Analysis Overview
SHA256
03c22a875e0e53f1b909abc4870e283a40671cd6ad72e90df21bff28efb97930
Threat Level: Shows suspicious behavior
The file JaffaCakes118_1c74ad647d4549eb8e767c843a01689c was found to be: Shows suspicious behavior.
Malicious Activity Summary
Reads user/profile data of web browsers
UPX packed file
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Unsigned PE
Enumerates physical storage devices
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-07-04 17:53
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2025-07-04 17:53
Reported
2025-07-04 17:56
Platform
win10v2004-20250610-en
Max time kernel
149s
Max time network
153s
Command Line
Signatures
Reads user/profile data of web browsers
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\PROGRA~2\is240609593.log | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeShutdownPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe
"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | os-test.ultimatedownloadaccelerator.com | udp |
| US | 8.8.8.8:53 | cdnus.ultimatedownloadaccelerator.com | udp |
| US | 8.8.8.8:53 | cdneu.ultimatedownloadaccelerator.com | udp |
| US | 103.224.182.218:80 | cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 103.224.182.218:80 | cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 103.224.182.218:80 | cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 8.8.8.8:53 | ww25.os-test.ultimatedownloadaccelerator.com | udp |
| US | 199.59.243.228:80 | ww25.os-test.ultimatedownloadaccelerator.com | tcp |
| US | 8.8.8.8:53 | ww25.cdnus.ultimatedownloadaccelerator.com | udp |
| US | 8.8.8.8:53 | ww25.cdneu.ultimatedownloadaccelerator.com | udp |
| US | 199.59.243.228:80 | ww25.cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 199.59.243.228:80 | ww25.cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 8.8.8.8:53 | os2.ultimatedownloadaccelerator.com | udp |
| US | 103.224.182.218:80 | os2.ultimatedownloadaccelerator.com | tcp |
| US | 199.59.243.228:80 | ww25.cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 199.59.243.228:80 | ww25.cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 8.8.8.8:53 | ww25.os2.ultimatedownloadaccelerator.com | udp |
| US | 199.59.243.228:80 | ww25.os2.ultimatedownloadaccelerator.com | tcp |
| US | 199.59.243.228:80 | ww25.os2.ultimatedownloadaccelerator.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| US | 103.224.182.218:80 | os2.ultimatedownloadaccelerator.com | tcp |
| US | 103.224.182.218:80 | os2.ultimatedownloadaccelerator.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 199.59.243.228:80 | ww25.os2.ultimatedownloadaccelerator.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.180.3:80 | c.pki.goog | tcp |
Files
memory/5028-0-0x000000000040C000-0x000000000040D000-memory.dmp
memory/5028-1-0x00000000004B0000-0x00000000004B9000-memory.dmp
memory/5028-10-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-12-0x0000000000400000-0x000000000041A000-memory.dmp
memory/5028-7-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-11-0x00000000023D0000-0x000000000250E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ISH240~1\images\Close_Hover.png
| MD5 | 83487401daf307d6c726a479de1ee6f9 |
| SHA1 | c173be4937a63672570078b325864c76b28040b8 |
| SHA256 | f4f0f59fccd9b87b208b416423797dcfb532472dcfef99bef41a11ea9f6f713b |
| SHA512 | da69729b6682acd1c46587c7c3b4533d9afbcf84c17e55f43798f1fee0097c7a2f39860e6dbc6a9b1cb26dc63d9afab4511071981ad5fd494f36ad9659c56e50 |
memory/5028-97-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-98-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-100-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-99-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-101-0x00000000023D0000-0x000000000250E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ish240607765\bootstrap_60216.html
| MD5 | 1ea9e5b417811379e874ad4870d5c51a |
| SHA1 | a4bd01f828454f3619a815dbe5423b181ec4051c |
| SHA256 | f076773a6e3ae0f1cee3c69232779a1aaaf05202db472040c0c8ea4a70af173a |
| SHA512 | 965c10d2aa5312602153338da873e8866d2782e0cf633befe5a552b770e08abf47a4d2e007cdef7010c212ebcb9fefea5610c41c7ed1553440eaeab7ddd72daa |
C:\Users\Admin\AppData\Local\Temp\ish240607765\css\sdk-ui\progress-bar.css
| MD5 | abc5fac091a8548789f3e6b4553ef430 |
| SHA1 | c02d3c132f87607b7081a7b61fbd48728cc75ee4 |
| SHA256 | d482709570c0f9259ccf0ca4569a9ca05b37798910fe650da459b30dd832c845 |
| SHA512 | 5e01c691a1b4e2e767e73c32bd74866ebe5a61532438c4c222058f832c26901824fe365157f23a3f559de171332b743c9a55f0ae4ce5c004ae24cd906595a2b3 |
C:\Users\Admin\AppData\Local\Temp\ish240607765\css\main.css
| MD5 | c4defa8d39bae67d8f65a0db206ce195 |
| SHA1 | 61c4c8d278c15f4fbcf3d5c471adf796135920b5 |
| SHA256 | ac85063553d730cb11945522296d3887dc200fba829024c92bb3c72ce24b4de1 |
| SHA512 | 8d9565d2ddbb5b9d336b7275f5e3c3398444cd467a162a5831238057855273571991bfe1812c50a5a94446014e15871ba1a42dfc9f3b53e73d31f185acc2b39f |
memory/5028-117-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-119-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-135-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-136-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-145-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-150-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-147-0x00000000023D0000-0x000000000250E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ish240607765\images\Color_Button_Hover.png
| MD5 | 08ffc7fcaf5adc850cc454275a98274c |
| SHA1 | d504fa7e100b7dc379b83a8565b307e6485bf29b |
| SHA256 | 28879145d87be92a4ca7896fc60f6eaa81d5baa5d12af34e768e2ad374a8ffa4 |
| SHA512 | 96639e4bf4cfc9d353c071768f88cc6da7342619c5e19cffcff0e2fd53edae13b49e398ddc51b2d78ef89900f895f2b26172360222e860dcf11ea43560a111bc |
memory/5028-144-0x00000000023D0000-0x000000000250E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ish240607765\images\Color_Button.png
| MD5 | a379d9826c7537e27c3d039e6d816382 |
| SHA1 | 19fc3f105175fa7b61d91e3217f2f7b56bc752a6 |
| SHA256 | ed26660ccbec7a439f5158741892beb9b63d2e7b9c491e359535d2cbce4f4e72 |
| SHA512 | cd2b2c5a559968857ff759351d8d5133410be863b97587ef50ea0b769ff46d142e96aedd24eeeb01b0aca55292cf91a86ea9569fa4c3838007a2aa76ab60ae55 |
memory/5028-173-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-167-0x00000000023D0000-0x000000000250E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ish240607765\images\BG.gif
| MD5 | e4f15874b7d6a90e64364a02269bc4df |
| SHA1 | 63e6ea43b6f890cb00dab260967723730f525cb0 |
| SHA256 | 1d4313dacef0bbf110c9f7b8bf4035334a6f7c9f2e05caa775aef936e4fb69d3 |
| SHA512 | fc707be1c0209b83f4403e95d2c2b67703d68309b6d27842d596c44179980c29e020a639b90956b79e4661c1e82f8ab615a054475c66d855b49669d7f20ebd35 |
memory/5028-157-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-155-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-152-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-142-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-141-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-140-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-143-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-139-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-175-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-177-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-182-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-184-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-183-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-186-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-189-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-188-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-187-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-190-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-195-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-194-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-200-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-193-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-204-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-192-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-211-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-216-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-218-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-217-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-215-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-214-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-213-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-219-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-223-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-220-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-224-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-225-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-226-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-227-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-230-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-232-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-233-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-235-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-234-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-236-0x00000000023D0000-0x000000000250E000-memory.dmp
memory/5028-237-0x00000000023D0000-0x000000000250E000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2025-07-04 17:53
Reported
2025-07-04 17:56
Platform
win11-20250610-en
Max time kernel
150s
Max time network
151s
Command Line
Signatures
Reads user/profile data of web browsers
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\PROGRA~2\is240635390.log | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeShutdownPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe
"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_1c74ad647d4549eb8e767c843a01689c.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | os-test.ultimatedownloadaccelerator.com | udp |
| US | 8.8.8.8:53 | cdnus.ultimatedownloadaccelerator.com | udp |
| US | 8.8.8.8:53 | cdneu.ultimatedownloadaccelerator.com | udp |
| US | 103.224.182.218:80 | cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 103.224.182.218:80 | cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 199.59.243.228:80 | ww25.os-test.ultimatedownloadaccelerator.com | tcp |
| US | 103.224.182.218:80 | os2.ultimatedownloadaccelerator.com | tcp |
| US | 199.59.243.228:80 | ww25.os-test.ultimatedownloadaccelerator.com | tcp |
| US | 199.59.243.228:80 | ww25.os-test.ultimatedownloadaccelerator.com | tcp |
| US | 76.223.26.96:80 | ww38.cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 76.223.26.96:80 | ww38.cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 103.224.182.218:80 | os2.ultimatedownloadaccelerator.com | tcp |
| US | 199.59.243.228:80 | ww25.os-test.ultimatedownloadaccelerator.com | tcp |
| US | 76.223.26.96:80 | ww38.cdneu.ultimatedownloadaccelerator.com | tcp |
| US | 199.59.243.228:80 | ww25.os-test.ultimatedownloadaccelerator.com | tcp |
| US | 103.224.182.218:80 | os2.ultimatedownloadaccelerator.com | tcp |
| US | 103.224.182.218:80 | os2.ultimatedownloadaccelerator.com | tcp |
| US | 199.59.243.228:80 | ww25.os-test.ultimatedownloadaccelerator.com | tcp |
Files
memory/3192-0-0x000000000040C000-0x000000000040D000-memory.dmp
memory/3192-1-0x00000000006D0000-0x00000000006D9000-memory.dmp
memory/3192-7-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-12-0x0000000000400000-0x000000000041A000-memory.dmp
memory/3192-10-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-11-0x0000000002530000-0x000000000266E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ISH240~1\images\Close_Hover.png
| MD5 | 83487401daf307d6c726a479de1ee6f9 |
| SHA1 | c173be4937a63672570078b325864c76b28040b8 |
| SHA256 | f4f0f59fccd9b87b208b416423797dcfb532472dcfef99bef41a11ea9f6f713b |
| SHA512 | da69729b6682acd1c46587c7c3b4533d9afbcf84c17e55f43798f1fee0097c7a2f39860e6dbc6a9b1cb26dc63d9afab4511071981ad5fd494f36ad9659c56e50 |
memory/3192-97-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-98-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-100-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-99-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-101-0x0000000002530000-0x000000000266E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ish240634234\bootstrap_5704.html
| MD5 | 1ea9e5b417811379e874ad4870d5c51a |
| SHA1 | a4bd01f828454f3619a815dbe5423b181ec4051c |
| SHA256 | f076773a6e3ae0f1cee3c69232779a1aaaf05202db472040c0c8ea4a70af173a |
| SHA512 | 965c10d2aa5312602153338da873e8866d2782e0cf633befe5a552b770e08abf47a4d2e007cdef7010c212ebcb9fefea5610c41c7ed1553440eaeab7ddd72daa |
C:\Users\Admin\AppData\Local\Temp\ish240634234\css\sdk-ui\progress-bar.css
| MD5 | abc5fac091a8548789f3e6b4553ef430 |
| SHA1 | c02d3c132f87607b7081a7b61fbd48728cc75ee4 |
| SHA256 | d482709570c0f9259ccf0ca4569a9ca05b37798910fe650da459b30dd832c845 |
| SHA512 | 5e01c691a1b4e2e767e73c32bd74866ebe5a61532438c4c222058f832c26901824fe365157f23a3f559de171332b743c9a55f0ae4ce5c004ae24cd906595a2b3 |
C:\Users\Admin\AppData\Local\Temp\ish240634234\css\main.css
| MD5 | c4defa8d39bae67d8f65a0db206ce195 |
| SHA1 | 61c4c8d278c15f4fbcf3d5c471adf796135920b5 |
| SHA256 | ac85063553d730cb11945522296d3887dc200fba829024c92bb3c72ce24b4de1 |
| SHA512 | 8d9565d2ddbb5b9d336b7275f5e3c3398444cd467a162a5831238057855273571991bfe1812c50a5a94446014e15871ba1a42dfc9f3b53e73d31f185acc2b39f |
memory/3192-117-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-127-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-131-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-136-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-137-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-145-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-141-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-157-0x0000000002530000-0x000000000266E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ish240634234\images\Color_Button_Hover.png
| MD5 | 08ffc7fcaf5adc850cc454275a98274c |
| SHA1 | d504fa7e100b7dc379b83a8565b307e6485bf29b |
| SHA256 | 28879145d87be92a4ca7896fc60f6eaa81d5baa5d12af34e768e2ad374a8ffa4 |
| SHA512 | 96639e4bf4cfc9d353c071768f88cc6da7342619c5e19cffcff0e2fd53edae13b49e398ddc51b2d78ef89900f895f2b26172360222e860dcf11ea43560a111bc |
memory/3192-166-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-179-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-174-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-187-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-173-0x0000000002530000-0x000000000266E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ish240634234\images\Color_Button.png
| MD5 | a379d9826c7537e27c3d039e6d816382 |
| SHA1 | 19fc3f105175fa7b61d91e3217f2f7b56bc752a6 |
| SHA256 | ed26660ccbec7a439f5158741892beb9b63d2e7b9c491e359535d2cbce4f4e72 |
| SHA512 | cd2b2c5a559968857ff759351d8d5133410be863b97587ef50ea0b769ff46d142e96aedd24eeeb01b0aca55292cf91a86ea9569fa4c3838007a2aa76ab60ae55 |
C:\Users\Admin\AppData\Local\Temp\ish240634234\images\BG.gif
| MD5 | e4f15874b7d6a90e64364a02269bc4df |
| SHA1 | 63e6ea43b6f890cb00dab260967723730f525cb0 |
| SHA256 | 1d4313dacef0bbf110c9f7b8bf4035334a6f7c9f2e05caa775aef936e4fb69d3 |
| SHA512 | fc707be1c0209b83f4403e95d2c2b67703d68309b6d27842d596c44179980c29e020a639b90956b79e4661c1e82f8ab615a054475c66d855b49669d7f20ebd35 |
memory/3192-151-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-140-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-139-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-138-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-135-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-132-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-197-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-195-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-196-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-194-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-191-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-200-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-199-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-204-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-205-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-203-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-213-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-212-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-211-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-209-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-208-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-206-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-214-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-220-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-215-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-227-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-223-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-233-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-230-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-236-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-235-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-234-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-237-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-239-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-241-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-242-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-243-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-244-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-246-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-245-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-247-0x0000000002530000-0x000000000266E000-memory.dmp
memory/3192-248-0x0000000002530000-0x000000000266E000-memory.dmp