38.99.77.17:80 | img233.imageshack.us | tcp |
| FR | 142.250.179.68:80 | buttons.googlesyndication.com | tcp |
| FR | 142.250.179.68:80 | buttons.googlesyndication.com | tcp |
| FR | 5.196.111.64:80 | www2.smartadserver.com | tcp |
| FR | 5.196.111.64:80 | www2.smartadserver.com | tcp |
| FR | 5.196.111.64:80 | www2.smartadserver.com | tcp |
| FR | 5.196.111.64:80 | www2.smartadserver.com | tcp |
| FR | 172.217.20.206:80 | www.feedburner.com | tcp |
| FR | 172.217.20.206:80 | www.feedburner.com | tcp |
| US | 8.8.8.8:53 | hjefyqznki.igg.biz | udp |
| US | 151.101.130.114:443 | www.bloglines.com | tcp |
| FR | 193.189.143.34:443 | www.netvibes.com | tcp |
| US | 8.8.8.8:53 | www.aol.com | udp |
| GB | 87.248.114.12:443 | www.aol.com | tcp |
| GB | 87.248.114.12:443 | www.aol.com | tcp |
| FR | 193.189.143.34:443 | www.netvibes.com | tcp |
| FR | 193.189.143.34:443 | www.netvibes.com | tcp |
| FR | 193.189.143.34:443 | www.netvibes.com | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 8.8.8.8:53 | www.aol.co.uk | udp |
| GB | 87.248.114.12:443 | www.aol.co.uk | tcp |
| GB | 87.248.114.12:443 | www.aol.co.uk | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 151.101.130.114:443 | www.bloglines.com | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| GB | 2.18.190.80:80 | crl.microsoft.com | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| US | 8.8.8.8:53 | www.codigobarras.com | udp |
| US | 104.20.94.138:443 | c.statcounter.com | tcp |
| US | 104.20.94.138:443 | c.statcounter.com | tcp |
| US | 8.8.8.8:53 | app.xclk-integracion.com | udp |
| ES | 62.97.140.11:80 | www.codigobarras.com | tcp |
| ES | 62.97.140.11:80 | www.codigobarras.com | tcp |
| ES | 62.97.140.11:80 | www.codigobarras.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 8.8.8.8:53 | stc.xclk-integracion.com | udp |
| DE | 157.240.27.35:80 | www.facebook.com | tcp |
| DE | 157.240.27.35:80 | www.facebook.com | tcp |
| DE | 157.240.27.35:80 | www.facebook.com | tcp |
| DE | 157.240.27.35:80 | www.facebook.com | tcp |
| DE | 157.240.27.35:80 | www.facebook.com | tcp |
| DE | 157.240.27.35:80 | www.facebook.com | tcp |
| FR | 142.250.178.142:80 | www.youtube.com | tcp |
| FR | 142.250.178.142:80 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| FR | 142.250.178.142:443 | www.youtube.com | tcp |
| FR | 142.250.178.142:443 | www.youtube.com | tcp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| FR | 216.58.214.163:80 | c.pki.goog | tcp |
| FR | 216.58.214.163:80 | c.pki.goog | tcp |
| FR | 216.58.214.163:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| FR | 142.250.178.142:443 | www.youtube.com | tcp |
| FR | 142.250.178.142:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | tcp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| FR | 216.58.214.166:443 | static.doubleclick.net | tcp |
| FR | 216.58.214.166:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| FR | 142.250.179.106:443 | jnn-pa.googleapis.com | tcp |
| FR | 142.250.179.106:443 | jnn-pa.googleapis.com | tcp |
| US | 104.20.94.138:443 | c.statcounter.com | tcp |
| US | 104.20.94.138:443 | c.statcounter.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab1B9C.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar1C0E.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0189513a039344e4ffcdb335d56a9d3a |
| SHA1 | bfe9e29de3efc8cac724353c2cc49e7b449cc9db |
| SHA256 | 62544d00d74d83ee2aa65946bb638ef89d3fe28aee39b5d8abb210f6f229b168 |
| SHA512 | ce7b9e1b5e1282a20c253c30229fab7f24218c1e33e4c822b233c9bde73722f7c147cd04d66d4e11b7e25a303e63b209c412a0b9885d029a6b6f8d3a75f60a63 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d4012f677750db99c06a49199815f4b8 |
| SHA1 | c96ba1a952a7c7221d3437a58ceaf8420c2fac2d |
| SHA256 | 9b09d8a7ecbb48c2ece36234e2ea5565d396ae507e179effb4543394346aae85 |
| SHA512 | eb69bd9bb562a7ea61a1a01fc3449e9bb2119b300ae8470a04df5990b983a81b7641708bab1c64ca004cba466f4c8b03f75d7686ea6bf54524cc695749ed3489 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | 87e368fd6a69ac8a45f3de7f4f007774 |
| SHA1 | 292cd5e694d8fbc3e33ad08cf5c566c885679395 |
| SHA256 | c240009635919df42531fb1b4576bf8bcfe5e012aa9ab0ff3bda3509404210e7 |
| SHA512 | 474869bda2e52f475e3df7be2447ad1486e6c6524b06fce74931c74b7b6ae49428b42a541d9c59cb55d791a51bd2490c0a0bfe40c0daadf03ded1d91bd255104 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | c5dfb849ca051355ee2dba1ac33eb028 |
| SHA1 | d69b561148f01c77c54578c10926df5b856976ad |
| SHA256 | cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b |
| SHA512 | 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\print[1].htm
| MD5 | 5d8d79c3cb9af023240b1be6f5057aaa |
| SHA1 | df22980677b134e83d878893f7c7984e0d78a240 |
| SHA256 | e8b101a7c7f64aad528cc734513cbeb02243c0af37930dc0f3239749cff184b6 |
| SHA512 | 66f432b622cee0bcc06cbc0f833de1471ea36c295b4cd93eb848d97e69c2252acd2fc8972db51ea35475a424f4d6cb5001325525fb04f71b8704eb24de1c4008 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dfb012f3360bcd898ba0d8db79bb6356 |
| SHA1 | 6fedf73adb46cc6f4a878d7f52116d5ddeac2937 |
| SHA256 | e76126c7368dd39da66033d130603652ab273317dc3872a4213a85b3083ad7ac |
| SHA512 | 8cc7cf463900e05464dd86d6ec489a0e62bb28cff5f2b03acbbd70a40c229513fe00e7a73fa1e2d2542c1ce7d0c628db039c73541c4b50284975c16e68789424 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 09eb835ca5ee242c33ad1d38e0f7158b |
| SHA1 | 6265999d45635408d4e473246275306d83ac7902 |
| SHA256 | e27b0c7fdee87ef38eeef8d517de7e8ffe4a5d01c53ea9255b5a84e129f407c2 |
| SHA512 | fa5d0e70c2b7968e3e2a4fc7f93ee9d337406d970eec0f6d03156a8774966547b52e8dc259ae544be31d14e22bba1af51bfa6c098a8e5702e7d1d2c88bfe40cf |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X761FPIN\f[1].txt
| MD5 | 35e751e9ad4488fdb799ff2ee5c05093 |
| SHA1 | bb6660f96662615a468de0e613e2ce703730877e |
| SHA256 | 120541cf1ce005e98991acf361a6f8d344952c46ac18aeb2edba61f3dc3cfe74 |
| SHA512 | e1cf23aa3fa90aa6555b3176f262aa79fdd2a8b9119f579d45da012f61a9f32b5993c1fbefb715bdcbe3ec8563d93c239fd623b58a46070dc4e90937fcb31914 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a760c0a77acd37ee6a11c5785dddf703 |
| SHA1 | 0762418a09d188fc05f2696e5015a7c0fe6e1a1e |
| SHA256 | 9685f05e769470c3a3ebfb5c54fe8462f778c4c4b4c5347ba50c5b2fddf4f1fa |
| SHA512 | 81ce15788d214acea4877d23c5034e176585c24658b0e594ded4788462d45f493c413da45b0acf7e524679204d6052f5383781d2bb596d2260e8ba2a51827f62 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTBGGANG\counter[1].js
| MD5 | b5af8efecbad3bca820a36e59dde6817 |
| SHA1 | 59995d077486017c84d475206eba1d5e909800b1 |
| SHA256 | a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368 |
| SHA512 | aac377f6094dc0411b8ef94a08174d12cbb25f6d6279e10ffb325d5215c40d7b61617186a03db7084d827e7310dc38e2bd8d67cf591e6fb0a46f8191d715de7b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X761FPIN\ad_tpl[1].htm
| MD5 | 1596b434f89bdbaed9a2ed3f0f4fe4ed |
| SHA1 | 4d045ce1787ccf38d5cb7ae1bb9de50d58975ffb |
| SHA256 | 5b281f5d510dcd5b8a4611267635d4b62a3632108f254bf7e325f663c6c05159 |
| SHA512 | 9ee6fffeea5056ade5d6665cd009635be0f5511f522011b6bea697a9788010316e7f997cd873d02698ead63ac21bf01bca753ce4fcf7e40c5217f7615357aa8d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 7b0a567ffb62d41c20818bb505ee5e55 |
| SHA1 | e1d244c8f9bb4b1bc504e766a2b368ead64cf1ca |
| SHA256 | c040512fceee5e1f821782c1da0f0238163e9ec819a1ec2be9077e3e49e78b49 |
| SHA512 | 0e9856a73e0b638d414ffe9199f2bf4ef90a3839d2c8b2c0150a325898b7c5ed7df11c1280d733063a9bc124e324f6fd8484e4a252a8d099a4f71f1c770b3381 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f941f7933d64f302ad0c6e30c9b4e67a |
| SHA1 | 3aeae47cbd13f54ffd4f2aa4437906fae93361f1 |
| SHA256 | 38ff509c60ca0b1d4dcc3a92d4a1d323fc3836abcaafdd8137f1a7957526e175 |
| SHA512 | cd10c071b7b6c54e8c9c43f7298daa66b347400adc2350020e51d6702f3cd99d3e9c06abbaa597496820162c5efd1094f0b4f3cff1777022128f45905c6302f4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_99D900F12B8086FBB953F0E33A55DBE5
| MD5 | 34615bf555bbeac6effa0e57c9e75098 |
| SHA1 | 73fd1cb920454fccb0956034b9f0237dfbafd358 |
| SHA256 | 3cdfd632424821982992388387b7c9b2d8af59bbae830a4ba922c5b4a8de32da |
| SHA512 | e0110d24e7f3c33d6c7509f4dfc910d8412c7821ccbf15a31d33b38c1865f296359fcce04e24f086d8bcef0c9ff7f791c27169dcfc148cbba296b11e53a2ca36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a7c8797dc4c425b2e4c9d8dd84a980bc |
| SHA1 | e98ae42bd63f770c891022bf80a7489acd9dbd6a |
| SHA256 | 99f7aaa710ce516b14d4d8d871863efc0bf6bd84f60922ad0fc62e9473416c18 |
| SHA512 | 09964f6851f6e7ee4c96a105ae7ae24cab2c134f12751f33bcf813502b30547b7bfe1438c29a39e04e8bb8a47c14111b7a51b97a0d71ee56928e3d4b3825afcc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9283de414bfb62f8a7400c3a7de12518 |
| SHA1 | 6bb3466613ef73dd901eb282fba6a19297d83042 |
| SHA256 | 60ace64a34cbdca45f1e966ce34f46bd94e64ac3753505440146c2af6f12bf23 |
| SHA512 | 27742343bc082b4c2d65d63d6bdc14164988d177a8f921bd4fc5eab8657a26c2fb426f774906eeb4649e52bc2101d96cc54e2fc72fd74d7af9c500340fca71cd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d42fa63237f1c178be339c3e3784b51a |
| SHA1 | 6980c4b831eb8f27c7b64c448e6d6b637393d8e1 |
| SHA256 | 7e55197d1256370ae31a3f62d7a794f5aa74cef13c201f6864465f24e81172d3 |
| SHA512 | 7a14a2047cec7212eb81009020d6f47db5b80cb21087c99c9f533c4446157ce8508469fe5b45c0a5a4f7166e9278225a078399b5e4fbc8916b445e9e839cf6f1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 27dbe4696e8e4fef2a25a13fd723e10a |
| SHA1 | 63d74047b5f80ab00f4899e80b0ddd880f2de528 |
| SHA256 | f820f76c90aa0931dfd614fccf60597496e0b513ab128140d0f486a5ac08c063 |
| SHA512 | a5ea38e98b00e11c29817f60cbb12bd7b8163a68f14424a410664d9f12dfb496769de8381ee7bfe32a6ba5ccb6f182fdf04b16c1f2ee6cf2d5dd63b397ee15d1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | db33520e412acb28a935a9c05ead499a |
| SHA1 | 4f74470076dc67b49750aefc187bdc9a202a7eb8 |
| SHA256 | ab66621a92314bb73e368a542f9c58a371c1d498c5fc92a67eb05c0d49b113d6 |
| SHA512 | daa772f3d88d1a1cf4388934bcab3e0901e35c069c554188313a21d9c0401c7f9f19224137253cb969dc497d22f71230cb0eb202b4995623d60fd9931a21cef3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dbd3b93e886e9b8146c339a2bce99bb8 |
| SHA1 | 8186d93a23b210134c73736be09e20a1659c164c |
| SHA256 | 941ece01b47191637bed43d8ccf01f069809ba79d3d31cef1b51f736044d995a |
| SHA512 | cf17eaaa41e884a3b208c00c261f97b45d9581da85aba46af2f0c73a4e0565efe03108efa0c839d5eb6d51c63c09eb1e7ebf746a8c088c4f7a47dd4c094688ce |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 70598c4dcd09b2e0f21cecacb7b3cdbc |
| SHA1 | 5f55eebe5ec7f2dfae836ca2cae184a5589e1f44 |
| SHA256 | ef66a4635db842841f09d77e8515321b9735ee54728e17d85b912f307d8a2280 |
| SHA512 | db125950e87a0d88e4f30a4d76dfba92823f3ee569b80d9e4c09701c165c25afb60d4e9150495d34f301c35fe6b537be79b9cad1911b1ecb9d3c6bd95cd34963 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e9e43aa8123e3e0a772115219b2d7310 |
| SHA1 | 666da5c1fbf89bcd04cb4f24a295974fb34d4edf |
| SHA256 | 05a910ebdcebfb21b893242666c7a1234b028875bd382783f6865e80b97fe26a |
| SHA512 | 2d86aa26b3217d4d259df47e2c87c6ad1223225dc0c661a43c68db50492679517df1e6bff2c86987a5953574fd552e90d272e25320c1b2db0055b94393e0c26d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | 97cbbe20b69c8f3c3209742bcdfb9ede |
| SHA1 | 07a31184f68fb7dd0f73fea2844533b332cca1ba |
| SHA256 | e5e8cb72f948dd4ff9aab95990a749bc051b14e8f09b7a8ee0d7b922aaee97cc |
| SHA512 | a81cfba7530f9f319f46ee61da8247298b3e0d995c08b6aa199da26b2e515017440116caec6d473ba8ab57e7f166da6c0e5167e31b85cbc6ce0051077396b315 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | e777461de24821fe0a3e3f3191ff1940 |
| SHA1 | 207e38140a83fc84e63325738fe2f9e8ef8bc786 |
| SHA256 | 25e3e8a0199ad0106cf80c1f5ac6fda7396331bda37309220d8e6348083b34e6 |
| SHA512 | 48f579fa7ab036ec4a44e806f2c1aa5c31316da4ca2a90e4031cf2b92b26a8b06274d402e193f83ec439458ff4829ce7522a3962dae7a403bb68d72dcb8f85a2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ff78b9f764c24f81ae4227d36ee85e55 |
| SHA1 | 15520757bb57df65cc01dcc28a2011c64aa57105 |
| SHA256 | a23bc45991c98731c2bb30859f6fe6df9037f515a6822a13bcd96357e1bd1f97 |
| SHA512 | 1fdd4f02a276ed8677955af1ee655a56a4f7eadb6300b97f5765e79d422c0f5f7c32aa2825ffdba639041ba728456eb3b9a535215b667c2e4b8bd5965e0df705 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 565f112389f6a3937394a14e85e799be |
| SHA1 | 5a60417705507420359aa1ab836f4346757c5515 |
| SHA256 | c5f31557bc21dde2f5415851de64c6b6b41ab3be339e8cb7c77de2028c9662ec |
| SHA512 | 9ad9010f7d4542cf7166c927d50e418ece0e11b8568ea16e0537195683f4e73ee11f99a854aff484840be24f37a2f976b0b18c5a3c01a557c6aede8ed4cb7d5e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0c6a0ff5cbce87c4d6709512cbf08443 |
| SHA1 | d1823d5b3b49cb30012eb40cb8a2947d8262de19 |
| SHA256 | cdc47f88cea799a1e58bb683fb0fc0fbc4079eff4fd083683e3ade30168f1bec |
| SHA512 | 93ae98bb4cfddf4f2769c96d80b7339f1ae909a46d2b68352589178f89db1e4a2b16dd31b9163bbcfc4b919948875c0b2125f3c86a09c41b650b197892dc8dcf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9610fe6c912f48051dda26bb2b7d3c85 |
| SHA1 | 7aa46ebbf43831de714b0f6274f3a945dee54ad4 |
| SHA256 | 5b2feef144e8b65bc88b19d3def5c6b3a77b992ce779f3213a2ae24940a79b4a |
| SHA512 | 3ef3c36682779be0d21b389b102f9655ff35f812b9f5db7941c3d423cdd0640ba37562bcf0fea42322b7bbbee863776cc3272c156e8d0efcb29e86cc960e55c5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9c2eb360786ce0be2a5142625171e79a |
| SHA1 | 64fc732435bc4a38954b2d2a779ba0b44a2f05b4 |
| SHA256 | 74e8821bd4ee1b0430f5e29520a14a4224fea66d68a528f2a04fffe96c7354e2 |
| SHA512 | 8109dcd421c4014b27589acd7fc656698876a9769ce419a38b8d8e16f149274319ddf7b2165b6f2a345c457a93ce0c4f8c308d387946abe560b3b8a6d66f3584 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3cee7e8d322e60e1439823d72c697e88 |
| SHA1 | a834072558e67c046648ea784e908bb7c16e1211 |
| SHA256 | 23da70e765f8fc877a0aba8ec096ed3fa19fbca5e3071e29048962d791796aad |
| SHA512 | d843fb5818848289eb69bc93a9d6c13e78978bddef7d2707e8b8b6061fe0a0d604b19a8da1e51e8ea83914ec858377c2192dc13d8b7982103396961295930356 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e62e5fd0621d8525819938f3e50503b4 |
| SHA1 | ef65f3cb3b8c545123cd56fc0f2bc253dae71b9b |
| SHA256 | 069aa390a8ac5222a912006edd2b21b92dd1e7dc3e271a5851114084b77061ba |
| SHA512 | f37caa247979b492b233456490587a64cfbc928902ef7fcc7f6ef30cb314376e2ed103ee3efdd94c2b52dec2fb69fa3967fea13c2df0fefdef168662b3b48396 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | 3b868e29bc745f4657f7aafc972fc6b2 |
| SHA1 | fa5c6150da08dd8c756366b62db69dd238fb0f5d |
| SHA256 | 467f9e4c4d4ea319d18445bee9e2adbc9499fc943288296936c613a8eb230148 |
| SHA512 | 22bcef7836f49f816e731ec0adbbd88e1f7ab9198d490cc1f59a7386c7348d4b95475299df669e1895333bf87323160548538aa337ccec638330a3288a4ede37 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | ab16d63885135a6e7b80bda87f892453 |
| SHA1 | fa2fa0bca18a5ffb5e889c48021252721b147fbd |
| SHA256 | d8822f2727d7a9f61e21dc98c3b406f6ee1e061dc05a02ca75762c0f000c3bae |
| SHA512 | 7a92e363d892d265fdc893627714e6c3baee39044fc217b8c1c992590f5f046bd37cdab4ed69c3b11e97fb9752609fc57a9733b4c93ad165f7dcc67cff4fd638 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | 6881069ff3851462c9c0be56cdd5d72c |
| SHA1 | 847bf3971f84775c63d6285b7f12846ad0670c4f |
| SHA256 | e6a49ab1d7ed0fb87d9cf5c7bbba3cff15c5119308fc4c72ebb5ac5386fd945e |
| SHA512 | 582b04d4efe6180804e50f88562c736005310d1ef27112c5f6f651c24de3395c4b7981ffc5affe3573ebc5941fbf77ce986b1167d58ff436891ba93dc2ec5fb9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | 52178f82d14cddfb966630c63ea6f3ee |
| SHA1 | 971368196931ddf7127652620783e56810b9b347 |
| SHA256 | e226db8bfeb0ac6027f39ecaa61f516866bc1256c378dee3a96e3a2d6f94b7a1 |
| SHA512 | ea033c998471ee45227a75817623eb1ce185b5ceb31e6e49396e945ee617c3a456da21777a6d89bb2343d2004a78ff551b4e7089780f03a2a87b9fe2ee6eb6fa |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | 7e3e38a428576cd0f279e6f2496d76d7 |
| SHA1 | 24444f588e520078d8d4bf0f804c0d7c49316c94 |
| SHA256 | 0dd6b7e9d2885dc8762d1211dd67a26d490dd2538d83e978f22f7e8d13009266 |
| SHA512 | 9f54c427261e197cc5a814bc7ea01a1685155d9cfd5a0aa2a3e09bb255a77b773b42eb8b9a6b2a95cf4d4342f8dcac229d8a2f807483d77ab2ce33ed50fe7788 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | 13845013fec6d048792e98f814a6cc3e |
| SHA1 | 4e9669388ca2129787d540e8ae9c066db47243ae |
| SHA256 | 23be981711182ae2a6996a7763edbf85a3589958ca056835dd5f364eb7fdc19c |
| SHA512 | 770d968671df0b74878cbfe11c24b5f21fbe46e00e984f3fe6eed285b08391e3da4cf89bd39a572ae0a4a08642d660e3f3c457568f972ac8a112bce8333d3342 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | 174c87af2a27f4d6121ca28db820b5a0 |
| SHA1 | d4d69dc1b3fa287ea92d2c1312d01e47aedc60dc |
| SHA256 | b68a1b4ad2a07aa3631d9bc88b3b42fcb9e8d06b2adae3470a1d4cdebd79729b |
| SHA512 | 3a6446c6fb8466066921b1b80f4eabb238099d5aba21620c259d950cc5c1f110c589375f539aadf8021d0a139aeadab313b8c5d0b3bc19ae069706cf772ba281 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | 0f94c1dc363140b6947bf6770b8bd2dd |
| SHA1 | 2978f9174d375f5e5bea73c93cf27b15621a366f |
| SHA256 | 06699b23b3002f7c0384a69bba1f7aead1d48f04fd419052bd902b8a7f83aca8 |
| SHA512 | 32802ba1647377b6d4102d0b0da626398c617f8754dafb69c90c52d9712458a51b71c7797f6b06de0f9f660f083af37d55d3db1f39ecda2c57863dbe13e5a0a8 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Y0SZ0BG8\www.youtube[1].xml
| MD5 | 357230fd901a71061ae033586e46e47c |
| SHA1 | 9c55db51d4d4a91693980bb5b88e1fcdc38a85e8 |
| SHA256 | fd48a27253b89c052ed94e0cd01e42ee70b3d1bd54470c4fd9f4bc09cdd7ded4 |
| SHA512 | 22f745ed6b19801ab7bda549f52b7777d77a6e419f78430a67b0fdf05186efb0da6e3594c9df8e191b6d1f58b55271218417f276552dc8b13039b98472485df5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b5865e8d75ce05a40cf506fa281f5c1f |
| SHA1 | 10155cc994182164f7e8973487bec81c1132c79c |
| SHA256 | b317c3b9879c71ae8bee17673557eafdd518902c67f24544fcabcc5190c234f4 |
| SHA512 | b5278a321cbc89e4481df031af4725ac086486696d06991e4d1b7606e575c89abe64c68a9bcbfa173ae2436c62fd9efa0ff4e803090fe7aa5879622bdff8feb7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 65f62b043beb4da3cc9f26d6581b0474 |
| SHA1 | 6eeaf2df32611547b0e80255f25d412595c13a58 |
| SHA256 | f62bf9bab39fec13be705538eaab9eb4e94b042b53fff3445e168c882077c290 |
| SHA512 | 61e9226b5e2f0cd6073cbf4e2c2cd78679a575420d17433db11ca3985d4eece762a7ab22a2a5bd59ee42dff037439fadf12edfe47dc6f6e80ece4ed294e5f5cc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 551af9ff57e1238188810c7b3f658804 |
| SHA1 | 7838516a2e73dd70acbc6c50b725b36792f922c3 |
| SHA256 | 9a3a848820547e7c051b517f5405467d464676e7d473e2add043e90f34d62041 |
| SHA512 | aa85daae7cd4f86323ca0f1e2a87f7b1b77f3e072316436a979cc0425b2f5e57b1809237f1eca8760fafc96223b770d71549ba2d14ea7194332ebae353e08524 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 476216e4a3c3c745dc870642601aff4a |
| SHA1 | a863a493aa42243bdefd6e236385e982343114ed |
| SHA256 | 4fb8678b664524e26ee90b22b3b2f970d5dfe5d032b776642f0fda7ff2db64d6 |
| SHA512 | bd7d8f31f2815f22e65030907eef4000f70e7982fbbf10b6346a950493f6c425e41bb71711fe4d0f216354a3f4204d63319ea1fff9da1ca5c6b61af7cacb0d7c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 595cd10e78009931c01ed6731d929fb8 |
| SHA1 | b051f6d3ee5824b466abef92a62d1e493984eeee |
| SHA256 | 0cda7cd16d6aff5fb7ec7d533420a8f2505c85aa907034d52b087803418d476e |
| SHA512 | e283252a13f3d40ec0c8eaf69436400a0b5ef7d60f693f524279fcf35787f7e8ad626ecac7bcb7d64f18a084335d36496dbc8a49222a425cbda0bdf3c7984b2b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fee9eb5fa3aa4143f2cc7a746db1f131 |
| SHA1 | 184e6fd8e313f876f80f3cf0b349fd2b6d20cc7c |
| SHA256 | 7a7853547762f1bfff2963b8e72171df9f2685004f89bba72dccc6c14fece0e5 |
| SHA512 | 906fc465e55da7e4985450bc896cfd9ce7c594e780ef6b390bf42ece32267fe289eefd1041a9e16e5d9046beaf599c65021eee7d4b152eaf869008e6138ade90 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2000cec21fd0c0c3ac315ee40739ac5c |
| SHA1 | 20925717b4676a02767be691d2cd89cd201b6f05 |
| SHA256 | 798c897b2fa01367fa41b289b184a61ac4154f0bff9a026a3a8bd3ed5d24f386 |
| SHA512 | 758291c5e1554ef88a221ff3b40fa10e9360dc9b53b82da3f3704bb23bb6c0cf9f7445c4bee14411b2b8eff3a76f3cc51c313d525fbc8be38c158a81b7e0f259 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ccfc8cfca7c91df928da39fb64d642c5 |
| SHA1 | 1b4efcafb98256fb5e7349ff5745538ab7a03b96 |
| SHA256 | d337ff7e253193b1435d87985f67e242befde725c79352d6ba332deede1bed45 |
| SHA512 | bb2354ff2ad7138051eef007a54f3991c329d90837e75f84afa50f858f570033dd6bb5778da77cab281ea6537c13fea27f8f61117e36c907b3d5afbe5dfb0de4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9a26b862a875e7b7a50c8572d395c3ca |
| SHA1 | 17ed4024424002bfdf2fc76c09f45d84acdf2f7f |
| SHA256 | aca7f8afceed53193c792e420801132b17eac3120118fed28b16cdcf4e0226f7 |
| SHA512 | 7e590cc064c9cb5b8b38b4cef9f9207ec194a0e5f1f1658192e596db45ede00b46897d371dabc5dc21213a0457733f9e945e0728ede733a9b61ced1d45dd803f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5a077e338a464b00e76a62c4a3ec2020 |
| SHA1 | cbc8752e9dafb714a88cc40b4d8f858756b7c626 |
| SHA256 | 55206fe843987368081b229af31a6a87644ddb521d3d722f3db9b1f519ba72d1 |
| SHA512 | e33dae6fd6f878dbb82a6a2fbe7560574ea18fa8091ab1bc043eb038ff6be1e2ff64501dabbf0dbc337fdcd748b68410dafb69c6b68a5ed188618e405ed9e5e5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8cdc030c458cdd68d0f4956108c43e14 |
| SHA1 | ec1600c88b17a48d9527eb3b00c9291ccae81b2f |
| SHA256 | afb5ff5ba75a43df46e504e0ff0008070e16b711a5b1f8aee252d1ee198c0f82 |
| SHA512 | da974a3f8314151b919464e4bffdf8fb8ee4d7cb5177d5e3d0027c6073a27ea0e2b5bc5faf744dc05824466a0ed002d14a5550ddbeb13b3ebf730d40f2140388 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 74f27a72edd4a178940e4b397b566153 |
| SHA1 | 85e768f022599ce25a3d1012dd73873efba4165c |
| SHA256 | 72700179f59468af1cedea301c972d65ce169890fc63cb9af2a3dd165fd8fbfb |
| SHA512 | 4faae5253a7cf9a935a7bbfa988e6e4444b441baf70fcf78eeb3ce69031cb0aff05668d415b6a538ec6331fc9d3e4c879f9fccbe95d80e7686a2830526f2da59 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c33d4c932fc761933146ad81793e1d96 |
| SHA1 | 4f1a72fc588ea44079bd11dab581d6c795206440 |
| SHA256 | feae3d7bb248c4197e2ee2424cc65008fb16edd4d2d5a9d2a3cf10adb23dfb59 |
| SHA512 | c61d457adbaec984fa5bff610c01b9e9eaae3c7c21b2ea31b47db229b2e5beb2523471ed2d1b676db27aaa202c3b1426c6f4bd3f96c821f6e860317b268cd410 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-25 08:26
Reported
2024-08-25 08:29
Platform
win10v2004-20240802-en
Max time kernel
137s
Max time network
152s
Command Line
Signatures
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://jira.ops.aol.com/secure/attachment/688199/failwhale.html | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c055a6b97c1642c34b7088326e637a0a_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff968a046f8,0x7ff968a04708,0x7ff968a04718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2800 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6268 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1260 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1260 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,3408856307478649094,6810524129574468160,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5404 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hjefyqznki.igg.biz | udp |
| US | 8.8.8.8:53 | www.universalwwe.es | udp |
| US | 8.8.8.8:53 | www.statcounter.com | udp |
| US | 8.8.8.8:53 | www2.smartadserver.com | udp |
| US | 8.8.8.8:53 | goviral.hs.llnwd.net | udp |
| US | 8.8.8.8:53 | feeds.feedburner.com | udp |
| US | 8.8.8.8:53 | www.feedburner.com | udp |
| US | 8.8.8.8:53 | us.i1.yimg.com | udp |
| US | 104.20.94.138:80 | www.statcounter.com | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| US | 162.0.209.115:80 | www.universalwwe.es | tcp |
| GB | 87.248.114.11:80 | us.i1.yimg.com | tcp |
| FR | 142.250.75.226:80 | pagead2.googlesyndication.com | tcp |
| FR | 172.217.20.206:80 | www.feedburner.com | tcp |
| FR | 51.178.195.208:80 | www2.smartadserver.com | tcp |
| FR | 51.178.195.208:80 | www2.smartadserver.com | tcp |
| FR | 51.178.195.208:80 | www2.smartadserver.com | tcp |
| FR | 51.178.195.208:80 | www2.smartadserver.com | tcp |
| US | 8.8.8.8:53 | buttons.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.bloglines.com | udp |
| FR | 172.217.18.206:80 | feeds.feedburner.com | tcp |
| US | 151.101.66.114:80 | www.bloglines.com | tcp |
| FR | 142.250.179.68:80 | buttons.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | favorites.my.aol.com | udp |
| US | 8.8.8.8:53 | www.newsgator.com | udp |
| US | 8.8.8.8:53 | www.netvibes.com | udp |
| US | 8.8.8.8:53 | img233.imageshack.us | udp |
| US | 8.8.8.8:53 | widgets.bitacoras.com | udp |
| US | 8.8.8.8:53 | static2.bitacoras.com | udp |
| US | 76.223.84.192:80 | favorites.my.aol.com | tcp |
| US | 151.101.66.114:443 | www.bloglines.com | tcp |
| US | 3.33.130.190:80 | www.newsgator.com | tcp |
| FR | 193.189.143.34:80 | www.netvibes.com | tcp |
| US | 38.99.77.16:80 | img233.imageshack.us | tcp |
| FR | 193.189.143.34:443 | www.netvibes.com | tcp |
| US | 8.8.8.8:53 | www.aol.com | udp |
| GB | 87.248.114.11:443 | www.aol.com | tcp |
| US | 8.8.8.8:53 | www.aol.co.uk | udp |
| GB | 87.248.114.12:443 | www.aol.co.uk | tcp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.94.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.84.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.143.189.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.130.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.209.0.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.77.99.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 162.0.209.115:443 | www.universalwwe.es | tcp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.codigobarras.com | udp |
| ES | 62.97.140.11:80 | www.codigobarras.com | tcp |
| ES | 62.97.140.11:80 | www.codigobarras.com | tcp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| US | 8.8.8.8:53 | app.xclk-integracion.com | udp |
| US | 104.20.95.138:443 | c.statcounter.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| ES | 62.97.140.11:80 | www.codigobarras.com | tcp |
| FR | 172.217.20.206:80 | www.youtube.com | tcp |
| GB | 163.70.147.35:80 | www.facebook.com | tcp |
| GB | 163.70.147.35:80 | www.facebook.com | tcp |
| FR | 172.217.20.206:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 163.70.147.35:80 | www.facebook.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | stc.xclk-integracion.com | udp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 163.70.147.35:80 | www.facebook.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 163.70.147.35:80 | www.facebook.com | tcp |
| GB | 163.70.147.35:80 | www.facebook.com | tcp |
| FR | 172.217.20.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 11.140.97.62.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.95.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| FR | 142.250.201.182:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| FR | 216.58.214.166:443 | static.doubleclick.net | tcp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| FR | 142.250.178.138:443 | jnn-pa.googleapis.com | tcp |
| FR | 142.250.178.138:443 | jnn-pa.googleapis.com | tcp |
| FR | 142.250.178.138:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 166.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 142.250.75.238:443 | play.google.com | tcp |
| FR | 142.250.75.238:443 | play.google.com | tcp |
| FR | 142.250.75.238:443 | play.google.com | tcp |
| FR | 142.250.75.238:443 | play.google.com | tcp |
| FR | 142.250.75.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 238.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp | |
| FR | 142.250.75.238:443 | play.google.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 719923124ee00fb57378e0ebcbe894f7 |
| SHA1 | cc356a7d27b8b27dc33f21bd4990f286ee13a9f9 |
| SHA256 | aa22ab845fa08c786bd3366ec39f733d5be80e9ac933ed115ff048ff30090808 |
| SHA512 | a207b6646500d0d504cf70ee10f57948e58dab7f214ad2e7c4af0e7ca23ce1d37c8c745873137e6c55bdcf0f527031a66d9cc54805a0eac3678be6dd497a5bbc |
\??\pipe\LOCAL\crashpad_3960_FJDAVIYMMXHIBEPR
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d7114a6cd851f9bf56cf771c37d664a2 |
| SHA1 | 769c5d04fd83e583f15ab1ef659de8f883ecab8a |
| SHA256 | d2c75c7d68c474d4b8847b4ba6cfd09fe90717f46dd398c86483d825a66e977e |
| SHA512 | 33bdae2305ae98e7c0de576de5a6600bd70a425e7b891d745cba9de992036df1b3d1df9572edb0f89f320e50962d06532dae9491985b6b57fd37d5f46f7a2ff8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\749d0d19-5b48-446e-a3fc-fefc5ca9589e.tmp
| MD5 | 16d859076f9cc9f7aefe9342de741f8a |
| SHA1 | 2f360d824ad4e6e02177f52d1fd8081e69ba3847 |
| SHA256 | 9279f624a7f8d34e2b3ed6e7010bf0cc2faeac7b1991d333f669ea244b5d5aa7 |
| SHA512 | af9c9b54840caebe7ee9c3960809cddb55a5ff8386ce2f25fc4428547a0930da1b112a7f6c23c0a7a6ff4047bd02b32d4d2ab3731e626ac741fc81ec5dd9c5f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f1c93838d0af4f604cd57cc7daa94780 |
| SHA1 | 2b5aa1790de58b4e0bb98f8becd47ce7548486ad |
| SHA256 | f4ffab8129de1ed8659b20745d84420f2bb8eb00d20d7ced09c907726c4a254e |
| SHA512 | fd54baf1b5a73dfbf61f70fe0328be7fd479be1f07a649844ff70f85235771438fa6597734a258464b23e951177a1d5c5eed022f001adf07f31bb5e9bbe72164 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8f9e5e77bcbb965e0d4b330438467a3a |
| SHA1 | d42bc9ad04546fcf190c61a17ba8eae20cee384c |
| SHA256 | c361145cde9fe6117ac346c5fbe15d76beefba737cd1bc0e0a5ea9a32c88312a |
| SHA512 | 60a563c77c9788a1fe7b86e3fbd3ecbc58298281b4ec8007eacb53334cefea9c5d445746fd39db2605c6a3cb7d8a43c4989a3a06f7cfe323334458ab28f085a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a7936868202f47bc8f176c4daaf720d9 |
| SHA1 | 8397ffc1aaea68bb54757f11db76bf9205f5f58a |
| SHA256 | 5f804cb7dae0698fc4a9d8004cda99e9d5966911aa06ccce7a601943e2d5bbe0 |
| SHA512 | 283607df92717ff555014df11b4af209aa5c3b12bd3d7874639b4fd29c7186757cb80c68a58a6f60ddcdb34064edfd78303bd9d9bfa84c36ae00a54b27bd11e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | da932bfd29d07e736c30681fb0719cb7 |
| SHA1 | 15e70656c83547d21dcf1d97ec9be55b95c7ce9c |
| SHA256 | 50ce84ae7022313cc68063d4e46bb98f85da5e3414fa40bd585f4716e78869e4 |
| SHA512 | 934a5d38fdbf6733abdbe1cb917c4b8ef37bb42d7fe4af5c844b5536ae46c77da96ce591345c0e41e5f15ae5fba5b3b1ce24d29b4775fabd8d6db1e0626ef98c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 16ba2faf46fd04c719203a771ea4c7d6 |
| SHA1 | 34b54eebb97feecf5742bdb4efbc7f446e69e8b0 |
| SHA256 | 813361f601a4baea0e458e6f54f35828c8b52c920cc619a1625d063e2af18826 |
| SHA512 | 869fa53e82cc47791f2ef9c888676fd2afd532e05fbc740434c3c7efcffbc8c7da71cf174550c2444af3db5aa57e5a5e4a0da4711539a63edc4e3d1f3c6c2b35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58f5a6.TMP
| MD5 | dd0c357ad5fa2b3f29c4083f621e136d |
| SHA1 | e6f87f41c01546d91d3166869bbaa2fec4cf160f |
| SHA256 | 134f942235179e14c2b6bcce783030e199c0c2fcbf9105764f38ad0f399a3c58 |
| SHA512 | 397b445a4867137bccf09d46d22d7f49ab8cd305acafd09c3918f34f37acfc1627c19798fb2278ae5b00835a7d80ac08c4afeeeb7d3f8bc46fb38326d5002b5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2414b9f60404e963131203aa86818703 |
| SHA1 | 42bea2d0c8de015b5c6d425d211cfc5944efd6d0 |
| SHA256 | 54efb4cdbe24e469d137e9e4f0455d82b9602164b2b0c88e0a0afdad0440caa0 |
| SHA512 | 5df8398718fd4065f4d19dd6c274a7bff131e4e44c93bf91ced8e03b00644b077d18edcf9b11a8311cad357131a42fa55c54955bcc77367f0364003dfdefd961 |