Analysis Overview
Threat Level: Likely benign
The file https://t.co/TIPXfxukQw was found to be: Likely benign.
Malicious Activity Summary
Browser Information Discovery
Enumerates system info in registry
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-10 01:13
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-10 01:13
Reported
2024-11-10 01:16
Platform
win10v2004-20241007-en
Max time kernel
145s
Max time network
147s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-493223053-2004649691-1575712786-1000\{EFA36220-4F58-4D3F-8289-71FDF962B387} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://t.co/TIPXfxukQw
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8658546f8,0x7ff865854708,0x7ff865854718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5588 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5572 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5272 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5272 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3184 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 172.66.0.227:443 | t.co | tcp |
| US | 8.8.8.8:53 | s.lazada.com.ph | udp |
| SG | 47.246.165.237:443 | s.lazada.com.ph | tcp |
| SG | 47.246.165.237:443 | s.lazada.com.ph | tcp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.0.66.172.in-addr.arpa | udp |
| SG | 47.246.165.237:443 | s.lazada.com.ph | tcp |
| US | 8.8.8.8:53 | laz-img-cdn.alicdn.com | udp |
| US | 8.8.8.8:53 | 237.165.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.lazada.com.ph | udp |
| GB | 169.197.114.140:443 | laz-img-cdn.alicdn.com | tcp |
| US | 8.8.8.8:53 | www.lazada.com.ph | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.114.197.169.in-addr.arpa | udp |
| GB | 163.181.154.242:443 | www.lazada.com.ph | tcp |
| US | 8.8.8.8:53 | laz-g-cdn.alicdn.com | udp |
| US | 8.8.8.8:53 | acs-m.lazada.com.ph | udp |
| US | 8.8.8.8:53 | cart.lazada.com.ph | udp |
| US | 8.8.8.8:53 | img.lazcdn.com | udp |
| US | 8.8.8.8:53 | g.lazcdn.com | udp |
| US | 8.8.8.8:53 | aeis.alicdn.com | udp |
| US | 8.8.8.8:53 | g.alicdn.com | udp |
| GB | 104.82.235.52:443 | aeis.alicdn.com | tcp |
| SG | 47.246.165.113:443 | cart.lazada.com.ph | tcp |
| GB | 79.133.176.234:443 | g.alicdn.com | tcp |
| SG | 47.246.174.203:443 | acs-m.lazada.com.ph | tcp |
| US | 8.8.8.8:53 | aeu.alicdn.com | udp |
| US | 8.8.8.8:53 | arms-retcode-sg.aliyuncs.com | udp |
| US | 8.8.8.8:53 | 242.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.235.82.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.165.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.alicdn.com | udp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| US | 8.8.8.8:53 | img.lazcdn.comt | udp |
| US | 8.8.8.8:53 | px-intl.ucweb.com | udp |
| US | 8.8.8.8:53 | sg.mmstat.com | udp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| US | 157.185.188.1:443 | px-intl.ucweb.com | tcp |
| GB | 169.197.114.140:443 | g.lazcdn.com | tcp |
| SG | 8.222.203.130:443 | arms-retcode-sg.aliyuncs.com | tcp |
| GB | 104.82.235.52:443 | assets.alicdn.com | tcp |
| GB | 104.82.235.52:443 | assets.alicdn.com | tcp |
| GB | 223.121.13.21:443 | img.lazcdn.com | tcp |
| GB | 223.121.13.21:443 | img.lazcdn.com | tcp |
| GB | 223.121.13.21:443 | img.lazcdn.com | tcp |
| GB | 223.121.13.21:443 | img.lazcdn.com | tcp |
| GB | 223.121.13.21:443 | img.lazcdn.com | tcp |
| GB | 223.121.13.21:443 | img.lazcdn.com | tcp |
| US | 8.8.8.8:53 | member.lazada.com.ph | udp |
| SG | 47.246.165.219:443 | member.lazada.com.ph | tcp |
| SG | 47.246.165.120:443 | sg.mmstat.com | tcp |
| SG | 47.246.165.219:443 | member.lazada.com.ph | tcp |
| GB | 79.133.176.234:443 | g.alicdn.com | tcp |
| SG | 47.246.165.113:443 | cart.lazada.com.ph | tcp |
| US | 8.8.8.8:53 | 203.174.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.203.222.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.188.185.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.13.121.223.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.165.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.165.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fourier.taobao.com | udp |
| US | 8.8.8.8:53 | bdc.alibabachengdun.com | udp |
| US | 8.8.8.8:53 | lab-js-abtest.lazada.com | udp |
| CN | 123.183.232.65:443 | bdc.alibabachengdun.com | tcp |
| CN | 123.183.232.65:443 | bdc.alibabachengdun.com | tcp |
| CN | 123.183.232.34:443 | fourier.taobao.com | tcp |
| SG | 47.246.174.203:443 | acs-m.lazada.com.ph | tcp |
| CN | 123.183.232.34:443 | fourier.taobao.com | tcp |
| GB | 169.197.114.140:443 | lab-js-abtest.lazada.com | tcp |
| GB | 223.121.13.32:443 | lab-js-abtest.lazada.com | tcp |
| CN | 123.183.232.34:443 | fourier.taobao.com | tcp |
| US | 8.8.8.8:53 | as.alipayobjects.com | udp |
| GB | 223.121.13.32:443 | lab-js-abtest.lazada.com | tcp |
| GB | 163.181.154.242:443 | www.lazada.com.ph | udp |
| GB | 79.133.176.138:443 | as.alipayobjects.com | tcp |
| SG | 47.246.165.219:443 | member.lazada.com.ph | tcp |
| US | 8.8.8.8:53 | ase.aliexpress.com | udp |
| US | 8.8.8.8:53 | o.alicdn.com | udp |
| US | 8.8.8.8:53 | umlazada.alibaba.com | udp |
| DE | 47.246.146.12:443 | ase.aliexpress.com | tcp |
| US | 8.8.8.8:53 | tpsservice-files-inner.cn-hangzhou.oss-cdn.aliyun-inc.com | udp |
| US | 8.8.8.8:53 | ajkq6u.tdum.alibaba.com | udp |
| US | 8.8.8.8:53 | ynuf.aliapp.org | udp |
| US | 8.8.8.8:53 | itscenter.alipay.com | udp |
| CN | 124.239.14.252:443 | ynuf.aliapp.org | tcp |
| CN | 203.119.157.14:443 | tpsservice-files-inner.cn-hangzhou.oss-cdn.aliyun-inc.com | tcp |
| US | 47.235.16.231:443 | itscenter.alipay.com | tcp |
| DE | 47.246.146.12:443 | ase.aliexpress.com | tcp |
| CN | 123.183.232.34:443 | fourier.taobao.com | tcp |
| US | 157.185.188.1:443 | px-intl.ucweb.com | tcp |
| CN | 203.119.157.14:443 | tpsservice-files-inner.cn-hangzhou.oss-cdn.aliyun-inc.com | tcp |
| CN | 124.239.14.252:443 | ynuf.aliapp.org | tcp |
| DE | 47.246.146.192:443 | ajkq6u.tdum.alibaba.com | tcp |
| SG | 47.246.165.212:443 | umlazada.alibaba.com | tcp |
| US | 157.185.188.1:443 | px-intl.ucweb.com | tcp |
| US | 8.8.8.8:53 | 32.13.121.223.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.146.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.16.235.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.246.47.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | my.lazada.com.ph | udp |
| CN | 123.183.232.34:443 | fourier.taobao.com | tcp |
| US | 8.8.8.8:53 | sg-wum.alibaba.com | udp |
| CN | 123.183.232.34:443 | fourier.taobao.com | tcp |
| SG | 47.246.165.123:443 | sg-wum.alibaba.com | tcp |
| US | 8.8.8.8:53 | 212.165.246.47.in-addr.arpa | udp |
| SG | 47.246.165.123:443 | sg-wum.alibaba.com | tcp |
| US | 8.8.8.8:53 | time-ak.alicdn.com | udp |
| SG | 47.246.167.87:443 | my.lazada.com.ph | tcp |
| SG | 47.246.167.87:443 | my.lazada.com.ph | tcp |
| SG | 47.246.167.87:443 | my.lazada.com.ph | tcp |
| US | 8.8.8.8:53 | 123.165.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.167.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| CN | 123.183.232.1:443 | bdc.alibabachengdun.com | tcp |
| CN | 123.183.232.1:443 | bdc.alibabachengdun.com | tcp |
| CN | 124.239.14.253:443 | ynuf.aliapp.org | tcp |
| CN | 124.239.14.253:443 | ynuf.aliapp.org | tcp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gm.mmstat.com | udp |
| CN | 59.82.33.226:443 | gm.mmstat.com | tcp |
| CN | 59.82.33.226:443 | gm.mmstat.com | tcp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lzd-img-global.slatic.net | udp |
| CN | 123.183.232.34:443 | fourier.taobao.com | tcp |
| CN | 123.183.232.65:443 | bdc.alibabachengdun.com | tcp |
| CN | 123.183.232.34:443 | fourier.taobao.com | tcp |
| CN | 123.183.232.34:443 | fourier.taobao.com | tcp |
| GB | 143.244.38.1:443 | lzd-img-global.slatic.net | tcp |
| CN | 123.183.232.34:443 | fourier.taobao.com | tcp |
| CN | 123.183.232.34:443 | fourier.taobao.com | tcp |
| CN | 123.183.232.65:443 | bdc.alibabachengdun.com | tcp |
| US | 8.8.8.8:53 | 1.38.244.143.in-addr.arpa | udp |
| CN | 123.183.232.1:443 | bdc.alibabachengdun.com | tcp |
| CN | 123.183.232.1:443 | bdc.alibabachengdun.com | tcp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| CN | 59.82.33.226:443 | gm.mmstat.com | tcp |
| CN | 59.82.33.226:443 | gm.mmstat.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 37f660dd4b6ddf23bc37f5c823d1c33a |
| SHA1 | 1c35538aa307a3e09d15519df6ace99674ae428b |
| SHA256 | 4e2510a1d5a50a94fe4ce0f74932ab780758a8cbdc6d176a9ce8ab92309f26f8 |
| SHA512 | 807b8b8dc9109b6f78fc63655450bf12b9a006ff63e8f29ade8899d45fdf4a6c068c5c46a3efbc4232b9e1e35d6494f00ded5cdb3e235c8a25023bfbd823992d |
\??\pipe\LOCAL\crashpad_316_UYGQZFGQZJTECWGC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d7cb450b1315c63b1d5d89d98ba22da5 |
| SHA1 | 694005cd9e1a4c54e0b83d0598a8a0c089df1556 |
| SHA256 | 38355fd694faf1223518e40bac1996bdceaf44191214b0a23c4334d5fb07d031 |
| SHA512 | df04d4f4b77bae447a940b28aeac345b21b299d8d26e28ecbb3c1c9e9a0e07c551e412d545c7dbb147a92c12bad7ae49ac35af021c34b88e2c6c5f7a0b65f6a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 350063adb1c3897d07270078e9a2af61 |
| SHA1 | a0687d8a8a9d282e09cfc78b87c70b665a7b0e54 |
| SHA256 | 3188b2fc79dfb8b22fdd5b3c19b90feb0d62cd6440e12723a295fbfb6c9c6cf3 |
| SHA512 | 3489f0cebfc4a49eaf0ff4451ec5648587ccbccfc5eb914f038efb7d61bb96683b0d3cc87da3dfda3609ab4b56a1f4b4ce5e3a7da4f685c271cca424f88254fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\index.txt
| MD5 | 78f7d7662d3eed2f18b6c3be87e24a00 |
| SHA1 | 2bf3408372d5e0664ab41eac2883fec8c9b50f51 |
| SHA256 | d65c641b98abe3761bf75e0c637a5dc4c175ac41c5cc3426d48dadea85250114 |
| SHA512 | fa862557e88cb8c8876cf37c2decded36eaa86633864632acfde9f1eacb06ea5e1e907351657c7a63f3f7ed4eba9c23aef70dc79cbd5c03793b1358c7b73ed3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\index.txt~RFe57ddbd.TMP
| MD5 | 61b288c8507f6227725b6a7f1e01de84 |
| SHA1 | dad7bc4d828c558bfa7a4db5f3daf66f918b0867 |
| SHA256 | 1c67dfc499d52952d58733f99d276a594ffa979d4e53c9c4196808fc8629c06a |
| SHA512 | 58c19c5290b15a21b03130dca1a455b0903788556ceec0f10cca3014da0aeef6a3dcb399ad66f890d6e1dae728492e6c2b291137754b15b8d18ca131769d84c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.lazada.com.ph_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e8b06e8835cbc2b43e61bd51e0bbe9cf |
| SHA1 | e101b139b2d8e49160c8675652e44ce85477f178 |
| SHA256 | 46b1d99f3ab939bd000742f859fcba82c8e040541aeb22f0ff475023d196071d |
| SHA512 | 2f62b77601b333b0f34d530ae919aeaef905401e0fe4576e11335b942dcd5025aeb23f99d0d7440c7a46a5b11ad8324e9404cbe67bc4f53eba48d52f1ba7d097 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dbda984b62e45c6435b8feb204b57e2b |
| SHA1 | 7be69d613f21fa359d3959eceb7b7f77e130bf7c |
| SHA256 | e7991743d90182f4538362544493b89d6a3f1d497b6c0c0cb540177ad6aec2bb |
| SHA512 | 9a42beddc86c8b28a167d65fb6ad4110c24b75b91e7629c4b77c0dd7ec71ee37b2655bd3f99f716b8b2eaeaf73780474e5e0e23cea27ae3d673eaa7829f5dd88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 0d3e7238171646ced1e6723d0b74a5fd |
| SHA1 | 9e6a4f91444566217177257580327697bf7eeaf9 |
| SHA256 | 25f356808395ee30203051141fb019cbceec0c10b83ab727ffc390e1968a4b90 |
| SHA512 | d7d8281f4667477ce4c0cbfac5bb15f5a441b1544264973bf5e1492b6332e9e5591eb268984be073ec08dfcb63052f21088462c6736240d4cd4b6d57b5a6b548 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe582390.TMP
| MD5 | b8deaedaad3ca5535827f8378730691b |
| SHA1 | 142c832dbb911b28bca88e3caceeee45ec462723 |
| SHA256 | 2db7e77da29fd9bb95906842ee2edde1afb3a78b7f53fe4bf17b1521dc77e64c |
| SHA512 | 385634bb591abd8577be52cac271436b4f40b1f4074c3ff8c72ccc75df793196e9b7c74e361663174f89d08b488ed6f4a27b653e73717ec64a45d6a6b013ff3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\fbeb7016-db55-49d9-a4d8-5b7ffa30c91d\index-dir\the-real-index
| MD5 | 25eb08d3819147a747523f1a56b3baa2 |
| SHA1 | bf950e63836f4f21a822664f1cc9e74f47548dc9 |
| SHA256 | e2eaf73db9d6573b0905a47c99c821c19f954c17d8d0be458097ec410b0d632f |
| SHA512 | 7c50c5c757a4c83eaeab84703312d9655e9ed2f001d41146517291b05c1877a32416b656dc15b477495c618d201e3868a9129c34ec40c3b69565c3fc768f3e54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\fbeb7016-db55-49d9-a4d8-5b7ffa30c91d\index-dir\the-real-index~RFe582601.TMP
| MD5 | d396b85cf7d72ea08773f467445dae5f |
| SHA1 | cd5dc709817b4382814bd617692288d2a3371541 |
| SHA256 | f698c96cbb333dabd466f26b104f70054fa92245d3f29c0f8b641ee91b16bc1a |
| SHA512 | 907ac5c82116b4079144481607cd152ffce124dce6edf18730d9596c36f7a2d96d42b2ad1fa9fce867c0a2907adecfd764aad4ec360a7ca9a746f9dca9fe110c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e487d3448eb1d88c5cb2175338076e17 |
| SHA1 | 8cf21324da247b4590a743a69c93839fa98affb5 |
| SHA256 | d5f8aec4badc4289014ff74c2822dc0716dec0bca373c373d731c31673199372 |
| SHA512 | 7e6d2e848ef46c7019570ba874fc96380ca787216483ba6a31b4179423586b76afe362d18b762f97d9df41a4d556c0c9a833dbe86ad0ee32e581688e8d117274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\fbd698e0-a938-460d-9bfa-0fa222910dce\index-dir\the-real-index~RFe582bed.TMP
| MD5 | d90c3d417a689923575ec80ae19e41ca |
| SHA1 | ab509b94955f7f31e133690cd936a61453f8f91b |
| SHA256 | 7e89f2ff865dbb2803bd336b4e2d015fe1519aa072c8ec8bc0441d4fef34cf37 |
| SHA512 | 2829b5fe042d41c5ffdba35a942b8e2ed68bf66a13f0c5334cc771ea6be99dd23ce7b204748b5b1d2b19fb71fcbed064da8694ba72a021f829205f9800d2300b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\fbd698e0-a938-460d-9bfa-0fa222910dce\index-dir\temp-index
| MD5 | f28deaaa23f94bf931b998672c055869 |
| SHA1 | 41ee7f25de5ab18e90d1ab6f2f7af8cf6a3bc323 |
| SHA256 | f3c323a00a4b3bc16bfa39657ba03394f2f6cf25ddaa55f726f034802681bba0 |
| SHA512 | 80ef78c451b68a4e65ae4ebcdd50cef486c9645def29f1d55318fbe0d7ace2314eab879fd8c616d2f67a5e4c5b989a2265c9b7bd863a614e6e2d56b0eaf3bcd9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\index.txt
| MD5 | 9c1450881e322599e141b6d5e39240a6 |
| SHA1 | 0f49aa0370950dd6e100fbd940236be1382d6791 |
| SHA256 | 6f4730e0aca838120a4e09a54ffb748ec498e5338e6569e70f2a183220901c3d |
| SHA512 | 6fc5f738c8aa7c2d87cc5683e92a0c644739d3dc5ed9d8f3a4cb9f59ca006f7e1adee803257dd3d263bac3dd5c7350817b6f940e3b665bc3b0ec0eecd7d26017 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\index.txt
| MD5 | 60b1a353fa7a6ced934ab70deb9bf30a |
| SHA1 | b6c8c3d399d6ed29457c760610d2bb8cb39b76c7 |
| SHA256 | c7829d66e199a82fbb941540c7bce0c8e09ab6fcd295e57f90b47447bceebb8a |
| SHA512 | f2db343d11a7c4f596d42ad3977ce9a8659d1ce1ae3d2ea96266f2d128ce7876a1364676a269ee2879206c18476178ae40b590ab3fa6dea2a8fcd80c2e229459 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4e4e4a02bd8c7eaa8dbc5e4848bab413 |
| SHA1 | 36064dab7d1c96c8a786e64f1e9c973de778420e |
| SHA256 | 0014debe5fdffa99a171af1e3ae783efd3f8eec890fab1ef0b7457764ed68857 |
| SHA512 | 9e1d2fb94e3d94759dbb58897ec48c2947ede1e690dbe04c4b424aa388d36396b82208eb9317d66007eb0295a2d85b1dc511c45b72b5f02ef6b90178e64310ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f90cb67a3f9c23d41c203c44e90c0578 |
| SHA1 | 78c0ab2b4e31adab31c2e7c297f73cd9b4e9b667 |
| SHA256 | 701e5fe86bb1427ebc769aa5d4dfee80edf18071e3a9a16ccda72a6ce1d6cca7 |
| SHA512 | 97946ff61e9cd956e16b82c5038e9681fbe366893cfda30cbfae135d904661dd4c4af100b5272745e5be26f700318ea583294814adb0d3fd17222d3dabba4258 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4c65dc6c5dae81eec31d8beca8baa748 |
| SHA1 | 33ae87be46adbdce138c5459d5e043cbf3885693 |
| SHA256 | d1973ac38fe3f98b98cc7e96ff5217dbcc9448ab5966a023a5057471fea5d95f |
| SHA512 | 9749cd57363d0217ab9ed552b90a7dd4c807894066ffbcd0570529b2e067dc0603c13308e5d9f63060b7bf701629fc54d51a0415bd22f147ecfc684ca9647169 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58eeb0.TMP
| MD5 | 3bbcfaabfbd5298a2512623e26c2e993 |
| SHA1 | 3832383056ef58425fe3c78e1944c9937b2c50d6 |
| SHA256 | 6e3b8e6a7904b6d18b9f71f2e93c27ba46a7e0422ea643b2ce57e4792a50705a |
| SHA512 | b73eb8d1dfbfae265e6a7f92a7c0d36a86ba0f823ad8f90285cbc2ecaa25b0dc23dc1826e9594e30d1450423e78e606befa0044f589c7c6426251da3ac017817 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\bdeda67a-328c-472b-b06c-0883946f8905\index-dir\the-real-index~RFe59162e.TMP
| MD5 | fe1ce2c6e555d8ffc39fea7bd649486e |
| SHA1 | f67dd57931845280a47f17b5d1d760bcbc5e0f16 |
| SHA256 | 95fc67fbdb765528801ef68a73369513ddb15ed92f9cfb0d86e00a017318099b |
| SHA512 | 41af39424e818315e7ddac20b9448d50423c423ed78b0d7031e687a8f7bbe7f29febb1e17f7ccd5c5343d1c82523449fef843713b8579ef41d43c7a9f5be8ee2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\bdeda67a-328c-472b-b06c-0883946f8905\index-dir\the-real-index
| MD5 | 2c54510aa6f7bc76de0a70cc521fafef |
| SHA1 | 538e48c7ba965f6e0f6da55b958842019e98b63b |
| SHA256 | 552071212e69803f18bb902a29e5360891a46de7b44b1c217fddbb11c3114e77 |
| SHA512 | 13f774a74db1caab946891f560d3f01c57d65bf215d808791160392585bd25795e353bfb6265cda8ce4c751555e8ca02f8e9f5bac21478d385ee263a1c8ab97e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\fbd698e0-a938-460d-9bfa-0fa222910dce\index-dir\the-real-index
| MD5 | 0fb038f2d7eeb1eae641a35c2b074f51 |
| SHA1 | 2e925371b0df1e312dacff69d9fff79ed2df6ef8 |
| SHA256 | 0e02ffadfd19d8eb4eb1b61d769ca1c8963cbb4b6515a3ef85558413e52896c5 |
| SHA512 | a1361c4cbe8a7f73b2e080aeb4e7bd36248231ee073812fa16d2fc5c00407e88318f63ead64e305f76e2bbf7d48c82e4a6280f7692f3907052236bf59aca6642 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4154689403713f1cfaaf4295dcf98375 |
| SHA1 | a2b9f06c739bba59abe9a5268cea2a816882b372 |
| SHA256 | 9d2173547d9f3fe160dc6dc247df394e23c83ca80427aec6b5e8df2316f145c8 |
| SHA512 | fc3ac9494c382f6cf6002e2f70b4837b2633f5f876bf26160e0bc87a39cd75fc8a41c4907cbfd5bc9e3b3e401458e89644737febfe12d64d51b3e145e59e1980 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\index.txt
| MD5 | 4bb22e85fa67060dbc7aee16289b9688 |
| SHA1 | 0f6f0595d53861b2a0c7155c906ac8a55152a64f |
| SHA256 | 158ccbdc726acddb42246c423d88ab89c8d5d9dbe6ebf8a4b622b4b3fec4cb89 |
| SHA512 | 66e64930d83ae21d241cefea0c489bdacc89c8310e67eacfbc96d9440b8d6c2357c28bedb1ac46eb9edc3e84e6e3df24b6d003180f31eb46e4624f602ef1a30e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c45eca47fc216db7dd17950ac6aaf128 |
| SHA1 | a0669c7c8a1e57a6c505c31b14a5c41fa3d92554 |
| SHA256 | 3dcaa38832eb0e2f8dcbdfd662e352f747e08ed53503853e161ff94ebf82a5d2 |
| SHA512 | 87bb09ccd8199cfa4b938fa95bcee9ca30f00264b4ee34a31bda55b1044ad22f87e0c60acd7757223aa8982c462c2009b3fb4671980265587b444c642f94425c |