Analysis Overview
SHA256
0e020d6f5e75fffe845137171a6a965b212f1d24ab515f821acf4073769c2930
Threat Level: Likely benign
The file JaffaCakes118_40be2a9ca30beb08f5c1f6ad89e6cf4c was found to be: Likely benign.
Malicious Activity Summary
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2025-01-27 14:57
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-01-27 14:57
Reported
2025-01-27 14:59
Platform
win7-20240903-en
Max time kernel
140s
Max time network
141s
Command Line
Signatures
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "444151712" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "25" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "25" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{050A7B61-DCBF-11EF-B17F-465533733A50} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b054c8dccb70db01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000077b194add3391c49bfb3f801efb3700900000000020000000000106600000001000020000000c6bf8a8f0c1d879a91227b7c04cb8aaa11ad53412015c5a4d28b12dda5fff537000000000e800000000200002000000021325cf6809fdbc63d9c75a40e04a09f4591a08db9c4d970bccabe6b1179733a90000000332659c655c6ecd3c9de8706915fede05a01e32a1c6dd73be3d94b647556e6b378bd47bcb67acb399ba83b6b8a95bb0beafe70de6dd0d345c0a47b2fe334c9cf21b8f5fd57801b7ac5870d8e81b33b361bcbe280de1dd4b8343ee9a32e05ebe9de746354368f1b791b0d6b626848958d3e0298bcb23201d9f760d422c6442b807ec30eb57a0a9a99e82853ec2d9da7f440000000124b425dc68be8a07a98257405b25cf66dfc6e55e9fc1c4dcf87c5c8ffffef8fe3045505ab3a7e2687f972fb5cffc405a7f5bbe2950843580a3ac50e1ce62481 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000077b194add3391c49bfb3f801efb3700900000000020000000000106600000001000020000000be7110a1700b1a4855b6efa42ef9d78840b8a93dc16a7218538f63f87e3eb68b000000000e8000000002000020000000d0b4f64ac2410172062a82c8f72e2a742a184a7688b0df07ae8d688e2d835e8e200000006829f1b147f901840db66d0e51d506c0aa1b9e3d894c7f0eed9b5e4ea0e98378400000009c740d8dd72c36e149ba705f732c328e54b057ff2ec8ac4424661c1a475a0f60c4407380e500ee5b4285955e7ddb7e73b1fb33b2e3624fa5a1c0ad35af79b772 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\International\CpMRU | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com\ = "25" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2980 wrote to memory of 2964 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2980 wrote to memory of 2964 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2980 wrote to memory of 2964 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2980 wrote to memory of 2964 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_40be2a9ca30beb08f5c1f6ad89e6cf4c.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2980 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.freestats.net | udp |
| US | 8.8.8.8:53 | sharegods.com | udp |
| US | 34.205.242.146:80 | sharegods.com | tcp |
| DE | 45.10.154.57:80 | www.freestats.net | tcp |
| DE | 45.10.154.57:80 | www.freestats.net | tcp |
| US | 34.205.242.146:80 | sharegods.com | tcp |
| US | 8.8.8.8:53 | www.hugedomains.com | udp |
| US | 172.67.70.191:443 | www.hugedomains.com | tcp |
| US | 172.67.70.191:443 | www.hugedomains.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| FR | 216.58.213.67:80 | c.pki.goog | tcp |
| FR | 216.58.213.67:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | static.hugedomains.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| US | 104.26.6.37:443 | static.hugedomains.com | tcp |
| US | 104.26.6.37:443 | static.hugedomains.com | tcp |
| US | 104.26.6.37:443 | static.hugedomains.com | tcp |
| US | 104.26.6.37:443 | static.hugedomains.com | tcp |
| US | 104.26.6.37:443 | static.hugedomains.com | tcp |
| US | 104.26.6.37:443 | static.hugedomains.com | tcp |
| FR | 216.58.213.67:80 | c.pki.goog | tcp |
| FR | 216.58.213.67:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| FR | 216.58.213.67:80 | o.pki.goog | tcp |
| FR | 216.58.213.67:80 | o.pki.goog | tcp |
| FR | 216.58.213.67:80 | o.pki.goog | tcp |
| FR | 216.58.213.67:80 | o.pki.goog | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| GB | 2.19.252.211:443 | use.typekit.net | tcp |
| GB | 2.19.252.211:443 | use.typekit.net | tcp |
| GB | 2.19.252.211:443 | use.typekit.net | tcp |
| US | 8.8.8.8:53 | secure.statcounter.com | udp |
| US | 172.67.34.118:443 | secure.statcounter.com | tcp |
| US | 172.67.34.118:443 | secure.statcounter.com | tcp |
| US | 172.67.34.118:443 | secure.statcounter.com | tcp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| GB | 2.19.117.22:80 | crl.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 2.17.5.133:80 | www.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab6328.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar632B.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2c42bd94fe5eaaf1c3e9e28d64fd8854 |
| SHA1 | ae0ecbc74fa534d21c07f68a9d6a006cea9b2729 |
| SHA256 | 3204040affbd54d01dcc960ddaeff1bc312cfc96c6cd111775df876b34a1526d |
| SHA512 | 74bea153d0be652431fd1977fd89f09251f70ba6192d83f6a7f405aa36d49d37609729da7223dacd1ad67c7efdcbaa9846decb0ceb5a4e68be31f1fa8474e06b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bd21b56220b991790e4640f540ea49c6 |
| SHA1 | ef17ff9b73407348e2e01d14b964a40ef2b6f2fa |
| SHA256 | b7e33c39f6c234ae1edd58e86e212487c4416f55fe1404a968357dc925a4b6bf |
| SHA512 | 06ededacb2cdf0cb5cf405c98a2bfe6cd0d6ef9ec4910f9b595df45ff682874b0cdc13eced53adc947dfc8d3b4be3ab7a41eee4285e3c5c02147429adf434d0d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 46036da62136516757a0a5a6ff8cccf3 |
| SHA1 | 9b96f3a45be8f50f2bc01ac8b82602300e8da14f |
| SHA256 | 1151df620afd81a0b08955bbb6d4391ca2ba7f02db4b57d9726d1fae1568ba73 |
| SHA512 | d102ab8f768f50de3d3d3a1b75458efd8d94eef548d9ee5456c8ba65e787ec9abe19159b56971b28e297944a81e07f263d1384306dac79a28023c3cd8685118a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 226fe78be0df30e30144cc36660cc58c |
| SHA1 | 0e4a466ec804d362bcf23b07f53e9fbf46aac53c |
| SHA256 | b2ea21b53f73d20f060ebe42d59491958c1b2664bf54e19f33de2056e1da7fff |
| SHA512 | 6c4c48dfcdcbdb3e86d5b139f32c77633f213b6d2dabed7beea4317227fea98296d9f0f3ffda15551255b123c79b87d640ca629347056c3f15dd283acc4a7f86 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | aedfc0228d61a2e4b5c794dbf1bd0f39 |
| SHA1 | 20ccf514566966a671ca5418f5fefb541d7b3f33 |
| SHA256 | 7fc87041fcd533c0108c3abc9b5bb8f686f8e43e5d7a878da8707b81efb30d8a |
| SHA512 | ad23892382a8bffc04d40b5cd7385d235631e65e7f6e0ddd560114a568de69dfb4eeb28d55ae6d5272b024910927a58bd9b725cc20a9c3048fe09f63f59bbdba |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3d4cfb310d1cdbb0d063a92b90070421 |
| SHA1 | 82b117029bf027591d3720242037679387338181 |
| SHA256 | c0aa3010d940badbc04c60f6c698316d8e95f71b6468453b70743d16f7e98b7b |
| SHA512 | 72d1304efd2d4191e7f11dc7489ce0327d3db6c3f9376bbd968ea95eabe81ca6885168f34458eb1eb0f886df971de47c0a1b6f45bf85b38e2509c50ceae9530b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | f3a83da2585d15318450afcd39346e79 |
| SHA1 | c655476517fba1c8f79dcb761ad1eb666ac4c3a4 |
| SHA256 | d3d5f57ccb556edb4eb42bfc9d1e2bc2180c256c132b56c2a13a5e30b6b9f13b |
| SHA512 | 64a39fd2438db0f8e4e8a95a0f9a26b1d6268a5bcd08de1e7e1200e42767b18b66b3a87bba1ad2976fec61b437f9250d203739c344706a21ec7a80603835f4ff |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | c5dfb849ca051355ee2dba1ac33eb028 |
| SHA1 | d69b561148f01c77c54578c10926df5b856976ad |
| SHA256 | cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b |
| SHA512 | 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a036a91adb531ad2c3e1e50403884e90 |
| SHA1 | 162332e7c60731ad443d6b0914ebe59f27a004d1 |
| SHA256 | 1d8875361927fa4cfc553da1297605a416e0e29e49bd1a8fb1fe656691cf13eb |
| SHA512 | 91165a8bd8e910ec871a078738f57af0a3a71d74f11f91cf063cd41cc8e7ff1060b72c9ac9b6df04df1eebf8b5d5f13d0ad746d904767c9cafb17223bd3105f3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 96aee1fd35aa0058442c8ca05ce0c6dd |
| SHA1 | 73bc143a6c4152661ade7f1a592c24588abe024d |
| SHA256 | 97028210ca7f68732bae12730e7bba3c5669a33cd79acf0299552c68c6ff7716 |
| SHA512 | e6bc4053c298d35af6486d732aa20f70ea410a7cc0825583a6251ccc63b96b1c0be5b2b5a5d9b3762fde7ee42bedc6fec15ffa8f2a6d701a451ff0d21e691a6e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 90b29b294874dce9f317a5a1df2c82ca |
| SHA1 | 9a97e76fddbece6803ee6dfdefb526c5e1ca0c23 |
| SHA256 | c12d9847bd2b4cba2e438b3a04b82c6b5da008bd100f31ce246ab19f22967186 |
| SHA512 | ee0c4c0ee2e703d18280279519c38bee05f640ca866597ac58da676be8712f1cf17c9cc8da0281ded20dbcf8d3ff049bcaccd01cfcb28e306c827fe5a8568d83 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 686eebc0a6f8d8bd61d6e98cecb8876d |
| SHA1 | 219a6d34fd314afd8b5230ba8a2a337146428d76 |
| SHA256 | 973d22aff0894a45a80d84dee9a94422d8d6dd4be360ea202e9f88fdce0b4178 |
| SHA512 | 799e3bdef12c844a1d634e37e1c21129101975cf3dadb8e007bb039ba18941a0c5e426f9682f53636425fc0157324cf05c9640fe70a9bc4be57c41fffa7c5049 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 926b5c8944fc31a7994b0b79ee6796a2 |
| SHA1 | f125e6bc5aa54aa9fac54b05166079abd4c830a3 |
| SHA256 | abce52841a1dab727f171d2ad6a7000ebd6c78882b949d6b85e79d72dc80e3e5 |
| SHA512 | ddc87c282598fabdd92a7739ed9ba108c563ba9810f556891b3e164f62a5059cf3da350f72f881ef084f622b05ffbcca7cb11bf87e1925b6e390788c84e57ae4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 52e8faf7760e9c36607cab7c15e21f0d |
| SHA1 | 1f1d02e1bf84da2ae1074269959531f53ab785fe |
| SHA256 | bfc85ed008058e60086cce91df54c19e5f6de9926dcf93d12afe6305ef1385eb |
| SHA512 | 842f7a99e0485b00c6a3d5835b6e48529ad6c8fd0b54c46f068bc95a79b5eb5cf241a9cea18576e63a70cacf45100047b84f7d17f4501625ea0250c0dc04abf2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fa136048eac8ff78602e63619bb5f944 |
| SHA1 | eb38c29a9ee797d0207495994ea41e856b4fc413 |
| SHA256 | 0e1483d918f0cd89e033e7d14344b9d5b03bcf3c4d4c5d691562244baaf550e7 |
| SHA512 | 7799daed6c19aacb83e8f347afabfd90a1c732d9bb1640f765ca642976246c87f689f8afb0970107e0de4cc6ac0d635c88a5ed520a3800d6fa7f070480b8ac18 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e97387b05d1c65f424fbdf3a5d9156b6 |
| SHA1 | 9171056328bafcae8440ddbc7fd4693704ae5dd7 |
| SHA256 | b609df37fc60ec1c7a68a87ec42645c8b49b92b281fc2a1873d00a34cbad29cb |
| SHA512 | 0d4e3da8e2a7d4820627f33cc40ee02df1f3e153f9ad390edcd7555748195a51e2382d73a432c02a8980b02b37797ef172241445f3966c2c4eb5ddcd585fc0fa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a9b3704f4bc1ed656af1f78c716c60ef |
| SHA1 | 2ccd0eaa17dcc86a948dcd0ab36b10b89a1f77bb |
| SHA256 | 6351c5782ae14114a3978a249643b1c48ae6a06feacd7d50847729fb96a689f2 |
| SHA512 | ce81abcc2e717e776e203820ae28911f80a1dc66eaf9df04de5ce4fcb434a520253c88d0bc079035d1d4d4aa717dc7d15d6b56f6f8933a08b347c1d4d906ad03 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 39eeea49cf7eb17a46cea97bc04b8dcc |
| SHA1 | 57a1c7a769d44accd4f60c58504202a13431505e |
| SHA256 | 6b76fffb23b961c0fdbed0205fd8fa57b0b46a7b4b79ee45408d54e483675b1e |
| SHA512 | 9904789f4f5d43b590b5d7c904e6be497aeb7b0eec3345d730b11230f8ce040d28132b11b96e211056454e6a725ca3dee87c385f5f47fcd94c5eb0b161f961ec |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7a48aedae22ca8d042a4d20514b5dfed |
| SHA1 | 9486daecd45d392e17eb9ef89ceb3bc46ec8995f |
| SHA256 | a009a13997882f0fb36c79c6e37a66183507a74e9eca91f8a9f273f1f091e2cf |
| SHA512 | 82ad9fffa7fc47144576719f3801a4fd6678ba57893dc295666443cf272aedef26791063351e80021b504ea75b14c073ac78e3c0d112b300cee10b3d6eb3ca13 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dd14fde938e308fb4df87d787b00fa7f |
| SHA1 | acffc90f5162a5b9fe5288156cd16d3b2591e0e5 |
| SHA256 | 6d0180b7da422bea78b4d49ce3f8a79458f1a0b59d2e9de38cda806286259718 |
| SHA512 | 42057fe4a6446e818e3c8ca66ec2f344874b00ed07af8de4bc4915b90ce1baf6ae36ca7808d0fe5257ec3447afeaa5c0daec741d7f38c68c1e248e7636622ee8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6ac98ec168a038c9dbaabfb8d184594d |
| SHA1 | b7292173de7e84670d9bd89ccd210d1f66c832a5 |
| SHA256 | 1eda6b67c6157d17661a4f8b7035a0f1ed42849b35f8a3430ac27e73bc8b7c9b |
| SHA512 | bf06ee34b8127b13f18ab00cd99a0054fe9d16d8ef9647522719e7eb1fc8308344d3ace7191ec6359ebecf96d42454ec55eedb544ee599a560e2d5713fa7cc6e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cbdb3c5318561482b3a40c105b1457b1 |
| SHA1 | 285a4786d9405b941f13a4e125ca45a98bca07c6 |
| SHA256 | e51a4de7958ebb962ba34e5468b252ad7ed5fe1f0642d74998a46bef188404ce |
| SHA512 | 1141ed090e10e0fc61af7f6ca9dd8aa4579a88c66f99b6e3fa3863f24b4e337904b49aa3ee854cd897d15ffcf3f80321ab1b6a9eaf872642aa420e52ade5ca08 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2af1f3e3c543f1e8aae83b72e0ac8b7f |
| SHA1 | 85b1238bb4cbc0c8f306e2ab8f9509a651894432 |
| SHA256 | 4cdcb74defabb3b9397c4633082dbfa6f6e01e6f3b512330605046c41d88ad78 |
| SHA512 | b4ef97b2c8ddb170b3841f1552fd526b8eb1e6687dea37d8c7f7705af19606ad4b4c3265ec70778fcac0a8cbbb7cb55969b9f18d0dd5b654e5025f254d9dcf62 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8ed9218f54dad7dc33920705a2895ea7 |
| SHA1 | 99de6c7b1de3b89cabacdb24ceead97a6703bd59 |
| SHA256 | 1db9b7868ebd9f29e3ce3499fe453895351ad3438e38d95fe5940ab41eb22f69 |
| SHA512 | c3f9732101d5565ebe3e8bc76a617980cf909dae044310e5aadf84aed8ce5de98717ad1338a88fb6a20510ff3271b6efd75e31b7c68a285f76d3ed82b73a6c20 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e2b93ae42dc93bab05c39171200ab2c3 |
| SHA1 | 76d492fc0bcaed245ad9a81f0fa8b2fc1697a382 |
| SHA256 | bc56bdf885ea536e5590d43d28452fe10d178155c210968c8515069973d3ce69 |
| SHA512 | 3ed1329eab8537bc6f53c3c8748ce6b75d28c38daefd3cc3cf3af9b9808a9cff96eb29f249e0c5a50fc175b722bc732b14d4005dbd4687c282cd3f16a443a034 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0190a353c63ca7a83c40ff39d5cca4b7 |
| SHA1 | aa54ee11028e714636e5c643be00f32325d87f60 |
| SHA256 | ec5f5c2766f72fb5941e09c9ce58cfbd8515b2f2dc3fb1f6502253fdb47f5810 |
| SHA512 | 36ab30392e2c5c65bb9fbffbb22e167c1a5e04f073f09e91a4ae78b7d27c65717bda8350268ac79ebefed7968597a6f84196b0f7c83331c20b19f4bf9cd9b0ff |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8766811b0bd565bfa97c4577c5e9c44d |
| SHA1 | 7160fa3a1c7228e6ee1ea3658d968f09351f4baa |
| SHA256 | 3a639df2f261981c84d60b24ae83bab1c2858ac8ed69d4727ea3efb604b62b9d |
| SHA512 | 8bf4bdbcfe3151b71f00d9b25f9f17acad7e2059c87ef631020430bd3a493102cbb1f2f8d617cdcb5a62b488cd74de169795aca55fbf4e29e6d4e8bdf391eb3a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 67721ef972742e9797d6339cafe5d769 |
| SHA1 | 0159c3cc6e3d3b5d6970246e4f9e438a11f892a1 |
| SHA256 | ae7ecbce6f2a79de38ca42a199ca010fe7f2e853d6c42c108de5cc113e1a52fd |
| SHA512 | f399cb0afa63051baa1292db27189153005ff1e8d7426930cf3f6e3ea41b5b525843d476e22620124ceec645d4fd87043d109852d351593978cf2aa6cbf47245 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 474fefd787e31b664a1315bb4ae64502 |
| SHA1 | b74997e5ac31662caee87086c903414f07b846ed |
| SHA256 | 59316abc04e7d066888357d2b03bec603d999bd63c0bafc006746ed61a06df9a |
| SHA512 | 6c21c3e7de7cf0769fc475500873bedee63b9b4ae1c355be067a12f4a125788ea62bd959e51937d55bffb91f7516939133cadd36ebb903ca63ed62e55100abac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 70018cb7be1c69bcbe8a46502893fd1f |
| SHA1 | 250c1f69857eeaf4646f95da326f40dc71230df2 |
| SHA256 | ff33a12d376fa0bbf89e745e825887223ef4d5b4817e26a4229ee5257b44be49 |
| SHA512 | 9866dcf0b1e24564e808a1184b5e99158df4c4c682669c5c69d84432e341c85e7c037db7aa1a78c78552d80df4bc5423fd7e7efc83ec0e212b00cfe7b63d7e0a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d684f66752044fb2fc5c1e0a0aab0992 |
| SHA1 | 9ea2efb95560df8d8501e17796b808c4c4104066 |
| SHA256 | 34bbe662ddc861dfec3e57645199c6a27daaac8b1338ffc0e9da68399d57fa36 |
| SHA512 | f80de24e0470b2ca1830ee13ac398325c29ac63196293a46c0dcdc3c871f221ba48744900acd0ddf5f155aa98e135f5a9aff34279994c8fe5fb9f2521d5b3df8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bf4f58d3193d2041c5205a9caabfaefa |
| SHA1 | c62c812610108100f6251b60a15843e096b9b606 |
| SHA256 | 07eddb46ca039711dcff4924194e94e05ecbb1183e1f2c0cb55281b1ff9f3422 |
| SHA512 | 0abddc114e2001960e05e91f1bab848c2b18c6a5a0ab85ba6e950651b9f0002031023ba7cf2a21901d922ca5ee7269f0ac03bdda621c53e4d11ef4cf65f7d33a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8d6fd7df8ef64aa94b658d422009b821 |
| SHA1 | b289ab526459f81b77de529655893477bc738db1 |
| SHA256 | 61886e716b674934ea5fec42164a1016f3039e4f1409f4d17e3c1e737b09c7eb |
| SHA512 | d9e7a75b49a751648e6f9312939d6e4bcce0bc6001bd33ba776f0f04adf5e1fd8f00e7b06b74ebcb505e316befbe455259f62168d58b4d636ae8ff1f786e2dbd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 506fbffca1d27466752014d976d36eb7 |
| SHA1 | d3ed8320f575c3f384b0f027f211c843fc156032 |
| SHA256 | f58fa1436a7f22acef9bd7ca5ea519b6a694ea70681781782a67afc48e804a47 |
| SHA512 | 564e87e48ec09ca12e7c67b5a0a5bd0ef0c2b237d8c486e372158e9902812ea844923c3a0e7086101d9968d6a845d32bfe59b1feeaa8f0bbd59e915efecf4c27 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9UR26M8S\recaptcha__en[1].js
| MD5 | 03cfc2d35b181e857916036c8441a366 |
| SHA1 | f50d0881ef6fd5c8da9ae7a71b9840a043f2c0e4 |
| SHA256 | 6bc705db2917a3493f0fdf86a7a39bb5e1ecddec0d1fb0d290d259a2011373de |
| SHA512 | 3beb620843ffa29432bc3f69b64b3719f05569fc38476daa02856704db5a05ed19de3e3a5819393a9dadb544f3058a06a595323ccfd575f85ef1a3f0310db073 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b1fc4d1cccbe587fb871c9eada6a01db |
| SHA1 | f3acfe966918546354fe50fcc91729ac0600aded |
| SHA256 | 972e12689ec8d88dd547a5dd72236542c81dc526983514687130794838c7c52e |
| SHA512 | 1173349532c069e0a658a653603611f1f6f04fdd20997d19bb59d6eca503aba57849870b08bee29008a5d4526b85cf01bdf32e6f43547696229cccd0094b9240 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 231aa9308fecb4f390fc2f3972ea65a6 |
| SHA1 | 25509bb7c8a2971299d110535df9e03f618f10cc |
| SHA256 | dd11d5fd5603ffe847c763a7b49718e339d3c8ed73172dab203323079be95ae0 |
| SHA512 | f71c1fe392da37f33c3fe3ff731a9d8877d1a004e7ff574561309669f9e25dcacd688a31b4f71e2652b952f0c89ce6c1e2d7f920a7817dc67ce161943e514abb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8c8bc6cda4e62f1448a57670d45d8c84 |
| SHA1 | ef131caa589b7ebf388e36b64ff7b91f09b0bda2 |
| SHA256 | 10629caa05ee3c8fd3192da1fc5dfb4fc293a5e32117f8ab7d4f6ad247d6f82e |
| SHA512 | 7f2b619feeb470778f46a70bd33e0efadbae5bf5413cbe7902912f3f684bbef7620b796378719b7b7e198452e722895d0b486bf07c1b6161e574073af4d87595 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ca1692197f0925cc396b4fca914a4f77 |
| SHA1 | 185ed473671759cfb9ac4a9d607b45943b78780b |
| SHA256 | cd55fe212d102c4649d482d710b30b37782c45fe24399e1426a397129a54a800 |
| SHA512 | 12db1a12ef08716ee3cce82e10dfe17a03fa17ef0fe41db95f6801087711266b11e9d3840aac2e92f007e7775045cb5fa65ea9b1b1d2cb3dfc2fa4ae20b46f21 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e64d5306504e4c44b469e925f3ec0256 |
| SHA1 | bd04652ec823edb9704c1f0d1926ce4c9f0383f4 |
| SHA256 | d47b44a7254b1d55a457027bf000f757aaef13dbce68918a709fac655a6335fa |
| SHA512 | 95ca3813f303a04726f01e6bc5abafc891b2890e5b689a9e1a7debd00f8e679e7c25ac3f99d91137d0811b848beabcf2dd16b7064c58821cd7977377c90a1b37 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c78226a1959d8751540a20587d170758 |
| SHA1 | 03d14c1ec0954a66cbfc8dafc4952844981dbd9c |
| SHA256 | 899b2630777e92722fa430326f6c21209b6fe3268431ab84c2a8c761f366469b |
| SHA512 | b52c9ec15bd880ca037222290cd16c9d68056f7dc4885d495e99e65b01648219149693bf62a04765310a80038e9497d1ad2ba3943ed2d9713631ffc949ecbac8 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKZ95V4R\styles__ltr[1].css
| MD5 | 09f35d51c1781f426c0e782cdc9c6f80 |
| SHA1 | d864c598b63ac0664e4d56bd5256db69c9012eaf |
| SHA256 | 521faf8670a6d36c45e524315019efad4139f34da522fcc7c9b869f95a1f3fe0 |
| SHA512 | e2e3037b6048a810d01a55fa71d38ee7e56b4cce2fa1440cbd31d3ae8d9af4c2861d97f1d37b4bccaa86df9287c3a786b99f7eaebb2519790745d5c7685a6aa1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3be0b6bd80a16a23536739cba71796d9 |
| SHA1 | a0c7b40c21c22fd3fe4856f312b6d14f11dcb063 |
| SHA256 | 00afce1a55167f739a8bed48ae52903f9379da8de51909b2bcee03fc49222e68 |
| SHA512 | 3f2eca14dfd8b2e4c980106d8c79192d202dd4465a92633b59985ce14a0e1fe869049e75bf4573d02c4b1e552870786cf2009bdec27c0a0b5fe7243263ac664a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 721127658a2c8e82b0efa193b82471f3 |
| SHA1 | b29e63b186d655307fdfef372cec4f7c9f2a119c |
| SHA256 | 37ab2850759ca78949fd1c1dc06a33c9d95396569cd2d74afc9e03353e1c6c8c |
| SHA512 | 6a3223775a454348c2ed16f5380e8b844966808111fc1c5867e7680f58a866e73d51c20a91c5d662994b35e573ed7966b0d593c098e300f47d11c3947d86be74 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4219232d072000d3a80a1de58cd17bc3 |
| SHA1 | f011074325b064160355d248d863a8b76e8eb70a |
| SHA256 | ddeccbd6743164733336e203364916373187552e1db919a1b818f16460e1c7a8 |
| SHA512 | 6c1b4afb2225cfd46fd70e3ba01aa5b5be16ad8539a75b58876c2d3bc316aa30449a07fbbdfe043a62788c0a50a98cae9367b77108853add1cec1a066ceac417 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 38da1ae61ce38ee1c17943c5e6345c62 |
| SHA1 | 3b1176a0ec738dd88a0f9218e58bfdc970410ba4 |
| SHA256 | 0e8858af04de67abfebb791a09ae532357bab13e69534f19f131b89757c43f13 |
| SHA512 | d0b91bfe48e2745f516999ed9093cc57b6407ebab8d59c945a481be9effd380e5d5c5a45746e46282cbccefc400f2f42cd284389854ac20933ac72e6aa8c6343 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5b2dfbf75f875ace84900d936b66fb0b |
| SHA1 | d89fada51027f2a159673b6bc5243b63f8509cba |
| SHA256 | fe6c4d4d3d89ec3a923d4da6806a010902bb3429c3a3d6c9a815e11615403547 |
| SHA512 | 1106a8c8952908313bc06f4e699e3251731d951497727459b2e44b0f82b437c9d9db13850888bc60385b63cf8a142d9e42a9b0fbf5345abcbb2bdfcb2c1678e5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e9803530a4a4bf1718fd38948402922d |
| SHA1 | 4960de25583ca37ceeb2e6f5a6e490201ba3e8ca |
| SHA256 | bf5acf93d25dd94b22b393a83ddb5a1f4c916dd7fdc6b2f961ff4f071922227e |
| SHA512 | 24fb77853bf18c268b2307f64b30ea2537fea9eb4ddcfc90dc35cdc918b89aedb76fd1640f90dd40dfad34fa75f5d75fb8725e0391d2bd313533062bdb681e43 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4a2923f6362e3056a7234c23d5626388 |
| SHA1 | 52615a37f0a7bfbde5c83d805b54a60c33d1abcb |
| SHA256 | 647743dd31ab0490aea0fd6d27ae9c4205e6b518eb7fcdccf9e60dfbe6f9a0cf |
| SHA512 | 99a0e54539ecabd1485cd079c5ea24cc60a705be17bf5c393db81412573af39e9d4edbee9871c4b9c843a37c7cb7d7d88e3622928082977eab999059f87e92d1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | ea74f634195bfdc256ca3aec7b251f04 |
| SHA1 | 4a95d89cd6ad1ae417e2aab0577960fca16df05d |
| SHA256 | 4b6d46708fb7194c0eb1112b01ea40ed5406769b5587197a12ff529be8432778 |
| SHA512 | cac654e529e185af14c64b0b0979d54b125fb7dcd5e572e6665e7152e3068a56c9081f7684602d4249f1a2c855caf42463bacf335034e61a3acdcc2ba6e09af2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 399293f82b866b1786435468a1339f72 |
| SHA1 | 5e4009e00f8490b05edc43c4561a96347ba87f27 |
| SHA256 | 7562f6a037e32a96d45805014f4b750571c71665309339f03adb7a0ea2116dec |
| SHA512 | 945ac55cc1b400277525f30bce4217a0c1a053e83f53a361144909ad17966b8801ed557e21dc616556d58c49a634e923982d222bd2c7700adc80621c67fa585f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c75cd512595fc6e33548c54abf15c580 |
| SHA1 | 72cf2625d322df68c93664c5bb14840b0337abfc |
| SHA256 | 91bae98f51044710c9d22b806b73b7888c0f2c61ee4a36c8b3ece6316853620d |
| SHA512 | f6ed2cca858d86ffcaab0eb2faa2cbc12317d9c83f32e791274ae0f1084d35f862a8e2c7ba84b81b0bdf6b5d349835ceff339a28a142c611702934b9b5597fb4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f9879e16332662c999487d85d55d3b94 |
| SHA1 | 5ca8f9517383d762aeaa7f993ffa300c3fd31898 |
| SHA256 | aa55f0e2eb80793dd0a7fd78ac7e82066f4895e38969acc379fc3238b962f803 |
| SHA512 | ba9bb0e0140a39ad131b80e4cb705525d35ada480ef0b53da492f305ec6a289b85bf1df69e2778bb599899749bff7cee076ba291925584232b6b50560b5841a2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f111b7dd9eda9c7910d673e5488673e5 |
| SHA1 | 760c183f52b8c054cc3db3c72a8b20e716ff6f83 |
| SHA256 | c61af18f9e2007210ad5a1afdc76abe794982c756b10b449b85ee3c5b2a51996 |
| SHA512 | 477840d3d5638bbfb906341d89945e6d0e9e63b4ac198e88c5701e91d0e5d40456c1dca9ad0b0abfbc8e14945c5a70ab452f2671924977da2ecaa5566d72980a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8fc9f44615708449394706ad2e3c040a |
| SHA1 | 95d13a41869d46f5590e75cd1d2eb8e2f4a9e847 |
| SHA256 | 8f5687bedb10e6fc7aa28557d7e39a9c24f7485e6beb97ad78352c281d87325a |
| SHA512 | c272f1ae339aeb1fd2f37ee7fb99d3eef80c9dcca6196d9db113996470932e87dc08c2d8663f77caaa14bb57d0ab35adfcf9e615606935cf53024d478fc12daa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 35032da0d5bcdbef1b4540ca6c92d761 |
| SHA1 | dadbbf62363759deba182143d789cf4406735a21 |
| SHA256 | 182c1a669f53fd8c745a9253c86273e9de7a93601355125ca4cfdf8268af3c5f |
| SHA512 | 682d03ff672da85d9869a2de85d6d335a5e0b3c819923ecae863e90d277ef322a6dfdadd8afa7a4c8a138cb733fc20dc9a810b674d71e7f460e89d968e551550 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 74f7edbefa4976c684328abc5c160326 |
| SHA1 | 6ff7b60f49226a2a937b1913b06650f6960e62bf |
| SHA256 | 7d3a5acc51e599569363b875e23a48c6fa369a9c9fcb7bda06d9c74335c6d1e0 |
| SHA512 | ec9cb5429dbeb44417161f3a03db06eb41615a07cc22e70875ae85d3eda72434d86e94ae03723752132816dd8aa1c320c6e3280349805e7b611f73366e332415 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b47d62929b0d9060ba0ee768eee1c570 |
| SHA1 | 59c380a9bded086f7098c3603497f3b7cd263c63 |
| SHA256 | b7a946afc255196372c671ac56218447168528bbed029667530e777ebc226dc6 |
| SHA512 | 8b56389b11e6fee49e7df12e79788f005839168cd27e4a1932e2082cffae107abb533b31babbce606a8e5071ca439369661b9042f6331b0ec1051abf38cb6f96 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6fbea507578fb3d94297a7adf02f695c |
| SHA1 | ff771625efa65d5413e47fbc9cdc5bf1296bbdca |
| SHA256 | e6923e1c48a36e8f7d4abca55d28605f857f611b51bb104d1bee4599f4df1ee3 |
| SHA512 | 7eeb8d43af3876efd15028b9181b9240a29d807e47cade9b08fdcbdd9438c8a74be6e81d07acde4c3071b5634c9e8277f65674123635791e2be6c4fc030f51e3 |
Analysis: behavioral2
Detonation Overview
Submitted
2025-01-27 14:57
Reported
2025-01-27 14:59
Platform
win10v2004-20241007-en
Max time kernel
145s
Max time network
142s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_40be2a9ca30beb08f5c1f6ad89e6cf4c.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9e4f646f8,0x7ff9e4f64708,0x7ff9e4f64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2512 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6064 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6064 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,259221535045617791,973069055750146045,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1752 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sharegods.com | udp |
| US | 3.19.116.195:80 | sharegods.com | tcp |
| US | 8.8.8.8:53 | www.freestats.net | udp |
| DE | 45.10.154.57:80 | www.freestats.net | tcp |
| US | 8.8.8.8:53 | www.hugedomains.com | udp |
| US | 104.26.7.37:443 | www.hugedomains.com | tcp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.173.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.116.19.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.154.10.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.7.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn-cookieyes.com | udp |
| US | 8.8.8.8:53 | static.hugedomains.com | udp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.22.59.91:443 | cdn-cookieyes.com | tcp |
| GB | 2.19.252.211:443 | use.typekit.net | tcp |
| US | 8.8.8.8:53 | log.cookieyes.com | udp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| IE | 54.75.160.87:443 | log.cookieyes.com | tcp |
| GB | 2.19.252.218:443 | p.typekit.net | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| FR | 142.250.179.110:443 | www.youtube.com | tcp |
| GB | 2.19.252.211:443 | use.typekit.net | tcp |
| US | 8.8.8.8:53 | img.youtube.com | udp |
| FR | 142.250.201.174:443 | img.youtube.com | tcp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.59.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.160.75.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.201.250.142.in-addr.arpa | udp |
| FR | 172.217.20.164:443 | www.google.com | udp |
| US | 104.22.59.91:443 | cdn-cookieyes.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 36988ca14952e1848e81a959880ea217 |
| SHA1 | a0482ef725657760502c2d1a5abe0bb37aebaadb |
| SHA256 | d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6 |
| SHA512 | d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173 |
\??\pipe\LOCAL\crashpad_4932_VOMQAJUTFNWDJUXX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fab8d8d865e33fe195732aa7dcb91c30 |
| SHA1 | 2637e832f38acc70af3e511f5eba80fbd7461f2c |
| SHA256 | 1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea |
| SHA512 | 39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0f8f34ae8074e601d1c5910f7611b73e |
| SHA1 | c8573ba8e379a711cba7b4e6333766537272d692 |
| SHA256 | 839313b50128e547edb14fe58d4b4a6eb005ecf7e3ec5c55e768c2c4c43d42af |
| SHA512 | ef6f6c46bba63004507c6e786ddd4a2b332226bdc8bf31c2c771e2c83d70afb78b5130def7a59e6016fe411c42764859dee24d56ca350c4009719c96e6def6d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 7b49e7ed72d5c3ab75ea4aa12182314a |
| SHA1 | 1338fc8f099438e5465615ace45c245450f98c84 |
| SHA256 | 747c584047f6a46912d5c5354b6186e04ea24cf61246a89c57077faf96679db6 |
| SHA512 | 6edf4594e2b850f3ede5a68738e6482dd6e9a5312bffa61b053312aa383df787641f6747ac91fa71bb80c51ed52a0c23cc911f063cd6e322d9a1210aea64e985 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f459d68787ec8cd7a80f6cfb57deb3ff |
| SHA1 | d79118d598214e26e3307318c5ce49a9b716a70e |
| SHA256 | cb95227606c77e7db48290207cfc8351b9cad8aa1eb1f470e89bef614cd1005e |
| SHA512 | 074507a096e65988022df2823f22af909f6429a1ae1267da040183a050c24c8c0e3f3df89eaa4cc520acc555e36dff34fae004b1ecb32d34d70f6cddbd695e90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7f53000a8a487729f5ddea77eafb767d |
| SHA1 | 4d9ce5643383c4256e0bb0bfe0cfd7dbf02d43a1 |
| SHA256 | 1436b3b94258ac4144a858103ec797abfc77c244775bb4eb2d9e76bd161b50a3 |
| SHA512 | edcc4172a509d1122a341693b50154676363f12a0b153be5dcdcc3bc6fd3179a58b1ffa55fb18c1472594679967328390df314ffb398f0535e1318798ba08590 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f096856633a43b06303f73450163fa1d |
| SHA1 | fa8d5c620ad64b79d02a8e6cc15bb5cc030fea0e |
| SHA256 | 9fda2e4f73c39972c804f2957498a3bafb755b420fae885b7c79e09714d8322c |
| SHA512 | 0c4c9004ee56a05057f769d0884253fd698323c7126c438d8ec629e3910a43ae66f1d30c677af21173d783793b289890cb5bb1339df28f75da73552df50be058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b84ba968f8391540038ef2e4284c9fe3 |
| SHA1 | 12203a1e17a5129fd36793b83ffe56507be12e36 |
| SHA256 | 8f5e7582d1b4c16bfccc32a9ffaeffc725dce2081f15d5e8a65bbc4cf030aa2f |
| SHA512 | b69c0d554febcea9853616aedc7f6f2551c9652d74d4ced6672feeea834d9a7d4872aa85c36af21097507e489906314f523aff2e464f0d516a6dbd20db9c009b |