General Info

URL

http://uvic.co.uk/life-in-the-uk/climate-characteristics-of-different-uk-regions

Full analysis
https://app.any.run/tasks/f12d58f9-1c80-4c79-bb69-790608a713e7
Verdict
Malicious activity
Analysis date
4/15/2019, 14:31:44
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (73.0.3683.75)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 65.0.2 (x86 en-US) (65.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

No suspicious indicators.

Creates files in the user directory
  • iexplore.exe (PID: 2596)
  • FlashUtil32_26_0_0_131_ActiveX.exe (PID: 2704)
  • iexplore.exe (PID: 960)
Changes internet zones settings
  • iexplore.exe (PID: 960)
Reads internet explorer settings
  • iexplore.exe (PID: 2596)
Reads settings of System Certificates
  • iexplore.exe (PID: 2596)
Reads Internet Cache Settings
  • iexplore.exe (PID: 960)
  • iexplore.exe (PID: 2596)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
35
Monitored processes
3
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start iexplore.exe iexplore.exe flashutil32_26_0_0_131_activex.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
960
CMD
"C:\Program Files\Internet Explorer\iexplore.exe" -nohome
Path
C:\Program Files\Internet Explorer\iexplore.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Microsoft Corporation
Description
Internet Explorer
Version
8.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\profapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\cryptbase.dll
c:\program files\internet explorer\sqmapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\ieui.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\clbcatq.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\url.dll
c:\windows\system32\version.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\propsys.dll
c:\windows\system32\xmllite.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\msfeeds.dll
c:\windows\system32\sxs.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\mlang.dll
c:\program files\common files\microsoft shared\ink\tiptsf.dll
c:\windows\system32\mssprxy.dll

PID
2596
CMD
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:960 CREDAT:71937
Path
C:\Program Files\Internet Explorer\iexplore.exe
Indicators
Parent process
iexplore.exe
User
admin
Integrity Level
LOW
Version:
Company
Microsoft Corporation
Description
Internet Explorer
Version
8.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\program files\internet explorer\ieshims.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\rpcrtremote.dll
c:\program files\internet explorer\sqmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rsaenh.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\mlang.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\program files\java\jre1.8.0_92\bin\ssv.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
c:\windows\system32\version.dll
c:\progra~1\micros~1\office14\urlredir.dll
c:\windows\system32\secur32.dll
c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
c:\progra~1\micros~1\office14\msohev.dll
c:\program files\java\jre1.8.0_92\bin\jp2ssv.dll
c:\program files\java\jre1.8.0_92\bin\msvcr100.dll
c:\program files\java\jre1.8.0_92\bin\deploy.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\feclient.dll
c:\windows\system32\iepeers.dll
c:\windows\system32\winspool.drv
c:\windows\system32\msimtf.dll
c:\windows\system32\jscript.dll
c:\windows\system32\imgutil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\ksuser.dll
c:\windows\system32\avrt.dll
c:\windows\system32\audioses.dll
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\windows\system32\t2embed.dll
c:\windows\system32\macromed\flash\flash32_26_0_0_131.ocx
c:\windows\system32\dsound.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\mscms.dll
c:\windows\system32\userenv.dll
c:\windows\system32\dinput8.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\schannel.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\credssp.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\p2pcollab.dll
c:\windows\system32\qagentrt.dll
c:\windows\system32\fveui.dll
c:\windows\system32\xmllite.dll

PID
2704
CMD
C:\Windows\system32\Macromed\Flash\FlashUtil32_26_0_0_131_ActiveX.exe -Embedding
Path
C:\Windows\system32\Macromed\Flash\FlashUtil32_26_0_0_131_ActiveX.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Adobe Systems Incorporated
Description
Adobe® Flash® Player Installer/Uninstaller 26.0 r0
Version
26,0,0,131
Modules
Image
c:\windows\system32\macromed\flash\flashutil32_26_0_0_131_activex.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\comres.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\secur32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\version.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\riched20.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\psapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\macromed\flash\flashutil32_26_0_0_131_activex.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\dinput8.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\sxs.dll
c:\windows\system32\mlang.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll

Registry activity

Total events
512
Read events
425
Write events
86
Delete events
1

Modification events

PID
Process
Operation
Key
Name
Value
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
CompatibilityFlags
0
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
SecuritySafe
1
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000071000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\Active
{75DAB6AF-5F7A-11E9-A370-5254004A04AF}
0
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Type
4
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Count
1
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Time
E307040001000F000C001F003B001802
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Type
4
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Count
1
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Time
E307040001000F000C001F003B001802
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
FullScreen
no
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Window_Placement
2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF20000000200000004003000078020000
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Links
Order
08000000020000000C01000001000000020000007E0000000000000070003200EC000000464B245120005355474745537E312E55524C0000540008000400EFBE454B974D464B24512A000000F94300000000020000000000000000000000000000005300750067006700650073007400650064002000530069007400650073002E00750072006C0000001C00000000000000820000000100000074003200E2000000464B24512000574542534C497E312E55524C0000580008000400EFBE454B864A464B24512A000000743E0000000003000000000000000000000000000000570065006200200053006C006900630065002000470061006C006C006500720079002E00750072006C0000001C00000000000000
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Type
3
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Count
1
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Time
E307040001000F000C001F003B00E302
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
LoadTime
16
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Type
3
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Count
1
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Time
E307040001000F000C001F003B000203
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
LoadTime
256
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Type
3
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Count
1
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Time
E307040001000F000C00200000001400
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
LoadTime
59
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
Path
C:\Users\admin\Favorites\Links\Suggested Sites.url
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
Handler
{B0FA7D7C-7195-4F03-B03E-9DC1C9EBC394}
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
FeedUrl
https://ieonline.microsoft.com/#ieslice
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
DisplayName
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
ErrorState
0
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
DisplayMask
0
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
Path
C:\Users\admin\Favorites\Links\Web Slice Gallery.url
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
Handler
{B0FA7D7C-7195-4F03-B03E-9DC1C9EBC394}
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
FeedUrl
http://go.microsoft.com/fwlink/?LinkId=121315
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
DisplayName
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
ErrorState
0
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
DisplayMask
0
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url1
http://uvic.co.uk/life-in-the-uk/climate-characteristics-of-different-uk-regions
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url2
lazada.co.id
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url3
ikea.com
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url4
onclkds.com
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url5
bing.com
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url6
movies.is
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url7
sole.com
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url8
baike.com
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url9
pantip.com
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url10
lapatilla.com
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url11
mp
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore
Type
1
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore
Count
1
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore
Time
E307040001000F000C0020001F00D000
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019041520190416
CachePath
%USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012019041520190416
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019041520190416
CachePrefix
:2019041520190416:
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019041520190416
CacheLimit
8192
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019041520190416
CacheOptions
11
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019041520190416
CacheRepair
0
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch
UpgradeTime
BC513B4C87F3D401
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore
Count
2
960
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore
Time
E307040001000F000C00200022007003
2596
iexplore.exe
delete key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012018082820180829
2596
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012019041520190416
CachePath
%USERPROFILE%\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012019041520190416
2596
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012019041520190416
CachePrefix
:2019041520190416:
2596
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012019041520190416
CacheLimit
8192
2596
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012019041520190416
CacheOptions
11
2596
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012019041520190416
CacheRepair
0
2596
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\Total
20
2596
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\uvic.co.uk
20
2596
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\Total
41
2596
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\uvic.co.uk
41

Files activity

Executable files
0
Suspicious files
0
Text files
64
Unknown types
10

Dropped files

PID
Process
Filename
Type
2596
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
text
MD5: e93ab9f35194ffac2aad5b323460bd2f
SHA256: c036debd2231d05dacff6e2beb220732b7212cea8dec081e27a97d77817d0e56
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\20142011065616[1].png
image
MD5: 9a99ae595c2407892df08dba949a36a0
SHA256: 6fff4c90b52e22645dfc22b64d159d3e727f58caaf75929069139de8b2ee0b0a
2596
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
text
MD5: fdc7734df621a9331e318368c5604378
SHA256: 3adf94c2a03e58d1c5003689a951d9495014c20c699b49064ac5f5d2007a611b
2596
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
text
MD5: b75d7098ed868a728dfa5c755b7fc082
SHA256: 3072db31a6f2cc17b25dad18618a5ddc7692477c979dd8b9935edcdf44aa4dac
2596
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt
––
MD5:  ––
SHA256:  ––
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\i[1].js
text
MD5: 3e2b391532f7a9c5eaaae744ae14cc8a
SHA256: e3b5dc011f96bac44863c4e4e0c24c5418069b3e83c5f85cdd57726346b1adf7
2596
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
text
MD5: abb7b24a97beaeed7a12132ffa930e2d
SHA256: bbd9194cba797a7acd9c981a1bb976f73f891185d550c284c10c4118481b1478
2596
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\U9TP8C6X\uvic.co[1].xml
text
MD5: fd77d2e8bf665f9b34576e03cf696124
SHA256: 84aef594abd016d77245072c69d195c11060cba9c6d52e667d9c04e11c85362f
2596
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\index.dat
dat
MD5: 9b7f1b10c996d77b283e0e6e1af970da
SHA256: f97d144841160884f0feeb041b16082f56df31b6e03cf3ad6c67beb7974635d3
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\contains[1].js
text
MD5: 35d784812ac7c56522094e94d18bd074
SHA256: 65b0df11a25582a495cd8813747824a0a3ab26ffcc35707afa923e500b4977b7
960
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\uvic_icon[1].ico
––
MD5:  ––
SHA256:  ––
960
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\uvic_icon[1].jpg
––
MD5:  ––
SHA256:  ––
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\views[1].js
text
MD5: 5e484998ca6bcb00b27cb96e4e510373
SHA256: da63bf475c921a53c8175c3aa2619a12fbf21abadd65f668608a36550faeac64
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\taskMgr[1].js
text
MD5: c89587835d36b6eeaa11928bc164502d
SHA256: 6d447ea2fe6f4fde02a7c740eb592862b59703766c35a3e612ffb4c451212b94
960
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012019041520190416\index.dat
dat
MD5: ebedc16767f53131a7779c7fb1c42c55
SHA256: c5f4655468018d2e34acabf1d4b8ecce05d71f936122f575efbdd2ceb43a99f8
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012019041520190416\index.dat
dat
MD5: f9a890bd14ec875a10d196ca5b6cbbc6
SHA256: 5480dce27995d4f2da0cc36ef8e808962bf3d3657d8e26562bad292f9bb36e2e
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\rfi-021-680x320[1].jpg
image
MD5: 0bdc7f05bdbcbc30e3d11ac3017a6103
SHA256: f6af5a1b19d33737568674fba01200d1f273b37e008b1bacaffced2e0183341a
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat
dat
MD5: f9069bcfa8534635f91ee62e79953254
SHA256: 306794b2e49e1518f4900f8adceb470b46d434f3d2ab8bd30ab106929c7c0ebf
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\knowing_uk[1].png
image
MD5: ac61bc12b7a93711da07145bab775577
SHA256: 1ab94a91ec0b38f64b246ae9ba8b2a010cccd8833986804ce3027adf070e7a63
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\edu_immi_article[1].png
image
MD5: 6c1c6958b9d2f0606966dc0ca354f4ea
SHA256: 3ae8ed701870222a971e8a5dbea169594a861479e330dc2dad844ac32d725ce9
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\f[1].txt
text
MD5: e3a3f5f754b6d0fb0e43d13a5e3b4bf1
SHA256: 76141ba378c8c0a7a3dc3cf1958ccbbd7ee8cdf9e2f4736df17ed0a6dc9ee210
2596
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
text
MD5: 771c6d51980607509ef57e1c9526dc06
SHA256: 97638ec93c250dc58ca18a127c7b8daefad14b20a8e2ead9ca64023288c99e4b
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\carrer[1].png
image
MD5: 6209a39e6992817bffde0096eec19483
SHA256: cb106600b4a07b11b2e9c14fa8a49426bbd5c1be785580c2cfe3baae9e6a7918
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\imgo[1].jpg
image
MD5: b68ec3c229544b85581b3d16d195a571
SHA256: 38a11deca8a7d3d4ec574954c709e105a9e7c3ea2cf5ab02f516027d2aba4c7f
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\english_study[1].png
image
MD5: 35502a951388aad890629070ef8d6b84
SHA256: fc7997e49fb3cc0ed72b16b243dbceb1f07c78d6cdcd2ca7e604162c43d1f1fe
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\uvic_activity[1].png
image
MD5: 3a050b4bad3efe4083d87d0c25929383
SHA256: 0c10ac7a8c4034665b7f2b053c14e88edbae2233cef97aae850beb5a3650e6d9
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\stayin_uk[1].png
image
MD5: 50a311c6f91b299437fbccf7bcd12143
SHA256: cda317c9ac50f2b9e1bfd3d09de6f2367658cb4762244a6621b1fc2a40589ce7
2596
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
text
MD5: 59572e9eefc8fdbe1c1addfaa3c06c77
SHA256: 4e37983ac35a062780d5fb1cd276747066cc3c771b7ce386c341ec1b6428ccef
2596
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat
dat
MD5: 856ef30f1c8b3d031642fa017bc50a0f
SHA256: 6f0d2ac92d8340157f9825b48d5632d67d85bbb86fb1ce27ef7a32218f3c000c
2596
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
––
MD5:  ––
SHA256:  ––
2704
FlashUtil32_26_0_0_131_ActiveX.exe
C:\Users\admin\AppData\Roaming\Adobe\Flash Player\NativeCache\NativeCache.directory:Zone.Identifier
text
MD5: fbccf14d504b7b2dbcb5a5bda75bd93b
SHA256: eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\education_icon[1].png
image
MD5: 687ed15a5fc7a72a777d961314eea862
SHA256: 137d84b0506dbc8647baa90aa683baeffbff96293ba66d84418192d262de4b92
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\js_B2uv6dkjoYobfQVyuXdchgrpnnx4oM0TkP_bDVf8Qrg[1].js
text
MD5: 51e4b12ff7dcb5b9f0872f7e3179f4f8
SHA256: 076bafe9d923a18a1b7d0572b9775c860ae99e7c78a0cd1390ffdb0d57fc42b8
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\immigration_icon[1].png
image
MD5: e3ad1a62e8826cd2e67a5fa32075c398
SHA256: 2e3bb1955a4f06b4a6eb86a195ded062284b4909cbfe2d508c46e14dd36875c4
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\menu-leaf[1].gif
image
MD5: 24d1668aa98dcd39ea1a5f1fde580ac8
SHA256: 707041e3d443ce942ec6489536d34ef2b4b68d75dcd708064066015936ca2dfd
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\bg01[1].jpg
image
MD5: f8b4d95a5249cea628a827c433808326
SHA256: 4d01defc18a1385ff705d7f33e989c2be0e4ea9cafb72832726a351949c1bacb
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\edu_logo[1].png
image
MD5: fae07016eb536f552c6841c8f8875ad5
SHA256: ad3b6e86b4040b0f2561f6db4dc282b4a1f256ba45ce62353d46469161c8ad65
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\20142011065610[1].png
image
MD5: f96f0348906c4359851e683a74758ff0
SHA256: 45a05aea1e6fdf8a26bd55011b7f6914c33979958ef01409df02cf55352eece9
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\helveticaneue-webfont-webfont[1].eot
eot
MD5: ad98bb694c41473f3614bf6624b23747
SHA256: 43c1e17e6fc64d7264520cf06ecd87d127c2214b71826fb1b978a64cac865663
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\id[1].htm
html
MD5: e9dfccc6622a175c3f184fe6b17caebb
SHA256: c5a639cf3e0c7b0456558edb16643f3545f55753070adbbf1f8aaefbf704504f
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\immi_logo[1].png
image
MD5: 16a3085b048f077f6229676ebed69b7f
SHA256: b14ab7cbd2fe0ddd4e7fae117dcba65b0a6508f09e2a293471b8acdd5ea2c007
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\grey_logo[1].png
image
MD5: adf0dd53a3fc10b3f4a77113e8096246
SHA256: 6024ba2e3d0dfe0cc35ed9a060ecd2371eb1dec3b628970ff6b5c85bbf5d0d3f
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\f[1].txt
text
MD5: 528043d55e904921ed133932a45ceb12
SHA256: 4c1e5019c849124f18bc3085ca385e57b98991d7d154c5eae68df658de084017
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat
dat
MD5: dcd8e6ff7aa48778327848ff7090d725
SHA256: 0e83f26f2a09f12b9dcd59ce96464c4105dc90e2668adcbe297ae82acb4fbd24
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\analytics[1].js
text
MD5: 0ea40a4cb2873a89cbe597eaea860826
SHA256: 3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\gtm[1].js
text
MD5: 4144adc8a71e83812460b5f34d309292
SHA256: 1b49b1f34b470078796f492124ee0a399d96733751e3dca0d15260fb8b65f524
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\js_oCVMDTeSNt-_QxknevWyf6yO5OzmME3AhRz3ggZgNtg[1].js
text
MD5: d1cb46b6709b66bde9c2627531dd1c60
SHA256: a0254c0d379236dfbf4319277af5b27fac8ee4ece6304dc0851cf782066036d8
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\glyphicons-halflings-regular[1].eot
eot
MD5: aa16cd35628e6dddf56e766c9aa4ae63
SHA256: 62fcbc4796f99217282f30c654764f572d9bfd9df7de9ce1e37922fa3caf8124
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\wpa[1].php
text
MD5: 148351f68815604fec4804b2d6cc7a83
SHA256: 52ccab418b072d70eaba7d12ae607a1acd500b756b75062f7d49e8bf6d7b31dd
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\js_2l3fRX5h5x0f3SPI-V1Mjc-pEw5CrltGD0fF1XMuxXc[1].js
text
MD5: 353f2fddb36609e72e7769495faf4e45
SHA256: da5ddf457e61e71d1fdd23c8f95d4c8dcfa9130e42ae5b460f47c5d5732ec577
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\css_kvaqtp5WyrrHbRp04EMjxDRU1slGUfavu9v2bsvcoDU[1].css
text
MD5: ff666e7bab7f84be35694d9a001e2379
SHA256: 92f6aab69e56cabac76d1a74e04323c43454d6c94651f6afbbdbf66ecbdca035
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\css_ogjvJnfni1_P_WxvXAHlUOgCs860b3ip9DNMapcIGeM[1].css
text
MD5: 3cc7e20d07458cc2f225dd75446eb3f3
SHA256: a208ef2677e78b5fcffd6c6f5c01e550e802b3ceb46f78a9f4334c6a970819e3
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\css_MnXiytJtb186Ydycnpwpw34cuUsHaKc80ey5LiQXhSY[1].css
text
MD5: 19291876a2232c15eed1de9dc1a885f6
SHA256: 3275e2cad26d6f5f3a61dc9c9e9c29c37e1cb94b0768a73cd1ecb92e24178526
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\css_k5JnNnOTb_8bDRHOfv1iClftYvWz65Opxjvkr-UKRNs[1].css
text
MD5: 44e4d1e99e3632032f00ae7a015507f2
SHA256: 9392673673936fff1b0d11ce7efd620a57ed62f5b3eb93a9c63be4afe50a44db
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\css_k3snrbsthqot7V7ccRZHS9OkCZkwBv4adtNieIVlbEU[1].css
text
MD5: d8b116085cb62be134a23f8a2c56ab77
SHA256: 937b27adbb2d86aa2ded5edc7116474bd3a409993006fe1a76d3627885656c45
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\bootstrap.min[1].css
text
MD5: 072e95329879934d29384b7a0b24345e
SHA256: 1e3b05336944dc8257502af3b9d063bd66295c799afe9ae1368eddfb4db6e250
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\bootstrap.min[1].js
text
MD5: c2e5221c3336abe0dff8568e73cd0dae
SHA256: 13d9e9ce4061c6b648768b09a36d000a7bfba969d4570cf329f938ede6a8f393
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT
smt
MD5: 5b62c13d97d3e9a8a72d46ca5136dcab
SHA256: 4f053c5055e702bb748e9931d4931cc3474c241f98c488fd3d9f49d2b0ddb238
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\tools[1]
image
MD5: 6f20ba58551e13cfd87ec059327effd0
SHA256: 62a7038cc42c1482d70465192318f21fc1ce0f0c737cb8804137f38a1f9d680b
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\noConnect[1]
image
MD5: 3cb8faccd5de434d415ab75c17e8fd86
SHA256: 6976c426e3ac66d66303c114b22b2b41109a7de648ba55ffc3e5a53bd0db09e7
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\down[1]
image
MD5: 555e83ce7f5d280d7454af334571fb25
SHA256: 70f316a5492848bb8242d49539468830b353ddaa850964db4e60a6d2d7db4880
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\favcenter[1]
image
MD5: 25d76ee5fb5b890f2cc022d94a42fe19
SHA256: 07d07a467e4988d3c377acd6dc9e53abca6b64e8fbf70f6be19d795a1619289b
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\background_gradient[1]
image
MD5: 20f0110ed5e4e0d5384a496e4880139b
SHA256: 1471693be91e53c2640fe7baeecbc624530b088444222d93f2815dfce1865d5b
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\httpErrorPagesScripts[1]
text
MD5: e7ca76a3c9ee0564471671d500e3f0f3
SHA256: 58268ca71a28973b756a48bbd7c9dc2f6b87b62ae343e582ce067c725275b63c
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\errorPageStrings[1]
text
MD5: 1a0563f7fb85a678771450b131ed66fd
SHA256: eb5678de9d8f29ca6893d4e6ca79bd5ab4f312813820fe4997b009a2b1a1654c
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\ErrorPageTemplate[1]
text
MD5: f4fe1cb77e758e1ba56b8a8ec20417c5
SHA256: 8d018639281b33da8eb3ce0b21d11e1d414e59024c3689f92be8904eb5779b5f
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\dnserror[1]
html
MD5: 68e03ed57ec741a4afbbcd11fab1bdbe
SHA256: 1ff3334c3eb27033f8f37029fd72f648edd4551fce85fc1f5159feaea1439630
960
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H6QNMHE9\favicon[1].png
image
MD5: 9fb559a691078558e77d6848202f6541
SHA256: 6d8a01dc7647bc218d003b58fe04049e24a9359900b7e0cebae76edf85b8b914
960
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
––
MD5:  ––
SHA256:  ––
960
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H6QNMHE9\favicon[1].ico
––
MD5:  ––
SHA256:  ––
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat
dat
MD5: 529259cf15a08cf021db780062b0f67a
SHA256: e68cb4495a69a832bc53ee0432e5fce5ffd84dca9946c5fa18810368f4d7c117
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q7JF8EXB\desktop.ini
ini
MD5: 4a3deb274bb5f0212c2419d3d8d08612
SHA256: 2842973d15a14323e08598be1dfb87e54bf88a76be8c7bc94c56b079446edf38
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B5N1VG7W\desktop.ini
ini
MD5: 4a3deb274bb5f0212c2419d3d8d08612
SHA256: 2842973d15a14323e08598be1dfb87e54bf88a76be8c7bc94c56b079446edf38
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LDRHUFUY\desktop.ini
ini
MD5: 4a3deb274bb5f0212c2419d3d8d08612
SHA256: 2842973d15a14323e08598be1dfb87e54bf88a76be8c7bc94c56b079446edf38
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E51KW622\desktop.ini
ini
MD5: 4a3deb274bb5f0212c2419d3d8d08612
SHA256: 2842973d15a14323e08598be1dfb87e54bf88a76be8c7bc94c56b079446edf38
960
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Feeds Cache\desktop.ini
ini
MD5: 4a3deb274bb5f0212c2419d3d8d08612
SHA256: 2842973d15a14323e08598be1dfb87e54bf88a76be8c7bc94c56b079446edf38
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\desktop.ini
ini
MD5: 4a3deb274bb5f0212c2419d3d8d08612
SHA256: 2842973d15a14323e08598be1dfb87e54bf88a76be8c7bc94c56b079446edf38
2596
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\desktop.ini
ini
MD5: 4a3deb274bb5f0212c2419d3d8d08612
SHA256: 2842973d15a14323e08598be1dfb87e54bf88a76be8c7bc94c56b079446edf38

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
43
TCP/UDP connections
38
DNS requests
24
Threats
1

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
960 iexplore.exe GET 200 204.79.197.200:80 http://www.bing.com/favicon.ico US
image
whitelisted
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/life-in-the-uk/climate-characteristics-of-different-uk-regions HK
html
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/css/css_ogjvJnfni1_P_WxvXAHlUOgCs860b3ip9DNMapcIGeM.css HK
text
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/css/css_kvaqtp5WyrrHbRp04EMjxDRU1slGUfavu9v2bsvcoDU.css HK
text
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/css/css_k5JnNnOTb_8bDRHOfv1iClftYvWz65Opxjvkr-UKRNs.css HK
text
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/css/css_MnXiytJtb186Ydycnpwpw34cuUsHaKc80ey5LiQXhSY.css HK
text
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/js/js_2l3fRX5h5x0f3SPI-V1Mjc-pEw5CrltGD0fF1XMuxXc.js HK
text
malicious
2596 iexplore.exe GET 200 209.197.3.15:80 http://netdna.bootstrapcdn.com/bootstrap/3.0.2/css/bootstrap.min.css US
text
whitelisted
2596 iexplore.exe GET 200 209.197.3.15:80 http://netdna.bootstrapcdn.com/bootstrap/3.0.2/js/bootstrap.min.js US
text
whitelisted
2596 iexplore.exe GET 404 74.125.140.82:80 http://html5shiv.googlecode.com/svn/trunk/html5.js US
html
whitelisted
2596 iexplore.exe GET 200 111.206.25.170:80 http://wpa.b.qq.com/cgi/wpa.php CN
text
unknown
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/css/css_k3snrbsthqot7V7ccRZHS9OkCZkwBv4adtNieIVlbEU.css HK
text
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/js/js_oCVMDTeSNt-_QxknevWyf6yO5OzmME3AhRz3ggZgNtg.js HK
text
malicious
2596 iexplore.exe GET 200 209.197.3.15:80 http://netdna.bootstrapcdn.com/bootstrap/3.0.2/fonts/glyphicons-halflings-regular.eot? US
eot
whitelisted
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/fonts/helveticaneue-webfont-webfont.eot? HK
eot
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/grey_logo.png HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/immi_logo.png HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/images/upload/20142011065610.png HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/edu_logo.png HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/images/upload/20142011065616.png HK
image
malicious
2596 iexplore.exe GET 200 172.217.18.8:80 http://www.googletagmanager.com/gtm.js?id=GTM-5VJXHN US
text
whitelisted
2596 iexplore.exe GET 200 216.58.208.46:80 http://www.google-analytics.com/analytics.js US
text
whitelisted
2596 iexplore.exe GET 200 172.217.21.194:80 http://www.googleadservices.com/pagead/conversion_async.js US
text
whitelisted
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/images/upload/rfi-021-680x320.jpg HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/education_icon.png HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/menu-leaf.gif HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/immigration_icon.png HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/js/js_B2uv6dkjoYobfQVyuXdchgrpnnx4oM0TkP_bDVf8Qrg.js HK
text
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/bg01.jpg HK
image
malicious
2596 iexplore.exe GET 404 47.90.95.192:80 http://uvic.com.cn/sites/all/themes/uvicn/images/grey_static.png HK
html
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/stayin_uk.png HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/english_study.png HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/carrer.png HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/uvic_activity.png HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/imgo.jpeg HK
image
malicious
2596 iexplore.exe GET 302 216.58.208.46:80 http://www.google-analytics.com/r/collect?v=1&_v=j73&a=467206134&t=pageview&_s=1&dl=http%3A%2F%2Fuvic.co.uk%2Flife-in-the-uk%2Fclimate-characteristics-of-different-uk-regions&ul=en-us&de=utf-8&dt=Climate%20Characteristics%20of%20Different%20UK%20Regions%20%7C%20UVIC&sd=32-bit&sr=1280x720&vp=1260x560&je=0&fl=26.0%20r0&_u=YEB~&jid=753136040&gjid=9653638&cid=1013302683.1555331552&tid=UA-72589077-2&_gid=1176344158.1555331552&_r=1&gtm=2wg4305VJXHN&z=328595340 US
html
whitelisted
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/edu_immi_article.png HK
image
malicious
2596 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/all/themes/uvicn/images/knowing_uk.png HK
image
malicious
960 iexplore.exe GET 200 47.90.95.192:80 http://uvic.co.uk/sites/default/files/uvic_icon.ico HK
image
malicious
2596 iexplore.exe GET 200 203.205.158.38:80 http://bqq.gtimg.com/da/i.js CN
text
suspicious
2596 iexplore.exe GET 200 203.205.128.173:80 http://da.qidian.qq.com/jsonp/mta?v=0.7.7&tid=4000802900&aid=&pid=kj6lhp.gsumak.juic90ds&qid=a1006r.gzko4o.juic90ds&src=12&cid=1943776256&sid=1.1.pjgy0.juic90ds&t=juic90ds&callback=S3JSONPPREFIXuiownq CN
text
unknown
2596 iexplore.exe GET 200 203.205.138.57:80 http://combo.b.qq.com/da/id.html?q=a1006r.gzko4o.juic90ds&p=kj6lhp.gsumak.juic90ds&t=4000802900&a=&c=1943776256&s=1.1.pjgy0.juic90ds&src=12&pgv_pvi=&v=0.7.7&ts=http%3A%2F%2Fda.qidian.qq.com%2Fping%2Fid CN
html
unknown
2596 iexplore.exe GET 200 203.205.128.173:80 http://da.qidian.qq.com/ping/id?v=0.7.7&tid=4000802900&aid=&sid=1.1.pjgy0.juic90ds&qid=a1006r.gzko4o.juic90ds&pid=kj6lhp.gsumak.juic90ds&qqm=3&t=juic94l9&cid=1943776256&src=12&z=3exqje CN
image
unknown

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
960 iexplore.exe 204.79.197.200:80 Microsoft Corporation US whitelisted
2596 iexplore.exe 47.90.95.192:80 Alibaba (China) Technology Co., Ltd. HK malicious
2596 iexplore.exe 209.197.3.15:80 Highwinds Network Group, Inc. US whitelisted
2596 iexplore.exe 74.125.140.82:80 Google Inc. US whitelisted
2596 iexplore.exe 111.206.25.170:80 China Unicom Beijing Province Network CN unknown
–– –– 172.217.18.8:80 Google Inc. US whitelisted
2596 iexplore.exe 216.58.208.46:80 Google Inc. US whitelisted
–– –– 172.217.21.194:80 Google Inc. US whitelisted
2596 iexplore.exe 172.217.21.194:443 Google Inc. US whitelisted
2596 iexplore.exe 74.125.140.157:443 Google Inc. US whitelisted
2596 iexplore.exe 203.205.138.57:443 Tencent Building, Kejizhongyi Avenue CN unknown
–– –– 216.58.206.4:443 Google Inc. US whitelisted
–– –– 172.217.22.3:443 Google Inc. US whitelisted
960 iexplore.exe 47.90.95.192:80 Alibaba (China) Technology Co., Ltd. HK malicious
2596 iexplore.exe 125.39.133.14:443 CHINA UNICOM China169 Backbone CN unknown
2596 iexplore.exe 203.205.219.229:443 CN unknown
2596 iexplore.exe 203.205.151.45:443 Tencent Building, Kejizhongyi Avenue CN unknown
–– –– 203.205.158.38:80 Tencent Building, Kejizhongyi Avenue CN unknown
2596 iexplore.exe 203.205.128.173:80 Tencent Building, Kejizhongyi Avenue CN unknown
2596 iexplore.exe 203.205.138.57:80 Tencent Building, Kejizhongyi Avenue CN unknown

DNS requests

Domain IP Reputation
www.bing.com 204.79.197.200
13.107.21.200
whitelisted
uvic.co.uk 47.90.95.192
malicious
dns.msftncsi.com 131.107.255.255
whitelisted
wpa.b.qq.com 111.206.25.170
unknown
netdna.bootstrapcdn.com 209.197.3.15
whitelisted
html5shiv.googlecode.com 74.125.140.82
whitelisted
www.googletagmanager.com 172.217.18.8
whitelisted
uvic.com.cn 47.90.95.192
unknown
www.google-analytics.com 216.58.208.46
whitelisted
www.googleadservices.com 172.217.21.194
whitelisted
googleads.g.doubleclick.net 172.217.21.194
whitelisted
combo.b.qq.com 203.205.138.57
203.205.158.37
203.205.158.38
unknown
stats.g.doubleclick.net 74.125.140.157
74.125.140.156
74.125.140.155
74.125.140.154
whitelisted
www.google.com 216.58.206.4
whitelisted
www.google.ch 172.217.22.3
whitelisted
isdspeed.qq.com 125.39.133.14
unknown
report.b.qq.com 203.205.219.229
unknown
wpl.b.qq.com 203.205.151.45
unknown
prom.b.qq.com 203.205.151.45
unknown
bqq.gtimg.com 203.205.158.38
203.205.138.57
203.205.158.37
unknown
da.qidian.qq.com 203.205.128.173
unknown
localhost.ptlogin2.qq.com 127.0.0.1
unknown

Threats

PID Process Class Message
2596 iexplore.exe A Network Trojan was detected MALWARE [PTsecurity] Coinhive/DeepMiner JavaScript Miner

Debug output strings

No debug info.