Malware Analysis Report

2024-10-23 17:22

Sample ID 240827-zf69ms1bje
Target c5b42657073751f8df878baf91b9937e_JaffaCakes118
SHA256 5efb24493d71174c172530439e6814b128c80404e2181d3350526f253c6118a8
Tags
socgholish discovery downloader
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

5efb24493d71174c172530439e6814b128c80404e2181d3350526f253c6118a8

Threat Level: Known bad

The file c5b42657073751f8df878baf91b9937e_JaffaCakes118 was found to be: Known bad.

Malicious Activity Summary

socgholish discovery downloader

SocGholish

System Location Discovery: System Language Discovery

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-27 20:40

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-27 20:40

Reported

2024-08-27 20:43

Platform

win7-20240708-en

Max time kernel

121s

Max time network

148s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c5b42657073751f8df878baf91b9937e_JaffaCakes118.html

Signatures

SocGholish

downloader socgholish

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9FFB4471-64B4-11EF-BCF9-7EBFE1D0DDB4} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e337bacba951544a9a832c52e69bfb00000000000200000000001066000000010000200000000489b9cad3e3595697c43225dc8ac2e191cb74c8ecfe4c012785648670d282b6000000000e8000000002000020000000b19ce5a4fc0e780ada599a6c61928e90dbd4616db8c61d081cd0f8ba2222160f200000002791b3fa9c657a654ffcbce54e3c449d2c7ec967481c7e63d20fb4fadd4910dc40000000ada0799c50d9a0af66f0c1ad1975bc8c647149f22cb8a7953421727fb380dbfe646c89c2936ff055e6a0727e2a3a21067dc9d691fb3bd5268890aec36c098760 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e337bacba951544a9a832c52e69bfb00000000000200000000001066000000010000200000003ae2dc7ddeff1a6ff0592fbfad71ec807bf46487cfb2b08dfd50bd93fc7d02eb000000000e80000000020000200000009f74728724b1bd279198c40ed2235263c5a83ff9c7f2ebd9d877986a7cfb5bd2900000000abd269d46ff9f6ae2e7436975eaed91b47b5fde5bb02385cbe4d290bdaf77de5e35b6af6874d2f67fd3e1a987850de18f5e65d3c83e00638298f2d49a7d08192673ab77119997e0c0bc3c01ef211e802ce3021755e96275f46be35ea6be0d372ee0ebd4fa87f59c57a7ac03fe3661266b91b782dab8c2dde647c23476af5c567f895a633a20e124154576617348822840000000ae1779c1f270c6538edbf37cfbc4c380293d753288638c22a2956c71e00df2fa105250366ccad04bbfa1eb7ae9c0d151b248327cadbfdb11b16b40cb6cac1be0 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430953109" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1506706701-1246725540-2219210854-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 30e7b1a4c1f8da01 C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c5b42657073751f8df878baf91b9937e_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2672 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 related-posts-atb-brandnew.googlecode.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 draft.blogger.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 www.linkwithin.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 yourjavascript.com udp
US 76.223.54.146:80 yourjavascript.com tcp
US 76.223.54.146:80 yourjavascript.com tcp
GB 142.250.180.1:443 4.bp.blogspot.com tcp
SG 118.139.179.30:80 www.linkwithin.com tcp
IE 172.253.116.82:443 related-posts-atb-brandnew.googlecode.com tcp
GB 142.250.180.9:443 draft.blogger.com tcp
FR 172.217.20.170:80 ajax.googleapis.com tcp
IE 172.253.116.82:443 related-posts-atb-brandnew.googlecode.com tcp
FR 142.250.179.97:443 2.bp.blogspot.com tcp
GB 142.250.180.9:443 draft.blogger.com tcp
SG 118.139.179.30:80 www.linkwithin.com tcp
FR 172.217.20.170:80 ajax.googleapis.com tcp
GB 142.250.180.1:443 4.bp.blogspot.com tcp
FR 142.250.179.97:443 2.bp.blogspot.com tcp
FR 142.250.179.97:80 2.bp.blogspot.com tcp
FR 142.250.179.97:80 2.bp.blogspot.com tcp
FR 142.250.179.105:443 resources.blogblog.com tcp
FR 142.250.179.97:443 2.bp.blogspot.com tcp
FR 142.250.179.97:80 2.bp.blogspot.com tcp
FR 142.250.179.97:80 2.bp.blogspot.com tcp
FR 142.250.179.97:80 2.bp.blogspot.com tcp
FR 142.250.179.105:443 resources.blogblog.com tcp
GB 216.58.204.74:80 fonts.googleapis.com tcp
GB 216.58.204.74:80 fonts.googleapis.com tcp
FR 142.250.179.105:443 resources.blogblog.com tcp
FR 142.250.179.105:443 resources.blogblog.com tcp
FR 142.250.179.97:443 2.bp.blogspot.com tcp
FR 142.250.179.97:443 2.bp.blogspot.com tcp
FR 142.250.179.97:80 2.bp.blogspot.com tcp
FR 142.250.178.142:443 apis.google.com tcp
FR 142.250.178.142:443 apis.google.com tcp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 c.pki.goog udp
FR 216.58.214.163:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
GB 142.250.178.3:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
GB 142.250.178.3:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
GB 142.250.178.3:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
FR 216.58.214.163:80 c.pki.goog tcp
GB 142.250.178.3:80 c.pki.goog tcp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
GB 142.250.178.3:80 o.pki.goog tcp
FR 216.58.214.163:80 o.pki.goog tcp
FR 216.58.214.163:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
FR 216.58.214.163:80 o.pki.goog tcp
FR 216.58.214.163:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
FR 216.58.214.163:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
GB 142.250.178.3:80 o.pki.goog tcp
SG 118.139.179.30:80 www.linkwithin.com tcp
SG 118.139.179.30:80 www.linkwithin.com tcp
US 8.8.8.8:53 crl.microsoft.com udp
GB 92.123.142.59:80 crl.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 s3-eu-west-1.amazonaws.com udp
FR 142.250.178.142:443 apis.google.com tcp
FR 142.250.178.142:443 apis.google.com tcp
US 8.8.8.8:53 im44.gulfup.com udp
IE 52.218.88.67:443 s3-eu-west-1.amazonaws.com tcp
IE 52.218.88.67:443 s3-eu-west-1.amazonaws.com tcp
US 8.8.8.8:53 ocsp.r2m01.amazontrust.com udp
US 8.8.8.8:53 ocsp.r2m01.amazontrust.com udp
GB 143.204.67.183:80 ocsp.r2m01.amazontrust.com tcp
GB 143.204.67.183:80 ocsp.r2m01.amazontrust.com tcp
US 8.8.8.8:53 im44.gulfup.com udp

Files

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 c8acb4c74c7ee65cad3a465a4cec4a07
SHA1 b199e83d64077c1f9469ffaf2ef8ae1789ba490f
SHA256 a400d9d729b6f38209943414a337970a401f0dd1232fe91481336f267a18ca15
SHA512 87bea6a784080c4015ae32ba4d2316dcff7ac739143c9dd86df8f1fef6adc9a89fa3b141bbd707b0da5572a9f847eb64fa5d0f3888de983d7b67b80d7b959f86

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 cd6be96924fd602b02ba736f8788a0af
SHA1 53e3d424207b0562b7606e86faf96cfe63996d95
SHA256 be15cdcf68d1872f254b4424f34cd2d13f483e8e5fcaaeb510212325c5779686
SHA512 268ecfe01b7b5acfba9e3d0fcffb9c7651afa69380aa526c16df5b039eccf7ab1f236b97510fed71e407916044093c84255f99f6430222ca15704cd17d35e081

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 289c69707d477d613cffad05d3222e32
SHA1 1185199580f7f1c7e482f999801935f7e27fee48
SHA256 fbd8be190b95e1f7237ca513d2fd2ec2ac90fbacdb7ee629409737ead4cac050
SHA512 33449c8f348c1170c8bc5b8d8e077852f860286ca83ff73e248262e4003f5e8d8318e2c0b52781f236f16733d65eb9b7cdf4bde5b8df2a6d4f98708c80a3d63b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 16b4347a6002cda67c58f939f4c85463
SHA1 16ae9ebb42a5015614df91761c43ac8326add211
SHA256 8ac0df32680ab4545e0e020fd1f7b8355060b16444f6857fd38e7d6365aa2bcf
SHA512 64a9ac801752299dcbcf1071303918d9c0aff1e89fbb813e040b5b047b982706b5a1e0ea8db0f1246f03bd53914672c4ba1420f16d8dc0ebfc17ce11525a6b4a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

MD5 c668370c280388ef20c27798b309e34c
SHA1 e8464bc1789cc53b87cb11bc3775a066449299ab
SHA256 3bb39d7f366918cea5042c0704ffcf8966e0ec8a9055cef307078b5e4d7df3c4
SHA512 69913c1533159bdb8f826197b5cb2d1e72fbea6ddc0d713790a40d8f79301f48c076b49b1230e4a63dd76df84cd8f099ef7c7eb55e3f91fb1300d7eee6fee9f7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

MD5 e935bc5762068caf3e24a2683b1b8a88
SHA1 82b70eb774c0756837fe8d7acbfeec05ecbf5463
SHA256 a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d
SHA512 bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

MD5 21b20ffbd2ec5d866efeb992dfd7a8e3
SHA1 e537faea6b2288ed2098e51c819f930e04bbe3de
SHA256 85bd7e6fb6c75c38dae8d2d6b21bac7648d6457c346e652a135441a2d032d8b3
SHA512 08b75330a88b0f8421c5b59d849ff8a28a1e9e0fb52688163f2162391c10adc578404c89e878aae81d498ec7273db9376d6f27a42ca5013c93ab59d368abcb35

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C02877841121CC45139CB51404116B25_D71A94740B0CED76EBD7AAE2374CBE8B

MD5 59c742385c5eab84914fa840d36d35ec
SHA1 c26bd34236d7b14ec9ea1b89747bb8b9882930e6
SHA256 460a3282dcd46e131947031b446d95b22dd6cb25e86ede71ebd62470094a18ad
SHA512 bc512496a0385b32dbb0e98454a68a37be49d9364eaf8724d60105f6ede45cdb240fd88b3b043b653260b2b3441acdc062c38085de892aa20f07da795cccaf24

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B3513D73A177A2707D910183759B389B_147AB4536A182B9FCE88E194D59F3B22

MD5 72bde6d1c35fedc47a854d0764f02719
SHA1 148144084bfda73a05c0dcdd7319188b2ccfe710
SHA256 c0992afdf2a1b91920cbc3f207bb5013437f8ecf8af00cdf22dcdd5dba916774
SHA512 71262c425eb8d1aab973778720fe489931d0abd2b3bf3de0169e0c90afb47ee522ad749c2472440f228e4a707887aba78a46a2245bc4b5a9339a0609de169570

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B3513D73A177A2707D910183759B389B_147AB4536A182B9FCE88E194D59F3B22

MD5 b334a91c65a075c915b19628e9698cfa
SHA1 983bb3c34ac9313899f4992f2670af5c8236232d
SHA256 1063c32017d6dd417da8ec05b84e62196182aae8b8a5e1db4c972a569e64464c
SHA512 e99e8696966946ddbed8cd37334e7e9412900929cb15fadab6eb1a43bd3955e9328d745e4ede2a7f21658940b4ed8ab0ae1820f07d1cb071f0f7f0aa191fac7d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C02877841121CC45139CB51404116B25_D71A94740B0CED76EBD7AAE2374CBE8B

MD5 c6c7d00df805fa14074bf651272ef494
SHA1 d7bf9e1fb96a50c4c2e7c6034f29a9a067fbd35a
SHA256 7ab4f326e68d3650f663f91f93fdd0cd5ab88d22bc32e59c40b117312bc002fd
SHA512 cffcb4f946a9af1c0e5720772b8897180c89a78557a0282951458f257b683893bde9624812990902006f0dbe8434f183548e3284e2890797aaeaacdd58af68f5

C:\Users\Admin\AppData\Local\Temp\CabEE84.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f68410b0b3bfef69f21957984df28281
SHA1 f81e1b4ded9a701b455506c3a18cfa0cc640e67c
SHA256 3e62931bace8bb0ff37db6e968fd36a0df6580e9fde2fe7a8cfd58336afb9769
SHA512 a62e969168c0da2bb504bef4fdf99cac8ff666b89505e2f99e0ddee96a4cddc1ede9fe3171ebd97852e47c5e2a00e6dbff0f5a82ff89888291508ce07c47d81b

C:\Users\Admin\AppData\Local\Temp\TarEE96.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 699fe20f4fa09984e905f74e08d8d1e1
SHA1 a6c200c74654270b8ab3626f2936da41d5c691b5
SHA256 f9fc69ffcfd9844fd20c7d5ba11bcfd9838919bf7e7c141ecb064ab0d633b624
SHA512 fb73494407a5d6bd21c30115c7577a1940c96de29a1136c49178c41e51c38c1a410db012ee2f0fccea50378e89e0efbc73c54cd8f059f36c64b0cb985dfcb2b2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 0519e0d9e64c8956b182253e31eba2e2
SHA1 7066bf214a834b7acaf1dfbf923300d4fdf17ebe
SHA256 c868cbd3fe458bcc011a972fa9bb2a2fba05bf52ddf1c771eb6b739ddf055c43
SHA512 93fc3fec9856f842e2841465158789d698e06b3e2b8b5e057211da70c7fcb385a3b3bd0ff787c60a266b822b4dae3f6cea6d9c3f13f13a93d31e6e558f806000

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 737e688c873c67c7d08da3fbe3b5ccd2
SHA1 21676bd3a93b68363ff32dd104257982d2460091
SHA256 333dccd1b38a80c780a2d9a7201cf3b13897e7d4cc4f90356812e7bb2191ef7d
SHA512 dba8365baed913603d255810e77446c082caecaf3f4c38a8ff4854740102b0e62dbd214349d17a376df1f6a05f4af2137758294496a9afb009e6f948c4cb0e59

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 71bd74c84935d82ada2143165496755e
SHA1 a90a12f1872cb8c019643923b6e80766beb1a7ae
SHA256 bdfe3b28fad6414c32b74bbe1c7b9c5597f4792d03cfbd5ce04c16858ff40158
SHA512 52b810609bc16de77f98d2dac43f603fc8fe3d08cbd64be0b86c89b5cd89eddaf172268678a44fc489608ee0276ee56fa8024067214501a1922f2c18b7fb7510

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 63f0fb8796fd80122eed236f18ce9026
SHA1 590345526252f991cf60329e37aa340868ed699d
SHA256 cdb30f4de7ee6969db0d4265f96f7959a2ed78c9e1f0d05b0305f40ee837afd4
SHA512 9f99c4d01144c1b98e71c319cf7e14a9505070ef768cbf5d08e688b48b5294432d41c10fe0ebb5edcb0e6992e60f92366c9c7bbc01e05ae11bc94d4ce24ecc69

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dd4a08136ebe23f1212f4c1b2477a0a7
SHA1 447fe42e3afac03997823ca20639bf6346deb43f
SHA256 0d0090288bb416d7fb112e25d5dba58304eee281dc9641f33d8f9235b910c53e
SHA512 bb08a91a63b90819b1b0c2621b06e9b33de69e27f5e7b30261ea7bae0b050ded906bc7296aae61656b6e5ae4b47d16f6b8385831f39217dd1eab96c606f243e0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4a037a080e2a2ae96b51d4341fa2f498
SHA1 ed8be62973dc8649875d3db73c8c7838b53e746e
SHA256 bbe222c6c6d28067e5bafb0f2162c0389ca7435353f34fe4215673858b5001a9
SHA512 2ca3d6ab4689f9fc30128b1d31a3e13641f1298b65fadddb23305c8411459b53368162c01934f85cbfef5ccdaa98aeaf6e8ad98933f52ed4724c59cd606fc986

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 6fc1e85358b869554cc9e4ae5743e25f
SHA1 33d80dd610a8b5b8f5498897a2b1fa9e16a00c62
SHA256 479d409a9c65287fe33cd5bdc93b942fa38b6e629967e593c162e723c29ca35b
SHA512 3fb57fab9a274878c5b632e999e85b38a36997564403b648caaa873b4d6afe2ce8a90099994f8f6e4ef1cd181ffd66586231fe88828be023692eebd6d7168472

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2be770b76da97ed902ca5734f0dfadd6
SHA1 ef05ce6b66616374973b6c7f553941ea479a7ed4
SHA256 8e2f4be1320f0993ea40a9e47dcc7ec07911db0b2bc082c6b77edb86a6e64979
SHA512 778101b08c53fa342f0849ab593555d5aadee53dd511f6f2bcd480e6e42adb0fb1be9bc2e2513a6c02993f2600ed6c5cc3b7dc05358f481e12b929fffd7d8dab

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0ad79bfe876fa71e5923e183c93ab081
SHA1 5139481e1d53a48f9dcc55384e498f5b329ae616
SHA256 3fbb3486792b79025fea37ab8c0461c2365510a9b0c52678b4c1f856b2c7b6a0
SHA512 5249481998c3492299f9656c86bd3868ce4a791b042fce07717675011c552da0e2577721de01bc168271e226dfd9ecdef682f71e243dcb8d3f44aff8ae7d7e55

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2912965f0e9a950854b33017b20ab369
SHA1 fa0a8feefa004a357540b7664be1312ff755184d
SHA256 acb986d6fd614e54139894b9b250b381ed736515ab57e6980da77ff45751a974
SHA512 59ab45f0831b8ca06671ceb17933aa5d8f3b364a9475e815c37ff561857c3a6d2853d0fab054a0665ab88919d855386e5573da66aee63ae73bc1407ef36cec19

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cc5b20dfdc2f8674e84200b8a7cd2a44
SHA1 8d034ffe681ede9d060d750067eab1676877986f
SHA256 d500ea41b084b31169f583f6a1a6c19dfb1e3b91e0067d27dfb0f0eca3452fad
SHA512 067308f9079cfcb87f54449ecc8c29524f2c366c8eb4c70c9f39ff88652584667d6fabdd50515e56bffcd9800bbfa9368b91cd4cf49250572653e9f50da32380

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 36ce8a2e2b70eb1b6907e371b00af01c
SHA1 6d206013ef1ddd408a87a07b401dba981840fbd7
SHA256 ab1235c9fd94f76f9c8eab4e29e26c0b1484046ae9610a83d9ff643817c0d3f4
SHA512 f5286f96ee9756f733a9d37f4b84296f1b2a2d6124d03a45a2858221961a49077bdd22bc13cc7b2b0450b02dc9d03a26c92af23d45c82422ca990ff88dcc8109

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 780f1bafaaebbcffe8404c0e1f766798
SHA1 217771e7e99e3942d086c09bbb9ba1326ad73232
SHA256 5d77fd6754fb74b95880655bf43be1dc4b45df44cabe14b3eefe1e16029d1b6f
SHA512 14832adb8b4f63ca5388d467e0ed022090765d1762bcfa8ca25d48fa0f58e12ffda719c829251ec3f15bfdafcc48e78079c3ba0c1ab01d27e0e4a174088c5d0b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8f45f3fabb8c5e06adc9bc7a48d54ff8
SHA1 6784c77339b630d6aac7546207da8131a7da450c
SHA256 471b05ba9c5d5fd5a9ad90465e5eb644b352b434fc118a3877888a53a6e57943
SHA512 b8dbf33ca44edff2478acc710633d53e218ebab6ac605e5a8734e7e488699388d6218644ad2be30646214b4ae8a78db6af4a8ea45533a12628ed27836b208812

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c6b0dd6b1b9da03df80f044192572a13
SHA1 d40eb267944baf7eb8d89a37fe903ab533bc0f5b
SHA256 532158f3410aedfa1715dc6a0a630bc871655ec4a28abe88b842b7d350bfcc60
SHA512 fb3a472ec62de75b22d5f6716db545446c97a3aaa1b0e94d0bf5e50864c57770bd12be6d0bcf638100509d907feef3cb507342f5e9ffabe24882fce751dd072c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b88165b13ba36c1c1c5b6e82b1bcce72
SHA1 1cdbfdd8e54964af2372e39efaa02afbc1ef8d4f
SHA256 3418c9c237aca738fb7c503622fa94954ed2a2547617cdd4d1151303884237a0
SHA512 101c1ce29e650131e05318d4e33c29681f0c68287e8108fa981eabefa9a16dfae267ff93b7c0f795b471fd64433dc6a55e2d567462ed44f7dc874f747fccb42d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d5a5c1d9e2c1755cb025e571498c3fe4
SHA1 5c9579a24be758181aa9413da68efefd27c69092
SHA256 4684ebac7d7f49c6dec278eb546dfaf3b341279eea9760ce652b4422310389b6
SHA512 7cebb8faa4dcb62a0252360afcc2e75e7db2ac4cd852f6721408589b267cf4f722036dacee5fe02c2cc307d39ce6601edd83343ece5b9053272dd97100adcdd5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8c7226eb8440f6ddfda72ddcb18ba600
SHA1 497155fe388d0095952db631ef7934629a5a4eec
SHA256 42b6e08734c9da5621a3d1e957068277f4f9b4eb66d3af790d2d85d7bf91bad1
SHA512 94c50b5c4490946d56eb1d63be9db07984dca0f2ac70e44e2c0043677ce61af8edf4235b83188aea6d72e88a18756e60572e37e4b6c41475c6704cf1231da755

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fe0fd82c93964aed084339085844eaae
SHA1 f7af9ac91e86daa84a28ca09483fc528ad617bf2
SHA256 af4a61eaf8faac915015b42e114ad7c45de8eb9f67ec6feefeeca106352eca51
SHA512 77bfcfac6fc25de54fef6f8cb1a9eee47b1bc8c8bfc35b31fed9d0c9ad8a5bf36f88cf841b4f47f49410ffbd35e565cb6edfb255ec15d1dcb1399c3585c2c5d7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0c698fc3e16b354569a98c80382d4186
SHA1 6cfe8729f246be65914b1928d5203bc9d4ce4f4b
SHA256 3539a7be8e33442713aa8fe1625855542b4c94302d2238201ea8546f7e38c293
SHA512 c11aa1ff847921357cd234fd5f42f1ecda0e251f80ada721f6d0264915f51df9d47dc36141c82411f925d2c9f03465061e4b8940885b9b06431fb12be8a193f8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 116152cff27e16ade4c2770afe144aec
SHA1 52e01b23ff1bf611739c4caac94dc9c06a3db273
SHA256 9a085d346c66365a427c76d2778953c18ca3cd07c3c13e8b64f38455afabc604
SHA512 8770468c12df5f3fc84191fa121f6a8c86d1b1ea7b83e9472e98b278940640ddca0d73f7fcfc4376e762e25afb2691a1ad472197795334c2d0bb1967a35ffae9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 96d97eee1f926eaf42d091ff74e4cbc6
SHA1 f3fba5b262a294e8e0683601efbf420df83abca2
SHA256 efef0604ae51ec7b200d470350f3e7fa79e79445610685a30e6e6c5b2d93df29
SHA512 e2fa49ec178e5f50323eddde7ab28cdaa61975b51d5a2711d04e909e69028f9d564e15c1d5bfd35ea860e032a10128e4cbd5967c79eaf67f39cf74991bdc1892

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 13a50ab1a8b7bf097520845f901336af
SHA1 8b3794829bce1cc0107f9ddb0bd29a33abe0d252
SHA256 31da2a9c356d31893b5ca4279f6bcf551b6914ae8f4f5f891a7a8cd541cb9774
SHA512 28ad2d5fe24373e4fee37c982c1c2d296d9eeef689eec00a4573b78b49ba8882edf4d5dadb62b46bac43b2e90cca74812a617ce591c664d97894e3a934a0a9f9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9584d68e50d97387167ebb2ef69abe14
SHA1 e4962f9c638c33cae60a5b341416cb9f1088c789
SHA256 3e436618b8e4fd40b8623f6bd56ebca98d4edf63964af96c485d00a2ddb06ecd
SHA512 db862ccc16aede544aaa27f456760a82c39a5b486d49c7a6715614654b16579dd1c974b3d57474b9610654e5f7af11a89ddc24aad831d9b66dcf7caec2c78cc2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 897603f064f4d370c7afa3a8897b7073
SHA1 9935757415adb5741e75ae4ef6c6932f331b5f3c
SHA256 274be4fd07b29e51eb02c3f583cc8b553be6ebf1937e343dc4a29ecf9d545617
SHA512 24ec898df090f89802b7a0d935ad2fe35fb7e265374a15ba9cec98355581cd86957c4095d5496a9e24d57528c2ce3731ad6a11398e737ed71e4728056572c8a5

Analysis: behavioral2

Detonation Overview

Submitted

2024-08-27 20:40

Reported

2024-08-27 20:43

Platform

win10v2004-20240802-en

Max time kernel

128s

Max time network

140s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c5b42657073751f8df878baf91b9937e_JaffaCakes118.html

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c5b42657073751f8df878baf91b9937e_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3880,i,16315016104747277319,5510969007830467313,262144 --variations-seed-version --mojo-platform-channel-handle=4364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=5024,i,16315016104747277319,5510969007830467313,262144 --variations-seed-version --mojo-platform-channel-handle=5148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5408,i,16315016104747277319,5510969007830467313,262144 --variations-seed-version --mojo-platform-channel-handle=5436 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5400,i,16315016104747277319,5510969007830467313,262144 --variations-seed-version --mojo-platform-channel-handle=5492 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5608,i,16315016104747277319,5510969007830467313,262144 --variations-seed-version --mojo-platform-channel-handle=5592 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5616,i,16315016104747277319,5510969007830467313,262144 --variations-seed-version --mojo-platform-channel-handle=5976 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 related-posts-atb-brandnew.googlecode.com udp
US 8.8.8.8:53 related-posts-atb-brandnew.googlecode.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
US 8.8.8.8:53 s7.addthis.com udp
GB 216.58.204.74:80 fonts.googleapis.com tcp
FR 142.250.179.105:443 www.blogger.com tcp
GB 216.58.212.202:80 ajax.googleapis.com tcp
IE 172.253.116.82:443 related-posts-atb-brandnew.googlecode.com tcp
GB 142.250.180.1:443 4.bp.blogspot.com tcp
GB 142.250.180.1:80 4.bp.blogspot.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
FR 142.250.178.131:80 fonts.gstatic.com tcp
GB 92.123.142.208:443 bzib.nelreports.net tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 3.bp.blogspot.com udp
US 8.8.8.8:53 3.bp.blogspot.com udp
FR 142.250.179.97:443 3.bp.blogspot.com tcp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
GB 2.22.69.243:445 s7.addthis.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 82.116.253.172.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 105.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 208.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
FR 142.250.179.97:443 1.bp.blogspot.com udp
US 8.8.8.8:53 www.linkwithin.com udp
US 8.8.8.8:53 www.linkwithin.com udp
SG 118.139.179.30:80 www.linkwithin.com tcp
SG 118.139.179.30:80 www.linkwithin.com tcp
US 8.8.8.8:53 44.56.20.217.in-addr.arpa udp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 yourjavascript.com udp
US 8.8.8.8:53 yourjavascript.com udp
FR 142.250.179.105:443 www.blogger.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
US 8.8.8.8:53 1.bp.blogspot.com udp
GB 142.250.180.1:80 1.bp.blogspot.com tcp
SG 118.139.179.30:80 www.linkwithin.com tcp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 8.8.8.8:53 2.bp.blogspot.com udp
US 13.248.169.48:80 yourjavascript.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
US 8.8.8.8:53 draft.blogger.com udp
US 8.8.8.8:53 draft.blogger.com udp
GB 142.250.187.206:443 apis.google.com tcp
FR 142.250.179.105:443 draft.blogger.com tcp
GB 142.250.180.1:80 2.bp.blogspot.com tcp
US 8.8.8.8:53 s7.addthis.com udp
US 8.8.8.8:53 48.169.248.13.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
GB 95.101.143.202:443 www.bing.com udp
US 8.8.8.8:53 202.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 platform.twitter.com udp
GB 142.250.187.206:443 apis.google.com udp
US 8.8.8.8:53 s3-eu-west-1.amazonaws.com udp
US 8.8.8.8:53 s3-eu-west-1.amazonaws.com udp
US 8.8.8.8:53 im44.gulfup.com udp
US 8.8.8.8:53 im44.gulfup.com udp
US 8.8.8.8:53 s3-eu-west-1.amazonaws.com udp
US 8.8.8.8:53 s3-eu-west-1.amazonaws.com udp
US 8.8.8.8:53 im44.gulfup.com udp
US 8.8.8.8:53 im44.gulfup.com udp
IE 52.92.17.240:443 s3-eu-west-1.amazonaws.com tcp
US 8.8.8.8:53 240.17.92.52.in-addr.arpa udp
US 8.8.8.8:53 im44.gulfup.com udp
NL 192.229.233.25:445 platform.twitter.com tcp
US 8.8.8.8:53 platform.twitter.com udp
GB 146.75.72.157:139 platform.twitter.com tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 widgets.amung.us udp
US 104.22.74.171:445 widgets.amung.us tcp
US 104.22.75.171:445 widgets.amung.us tcp
US 172.67.8.141:445 widgets.amung.us tcp
US 8.8.8.8:53 widgets.amung.us udp
US 8.8.8.8:53 34.56.20.217.in-addr.arpa udp
GB 88.221.135.34:443 www.bing.com tcp
US 8.8.8.8:53 connect.facebook.net udp
IE 31.13.73.22:445 connect.facebook.net tcp
US 8.8.8.8:53 34.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 connect.facebook.net udp
IE 31.13.73.22:139 connect.facebook.net tcp
US 8.8.8.8:53 s7.addthis.com udp
GB 2.22.69.243:445 s7.addthis.com tcp
US 8.8.8.8:53 s7.addthis.com udp
US 8.8.8.8:53 bestfooz.blogspot.com udp
US 8.8.8.8:53 bestfooz.blogspot.com udp
GB 142.250.200.33:80 bestfooz.blogspot.com tcp
US 8.8.8.8:53 bestfooz.blogspot.com udp
US 8.8.8.8:53 bestfooz.blogspot.com udp
GB 142.250.200.33:443 bestfooz.blogspot.com tcp
GB 142.250.200.33:443 bestfooz.blogspot.com tcp
US 8.8.8.8:53 33.200.250.142.in-addr.arpa udp

Files

N/A