General Info

URL

https://igg-games.com/god-of-war-free-download.html

Full analysis
https://app.any.run/tasks/0006e250-ac16-41f7-a915-b07a1d91dc72
Verdict
Malicious activity
Analysis date
14/01/2022, 22:55:23
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 11.0.9600.19596 KB4534251
  • Adobe Acrobat Reader DC (20.013.20064)
  • Adobe Flash Player 32 ActiveX (32.0.0.453)
  • Adobe Flash Player 32 NPAPI (32.0.0.453)
  • Adobe Flash Player 32 PPAPI (32.0.0.453)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.74)
  • FileZilla Client 3.51.0 (3.51.0)
  • Google Chrome (86.0.4240.198)
  • Google Update Helper (1.3.36.31)
  • Java 8 Update 271 (8.0.2710.9)
  • Java Auto Updater (2.8.271.9)
  • Microsoft .NET Framework 4.5.2 (4.5.51209)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Groove MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office IME (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office IME (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Language Pack 2010 - French/Français (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - German/Deutsch (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Italian/Italiano (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Japanese/日本語 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Korean/한국어 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Portuguese/Português (Brasil) (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Russian/русский (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Spanish/Español (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Turkish/Türkçe (14.0.4763.1013)
  • Microsoft Office O MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Arabic) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Basque) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Catalan) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Dutch) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Galician) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Proof (Ukrainian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (French) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office SharePoint Designer MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office X MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 83.0 (x86 en-US) (83.0)
  • Mozilla Maintenance Service (83.0.0.7621)
  • Notepad++ (32-bit x86) (7.9.1)
  • Opera 12.15 (12.15.1748)
  • QGA (2.14.33)
  • Skype version 8.29 (8.29)
  • VLC media player (3.0.11)
  • WinRAR 5.91 (32-bit) (5.91.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Hyphenation Parent Package English
  • IE Spelling Parent Package English
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • InternetExplorer Package TopLevel
  • KB2479943
  • KB2491683
  • KB2506212
  • KB2506928
  • KB2532531
  • KB2533552
  • KB2533623
  • KB2534111
  • KB2545698
  • KB2547666
  • KB2552343
  • KB2560656
  • KB2564958
  • KB2574819
  • KB2579686
  • KB2585542
  • KB2604115
  • KB2620704
  • KB2621440
  • KB2631813
  • KB2639308
  • KB2640148
  • KB2653956
  • KB2654428
  • KB2656356
  • KB2660075
  • KB2667402
  • KB2676562
  • KB2685811
  • KB2685813
  • KB2685939
  • KB2690533
  • KB2698365
  • KB2705219
  • KB2719857
  • KB2726535
  • KB2727528
  • KB2729094
  • KB2729452
  • KB2731771
  • KB2732059
  • KB2736422
  • KB2742599
  • KB2750841
  • KB2758857
  • KB2761217
  • KB2770660
  • KB2773072
  • KB2786081
  • KB2789645
  • KB2799926
  • KB2800095
  • KB2807986
  • KB2808679
  • KB2813347
  • KB2813430
  • KB2820331
  • KB2834140
  • KB2836942
  • KB2836943
  • KB2840631
  • KB2843630
  • KB2847927
  • KB2852386
  • KB2853952
  • KB2857650
  • KB2861698
  • KB2862152
  • KB2862330
  • KB2862335
  • KB2864202
  • KB2868038
  • KB2871997
  • KB2872035
  • KB2884256
  • KB2891804
  • KB2893294
  • KB2893519
  • KB2894844
  • KB2900986
  • KB2908783
  • KB2911501
  • KB2912390
  • KB2918077
  • KB2919469
  • KB2923545
  • KB2931356
  • KB2937610
  • KB2943357
  • KB2952664
  • KB2968294
  • KB2970228
  • KB2972100
  • KB2972211
  • KB2973112
  • KB2973201
  • KB2977292
  • KB2978120
  • KB2978742
  • KB2984972
  • KB2984976
  • KB2984976 SP1
  • KB2985461
  • KB2991963
  • KB2992611
  • KB2999226
  • KB3004375
  • KB3006121
  • KB3006137
  • KB3010788
  • KB3011780
  • KB3013531
  • KB3019978
  • KB3020370
  • KB3020388
  • KB3021674
  • KB3021917
  • KB3022777
  • KB3023215
  • KB3030377
  • KB3031432
  • KB3035126
  • KB3037574
  • KB3042058
  • KB3045685
  • KB3046017
  • KB3046269
  • KB3054476
  • KB3055642
  • KB3059317
  • KB3060716
  • KB3061518
  • KB3067903
  • KB3068708
  • KB3071756
  • KB3072305
  • KB3074543
  • KB3075226
  • KB3078667
  • KB3080149
  • KB3086255
  • KB3092601
  • KB3093513
  • KB3097989
  • KB3101722
  • KB3102429
  • KB3102810
  • KB3107998
  • KB3108371
  • KB3108664
  • KB3109103
  • KB3109560
  • KB3110329
  • KB3115858
  • KB3118401
  • KB3122648
  • KB3123479
  • KB3126587
  • KB3127220
  • KB3133977
  • KB3137061
  • KB3138378
  • KB3138612
  • KB3138910
  • KB3139398
  • KB3139914
  • KB3140245
  • KB3147071
  • KB3150220
  • KB3150513
  • KB3155178
  • KB3156016
  • KB3159398
  • KB3161102
  • KB3161949
  • KB3170735
  • KB3172605
  • KB3179573
  • KB3184143
  • KB3185319
  • KB4019990
  • KB4040980
  • KB4474419
  • KB4490628
  • KB4524752
  • KB4532945
  • KB4536952
  • KB4567409
  • KB958488
  • KB976902
  • KB982018
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • Package 21 for KB2984976
  • Package 38 for KB2984976
  • Package 45 for KB2984976
  • Package 59 for KB2984976
  • Package 7 for KB2984976
  • Package 76 for KB2984976
  • PlatformUpdate Win7 SRV08R2 Package TopLevel
  • ProfessionalEdition
  • RDP BlueIP Package TopLevel
  • RDP WinIP Package TopLevel
  • RollupFix
  • UltimateEdition
  • WUClient SelfUpdate ActiveX
  • WUClient SelfUpdate Aux TopLevel
  • WUClient SelfUpdate Core TopLevel
  • WinMan WinIP Package TopLevel

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Reads Microsoft Outlook installation path
  • iexplore.exe (PID: 3800)
Reads the computer name
  • iexplore.exe (PID: 2152)
  • iexplore.exe (PID: 3800)
Reads settings of System Certificates
  • iexplore.exe (PID: 2152)
  • iexplore.exe (PID: 3800)
Checks supported languages
  • iexplore.exe (PID: 2152)
  • iexplore.exe (PID: 3800)
Changes internet zones settings
  • iexplore.exe (PID: 2152)
Application launched itself
  • iexplore.exe (PID: 2152)
Checks Windows Trust Settings
  • iexplore.exe (PID: 2152)
  • iexplore.exe (PID: 3800)
Dropped object may contain Bitcoin addresses
  • iexplore.exe (PID: 3800)
Reads internet explorer settings
  • iexplore.exe (PID: 3800)
Creates files in the user directory
  • iexplore.exe (PID: 3800)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
37
Monitored processes
2
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start iexplore.exe iexplore.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2152
CMD
"C:\Program Files\Internet Explorer\iexplore.exe" "https://igg-games.com/god-of-war-free-download.html"
Path
C:\Program Files\Internet Explorer\iexplore.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Microsoft Corporation
Description
Internet Explorer
Version
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Image
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\ws2_32.dll
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\sechost.dll
c:\windows\system32\version.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\msvcrt.dll
c:\program files\internet explorer\ieshims.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\lpk.dll
c:\windows\system32\nsi.dll
c:\windows\system32\msctf.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\userenv.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\user32.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\ole32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\imm32.dll
c:\program files\internet explorer\sqmapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
c:\windows\system32\secur32.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\credssp.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\netutils.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wship6.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\ieui.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\propsys.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\dui70.dll
c:\windows\system32\duser.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\npmproxy.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mlang.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\macromed\flash\flash32_32_0_0_453.ocx
c:\windows\system32\netprofm.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\schannel.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\xmllite.dll

PID
3800
CMD
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2152 CREDAT:267521 /prefetch:2
Path
C:\Program Files\Internet Explorer\iexplore.exe
Indicators
Parent process
iexplore.exe
User
admin
Integrity Level
LOW
Version:
Company
Microsoft Corporation
Description
Internet Explorer
Version
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Image
c:\windows\system32\clbcatq.dll
c:\windows\system32\ieui.dll
c:\program files\internet explorer\sqmapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\setupapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\crypt32.dll
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\lpk.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\devobj.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\version.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ieframe.dll
c:\program files\internet explorer\ieshims.dll
c:\windows\system32\wininet.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\webio.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\userenv.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\credssp.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\schannel.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\fveui.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\wuaueng.dll
c:\windows\system32\qagentrt.dll
c:\windows\system32\p2pcollab.dll
c:\windows\system32\windowspowershell\v1.0\powershell.exe
c:\windows\system32\cryptnet.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\jscript9.dll
c:\windows\system32\mlang.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\propsys.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\d3d10warp.dll
c:\windows\system32\sxs.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\msxml6.dll
c:\windows\system32\windowscodecsext.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\winmm.dll
c:\windows\system32\macromed\flash\flash32_32_0_0_453.ocx
c:\windows\system32\xmllite.dll

Registry activity

Total events
21132
Read events
0
Write events
111
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content
CachePrefix
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History
CachePrefix
Visited:
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
NTPLastLaunchLowDateTime
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
NextCheckForUpdateHighDateTime
30935449
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
NTPLastLaunchHighDateTime
30935449
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
NextCheckForUpdateLowDateTime
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
NTPDaysSinceLastAutoMigration
1
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies
CachePrefix
Cookie:
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
IntranetName
1
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
SecuritySafe
1
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
0
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
ProxyBypass
1
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
1
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\Active
{0F7D8C8D-758D-11EC-A45D-12A9866C77DE}
0
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
460000003B010000090000000000000000000000000000000400000000000000C0E333BBEAB1D3010000000000000000000000000100000002000000C0A80164000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch
UpgradeTime
5226F7D19909D801
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
CompatibilityFlags
0
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
FullScreen
no
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28BCCB9A-E66B-463C-82A4-09F320DE94D7}\iexplore
Type
10
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Type
3
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Time
E607010005000E00160037001A007302
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{362E934C-743B-4588-8259-D2482DB771A8}
WpadDecisionTime
007324D29909D801
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-36-3e-ff
WpadDecisionTime
007324D29909D801
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{362E934C-743B-4588-8259-D2482DB771A8}
WpadDecisionReason
1
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-36-3e-ff
WpadDecision
0
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Blocked
25
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Window_Placement
2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF20000000200000004003000078020000
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28BCCB9A-E66B-463C-82A4-09F320DE94D7}\iexplore
Count
25
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Type
3
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Time
E607010005000E00160037001A007302
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Blocked
25
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28BCCB9A-E66B-463C-82A4-09F320DE94D7}\iexplore
Blocked
25
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28BCCB9A-E66B-463C-82A4-09F320DE94D7}\iexplore
Time
E607010005000E00160037001A007302
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Count
25
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Count
25
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Count
25
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Time
E607010005000E00160037001A007302
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Type
3
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-36-3e-ff
WpadDecisionReason
1
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Blocked
25
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{362E934C-743B-4588-8259-D2482DB771A8}
WpadNetworkName
Network 4
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{362E934C-743B-4588-8259-D2482DB771A8}
WpadDecision
0
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery
Active
0
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{00021493-0000-0000-C000-000000000046}\Enum
Implementing
1C00000001000000E607010005000E00160037001E008F0001000000644EA2EF78B0D01189E400C04FC9E26E
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{00021494-0000-0000-C000-000000000046}\Enum
Implementing
1C00000001000000E607010005000E00160037001E00000300000000
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\EUPP Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\DSP
BackupDefaultSearchScope
00000000A607000047985ECEEEB1527EFDC03B923182A06B3A7FC2DE18CD5B8BCFFFA82772140E0F6FD293F776A3D4A0610C5E84D43D85F39365ABF135B904FC025B6BD413A0551EF54D135C90D17F50E7A0FE1D07203368A4DDB92843F2769534D0B957C3E16B8991A9639AE55D3504311E890C3048758133864A141A98E67D76FEAEB7B1F7E0CBDE86DE9A2366ACDBAE248459CED4BDF6EFFFDA1300CB85FB00854BF00C03A88A4985C1A1D30BD77C35547BC7F6E6D864BBEAA2AB08AB127A260508DCF923E4DF3C4475641A6E8AC5684C21BF849D49802FE6B9E543589D62F01D86ACC87882F497641935B4ADA04C83AC56D13819B59BA792FCC370F2D6C4CA6F13EC64235EF0A9856C3E47EA69B25E18E3C27B7AB67A16907FC2239975D1A09AAE1972420534DC47DECBCE430CBFD02BDE2B85DFEC775A7F5C6C216D431ED03ECECAD6F6BCE8BF4AA2A65BDADB576488A8A5D56AF7F6A6FE9FFB108E53C4F8FB0064D15F0FD8932E6980A8CDE13904CDED8B173A002C0EAFEA0D071CD543FD71A3615D9E3B9D5394C168733E828DB09BD445026F6F307A312A632537E53E0940E62914D1AE1D691AB65EB94BB3492993E52A6929E261AB230FB547FF06003C089274FE190558186192E61616DA5DC05393EBA087091D16273197F194FFD75E693B4665978C80F109F7B683BD3DB7767D2396E4AB92C168DC3067EF16FD3C5603096F3769536CAEB2C96F00624C111CAFE11E3FB4FB01CFE12754B4A57ACC427673A8D1B0794DA6FC5069A523B292D18AC08006C2A58A00D8A86DCF614D0EC461F834E48CBEC117888A8B7E227A433DAFE76F98F4EFF9246045C6D56AFC0EAA66931C4E1EB12D51F44239287E3146DEBCD7909F6C5B1ED618FDA8D8E099C6AD24DEF00584AB691CE19E4BEB5610F06B53194D1049418F3EA2A0D6DFE3AC55D03B3E22CFDFCCBCECEFB61C5FCC94A4AC127D302FAB6890519D7CDFC993E207F94BBFE72250D12BF8BEFF9ED3FED786A09AA4D25CB230459BA8527DE410A32E1EF45BB619F51C13EEEE148B260ED8FA518CA25ED07D3F3827658F0DBA7A2DCD4AD6F445E3EFC3167020499ACC1AE1F5D786C996B62E6C2C94724C10FDF14E0B28917F28AE5E295A47F232CF4744E31D5A2A3F7D05E4B441D1710DB8B295A78150C5D5EF496343112A0571D0CDAAE3BCEA163B7C61BFEE6D66013193878658526F1297E5041C335910F9DB54606EBB7CBEEB1825BDDEF93ABAC19A37B9E4B60D3518365292AAFA68C46EC79B9BAED5FD684A7D82B8631AE09B530F09F2CF76709976A84E8C2DD507E004ABFA218C3930B6D1ADF1E26DFCA42D569B0BD46787E5BACE68326BC6F761925B6F73AC262D8B41221695391C04949069A5C367CDE7E6CFBF6F82E493711C7A14F9610B9E4909ECDB9D5163908A83F02E8C2A431F6E1C88E9527DB1B57EC835CDEC35861291F9969D065CFEE8CD667444B6B05F7E775CC4ECBC2E524DE19B3C27843C50A41AA20209C559F5469AF0D24A1B501A0A267075682D186479F47FE3C2CF7D8E7252AEE6BD5D0C1FC9E58EFCE20BAE40E3EBAD33FD3F65825A1C6BD03EAFA1A99EB46F545B1C92429119A65BABE84E5B298F5E3E4B0EB291101D12953B6CF06647C3EFFC81183595BD6D2FA6440ED741FCFAFB4EF2236575BCE1DF225ABF57F38C1BCE73D1B3C7A86F7993EC4F1B5F1C7CE2315A92B490C97C42427E39028B508F7CF53DE95894AEC630E6486B85D517C9B0BCCCCAB06ECC71934B5F796328A66E8414A56AC3DA20E2E868FC3794702B0332108C3C306276BCCE98E9BA07F8004B46F856F555E137E3385D08558E313E4A8CCDAC8780912C7BBD91909CDF31C344A3A2D3284F90DDE84A2C506469783BBE710FD64BD10CF0CF50F5A5BFF5DA4D7BAB422FA574A2C913B9D8A00393A1167F9A7EE62840808DD82CB498C3B52FA70E96F0140AEF615683E4C512D4BBC01DADCB3FE1BEF87F5CB7971F5C49051F2B1FFF40B4F870F84058C2C87276195A066836A610AD395A0E8A706438EF6CD4B3CCFCA12610384C74B27790B888E73C1FD02DC12795C281B3728F561256F14E3937D28EDDF0BB70EEB0CA570EAC255EF60509B052166D814490D991F61E3F118E7E69902C3A4EA2F97443EB29812AD3EF27FFCF51D019823B02E3E08FE77CDA07C3D90A118C69D6251DAFFCFDA611CEC056C8AD30630266D9E9F4FCBB51846CA52417E1918725D91DCB58C826BD60B3AAB2A8D4E36E6B6968653C9A54FD176E22C34EE43ACC5FFE9A9DE7085765733AC65B8A63B493C35B7097BAC34F89AF4D42BFD812C5F9A95BECB57D3CDC3D87A0CB719A7689711D66039D0A882A963841ED3728AB76B0F09B1732CB382FE7B2EEFB14B15ED9A87B63CE98F1F5EAC4794E364DA50BF98F31582C346C107102DB46C86422AAC6D8FFC176A9EA66DEB32264FB1F3062B5379D0C1FDBE344792DC148AA8171FF09A1A3FE76EE281FF003588949CF232D3C491C91B346414F3C0ABF85A58B1FC011A317ABF78860386A55D411C87BA88BD563052CF697E270D437A9019EA25A8A237E2A01959791DC1247A4ED0645D85F19275C2E56ED94D8CF565AC5B4E6077740D2820B433C95D66A7AC0FFD24B193CE73371225D684E1A2C06DE819F77A43B6E3F7E5D0D95856A1A8E638B3DAF12279228038A9C27D6EE9FE61D429C75880A6965135492C3DC84C82391ACBA8FE42938A78C30CC4C9B4BE098DF2F9D00255399E329F59DE61734BBD93BE5560D010000000E000000385835324E41646D516B412533640200000000000000
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\EUPP Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\DSP
ChangeNotice
0
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\User Preferences
2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81
01000000D08C9DDF0115D1118C7A00C04FC297EB01000000FF8CFFF509A35A49B25A4640C09634B300000000020000000000106600000001000020000000455281106AF6601D7D61AFB9FEF3531965DF49285A3F424AC7EA68ED971514D5000000000E80000000020000200000007E33390AD05876A811592B5184B34CA78267BAA25001397A0EA2568B6F4CF0B4100000002FD5B5D5E74228858028D5645BB2DE2B400000006D16942F93DE502CFE304ED0C6FEB5121A35C9009332861C0BAA02B65DFFD95EC2B13256003B91DED7025759D4DBC890CA655D8A1825E4A3C6C3CE3EEF735E10
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\User Preferences
88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977
01000000D08C9DDF0115D1118C7A00C04FC297EB01000000FF8CFFF509A35A49B25A4640C09634B3000000000200000000001066000000010000200000004223B77F08FEB4D54F9BC39153557CEE67A0663B66E4D9F44F98B008F6EFCCB4000000000E80000000020000200000006375707D167353A6F7DE8724099E984CD256917F451502150D3EED4FC2EC6EE150000000679D585A95744C21EFAF0439BAED5DDCDA56C3D73B4B6BBFC92D66DC290E09114F8C2FF826CE493598E954AAB6906FF5F87A7A2B7D0A614B9CCD7576139E96C202A5B8AB1FDB7D21897D70B79BEDCBAD400000005CEEDDDF055687FF89FE01FA6B0341E582BF191BC9CD8F2D794A8367581C3EF9A847F2FABB8695DDF0C5B1FA143245838555BE340053D56F2977E0CD639ECB9E
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
FaviconPath
C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes
DefaultScope
{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\User Preferences
88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977
01000000D08C9DDF0115D1118C7A00C04FC297EB01000000FF8CFFF509A35A49B25A4640C09634B300000000020000000000106600000001000020000000678F2B4EEAC972B94C6B227A94D0D917FD5674CAE88CC9BA87A3E3B89618134C000000000E800000000200002000000041FC69C50BEAE641FDE4E0599959BD54969E8D165FE3E119E74C3BD594CDA0155000000097C6B7B0BF9D70DBEB21634AF69C768294F49B8D630288A20A4E0EAF33125DAB2B74FAED0DEAFC0BED985E1AFB0C0B7A6E960C265F4518248732F23DB2AFD93863AB06B5392175768B23BB4BDD48AFAC400000005BB36352F2852B73534A7BC716EC3A59866A2D4D277011E8B9EB0C40417955EC9157BB4A976FEE6E6347B5F9F3017EC016425AC11082F909A4D1A4F8A2440F20
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\User Preferences
2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81
01000000D08C9DDF0115D1118C7A00C04FC297EB01000000FF8CFFF509A35A49B25A4640C09634B300000000020000000000106600000001000020000000BFF25650F1110130097783BA86BC2310E96BF35BE1DD270F8A3E05CEB8B84D7C000000000E80000000020000200000000ED747F3E038A857D8BC0719BAA0194E4EF079769BF2729489541414FA573E1010000000D39867D720EEB61A47E8199A1D7F782E400000000FAAEA82DB364216F60D1332CB0B28767F28240AE3A83984C274D550EE0A8F2D14C5A1B662F90BBC48DCA2CA55D015312B716D9420B23D2DAA29CEA1E30BA920
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\EUPP Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\DSP
BackupDefaultSearchScope
000000009C080000C048444783C4EC273E1D1CBAFC5243A185251C243D3E557E5C803BE40716F6BD883FA6942B005619420AC893C707595399BA5E753A9EEDF6D5FF295DB0B7FA3E3DFBF994BDEC78B70BE46870959919F975A5E9BEE6FF3E93627C1D905A62342C749CA44F142A5CAE0ECB13ECA40461CB2E04A136DC019621D015CFC3FDB592A78E41C1854659545A34DFAC2CC1E80AB7E1F8ECFAA744338C51ECA4776C526E74F40CE41FAE182466144072F6FEE5711C9FA1E0E98C68D243A71F932712D72DB42F1C99F643096880590EDB95C09BC50D0D20B0D30A0E83BA79D03FDAEFE5673A0C91E9E729CBA31A5F69589B5DAA742B3A9337F30AD446F0E21D2080771D2065388BCA37F1FD3D3F49712D5E28B25D07AD1B4ABC185B570A5B28D127E91D8690A02904471F413772B846DD5A1253E71D7BD93FF7B14375FF8F0FDAFB7687DB10F38D369A7E364BA3EC08F156532D305837EBE82EA92C235107F45B1316F9B2C450D6BC28F57BE731E9D74E5A3BE09128AF72AD69AAB68BD8C5F55F13A5143231172470054EB278FEADD3F97B930BEB2BA58ED03B5182639F5334CC9F7879C230D9966351497ACB8CE01CEA7398502C626D60A71D3F2EACC806D03299B1C6D433B04E7381B3729B38AAD2D908C54E82F57406B01C675BD58F8EE85831199DE70A786B63F22F3C8C74C2156D4682A5D58FDDA14FD5E6A9BF4C749E41C8EF9C8B4B6E0D15CB6C7764219505C185E6F5A4416852EDC0D6B8C295EE103F9ED664E4377D548A36D9C2BBE9FFC2EF460EDE0CF82D370BD1BC2827647260D45423966340A35FA6E275BF1ABCAB6CF8D70E00AE84E071325F7C9AB351CFACE83DDED00F13F95035D79E0C1D49F42307CE2CFB9931AB2041634BAC88E15E16477C5AB4293B05469A9ACE4B7696A207B6505C6F43EB5065B1052AFFC5DCCCBC3DF7FEE0E24A4D61ACA52C1B75A09638CD2C66FC7EF3095E177A0D3398B931C0231694F5AE9C97C09D28871B280FCCD61FC16042D729C02CCB2AC8E8551A8640515530944DA4D0856D20A6EDFDF89B01E5B6D7E073E399EFCA35BBBEB252395EC1A2895B4CC8E9CF2BB72B30AAAF87D900869378C94D16C8673ACA55ED079B38A7917AECCED37ABE79FF9B8309AB3F7FE7D4F8A9E068BCD5FE73104E87D5C6F0AD5AF9E55DF5647226F2A988B07525113F99D213848BFA3716282E47740D89A4B5A99AE78349B50AC6C748DEB1AF73B01216EE56977B230FBC6252E16D7D057675410093BCFFC3A86B9AB724A324687C24A20612F212427BCC00E5BCB94CC3843A698C8734023C6B2959FBFC40EB4795D03F28E75274D89CD30EF978A8E6D4F0F2310C6515387573D11161058F97181BC20535754CD7C992D875A2B553F33ED9048089CBE95458DF487EB3DEC580462EA459175CAAD9137EEEF47814E162B85E87F1685B3633A7D162EFE029580F57EE3FF6663C8C67E57EED705433078721A1698D54B379C7FB68647D4A850C22217BE3C3A9B46234BEB3748F2CB3824180C09A3FA374E4996DC4438D9691368219F56D82846663BB773E9EA2C534923956DD91317F3F06D94A058CA646EFCC60177CF1409FF10ADC6E3D31E9DF5622298B1623E3E4B2DFF7D04AB097303E99EDFA3045A6DDF548FFD0D1A214EDB96636118D5C207E6F95D886B57AE8A21D7BF905311C0AFE12BBCA811A5C2C8CFDD25EA76001BD1214BB8F4F651F9F4E2E66A5199F1B5CE4E8326B5739DEB573C3B4F13CB1912BAA424EAF1E7AAA586910DA284F9ADADE2817E5682F4C2B322EA9721BB59E62D8039AD626781490A785621BA22842E3AB683F7B0E81742FEC2350017C0C49D259D9BA83B1F55241CC2EC60FFAB2B75F1129004C5FACD20913F7588CD892D0D4762B4448D6BF564FB764DB5CD5A4196FB84CFA0B9F3384FB26A461A7CF035534F00AD6AA72393F6860D840DB96AD881E9B30CDAF67EFAB23B68E0BCEA595F68225B51184DC522D8B671097AD73BC2467D38718124ED9671A6A52F75D202DD5DF85289657908B3F140E497F0C95DA0DFA2A9B7D581C7ED9A86202C3E170431188CBE503386CE297D676C397CC4A9763298B809B1993441F5CE37210C92CDCC85B1371FA32840C547B3C6181F34B9D469F32DD1260C6925A6A4FE67E355B711F71B7E219E27B2D96E75472DC060CD7D652BDBB82C0FD77ABC075CFADB28DEF31B2028C01AB75717DE548D047981DA7330EFC0F8BBD2F24305B30BA3DC3094B216CB12C532F95BD287EB521647BA2AF7DE0A158CD4B06F80A334C69CFDC05DB0D673FDEADA507E5B9122096D1FDCDAAD470B524E86874A859F3CA1201BCF15F17CA0A1BB188A7014F9D1EF430C57ABE5882DE5D7C16DD023EF3693874E7D2D65D0444E0FD4529400AC5C8762045CB8B29847F27293BCD03D7FA8237C89CAB2F019FAE993213D78D096A7C8040D3DB896769996C8F493CDA45F736C29DE1FBA9210A302DF159E5C36E77F4FE326685813231858E4DFC6695A868EBA193AE4233DF4B32A6D87A4BF458B9AA65959D30B5AA508198054A330D218814B94A35A28D5982D10F895B342BE7B08FBE0881B833F0C902BD56E92A8CCEE5561F6329835CB1C4E1C4A2DEFE753B8D0AE02D555C6B22BBE4C8E0D8FCBAD0F7EB067C67539E05FCB898C42FC9B9730C5377A3EDC07161CA5BE1436F96734822663336EF4C1F7761D413905392D3B182108509180546CD62C01B1F18C90154EEBAF9318D538A257F468CA462E518149B52E40197E54786F3270114FA83C915D99BC90D82DFE5312CF942A2581A30BCD7D3332AA3EB2AACC9CB31C20E9384AB2528C86A7FF569BA20BDB728A02391C8318DA92317B0415FBA434BC9F1FF1237EFE660E98C30B9DFF32A76D8E6EEA95A879DE88EEA3205BF758D7CC99CECEFD7BF11732830E22AC262515A50204EBD91427C0D0A653623EC51E39A619B15ADAC3E363AC85E35DD813D3AB031FA7C378D6D7DB23631B62F065068C3335AD077D7431DEB697E6F133E0A374A1C8228796EC1A51EB4C86A372DEC9DA8DE3BA321769209CCABE235D8175104D3AF441593534BD21E232B5739819BACDB02C76FD6AA8545A42ECCEB432EF4B5010000000E000000385835324E41646D516B412533640200000000000000
2152
iexplore.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\16C\52C64B7E
LanguageList
en-US
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28BCCB9A-E66B-463C-82A4-09F320DE94D7}\iexplore
Time
E607010005000E00160037002A005800
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Blocked
26
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Time
E607010005000E00160037002A005800
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Blocked
26
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28BCCB9A-E66B-463C-82A4-09F320DE94D7}\iexplore
Blocked
26
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28BCCB9A-E66B-463C-82A4-09F320DE94D7}\iexplore
Count
26
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Count
26
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Count
26
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Blocked
26
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Time
E607010005000E00160037002A005800
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Count
26
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Time
E607010005000E00160037002A005800
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\VersionManager
LastCheckForUpdateLowDateTime
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\VersionManager
LastCheckForUpdateHighDateTime
30935449
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\VersionManager
LastUpdateLowDateTime
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\VersionManager
LastTTLHighDateTime
50
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\VersionManager
LastTTLLowDateTime
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\VersionManager
LastUpdateHighDateTime
30935449
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage
DecayDateQueue
01000000D08C9DDF0115D1118C7A00C04FC297EB01000000FF8CFFF509A35A49B25A4640C09634B300000000020000000000106600000001000020000000C2AF6BD7BF6B881540F237E424EACF8AED5EB0683C46D2B530D80C354C188BC4000000000E8000000002000020000000CDEADAAD73CA64ED70C86403E7625D1659D645E29B01E83CB1D65A264964FAC0200000007A67BCB478BA3DE454D632599861EC5132F288634CFDEA7386E709547E29F6BD400000009B4F78A15EBA8EFC7D98BEDA93EE8A2124452351ADD7AFE8C66B215F838A5A4EFE22C779FFAD879B06AA46C8B19E6CB7558F75095438D19B1F1F65019517DDE0
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage
LastProcessed
10EA33F09909D801
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
HashFileVersionLowPart
2
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
HashFileVersionHighPart
0
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
NextCheckForUpdateLowDateTime
787389188
2152
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
NextCheckForUpdateHighDateTime
30935500
3800
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Content
CachePrefix
3800
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\History
CachePrefix
Visited:
3800
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Cookies
CachePrefix
Cookie:

Files activity

Executable files
0
Suspicious files
23
Text files
73
Unknown types
20

Dropped files

PID
Process
Filename
Type
2152
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\versionlist.xml
xml
MD5: cbd0581678fa40f0edcbc7c59e0cad10
SHA256: 159bd4343f344a08f6af3b716b6fa679859c1bd1d7030d26ff5ef0255b86e1d9
2152
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
binary
MD5: 1d972755dbb48f70d185fe4917381c3e
SHA256: f0c663410a766b7827b19367329c6894bb11da695ba9f100ed11cb0189580e66
2152
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verA805.tmp
xml
MD5: cbd0581678fa40f0edcbc7c59e0cad10
SHA256: 159bd4343f344a08f6af3b716b6fa679859c1bd1d7030d26ff5ef0255b86e1d9
2152
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
der
MD5: ace427d9e2e5197da2f600c887dcfcb1
SHA256: 9d985ec5e3675b2c7ded4535f7de2cbe39934d67046e25c3d0466220fafe9651
2152
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6Z2BCOUL\urlblockindex[1].bin
binary
MD5: fa518e3dfae8ca3a0e495460fd60c791
SHA256: 775853600060162c4b4e5f883f9fd5a278e61c471b3ee1826396b6d129499aa7
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\particles.min[1].js
text
MD5: 82c9a2fb869a00185d19c62601a52743
SHA256: 4cf17b51b4eeed2bea29d824b69b91ffb8a3a5807d9fb9263aaa729ff4d3f2e4
2152
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6QGX7LP\favicon[1].ico
image
MD5: 14296d11f00b928cc690302ea5dafc1c
SHA256: 24626df01332861216d016697102b11ad71e431a87c6c3df5c6d32294af1d8f9
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\particlesjs-config[1].json
binary
MD5: 2848d9cb66832d0876cc35cb2e232466
SHA256: 940f6bc8e689c198541f55b05ed8903d007b3d3ece6ed8eac343ca1601760769
2152
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Internet Explorer\imagestore\f7ruq93\imagestore.dat
binary
MD5: 806de1605d30b8ae22475c80c0f49341
SHA256: 18105a27162a65a442fe612354c1b83a17da9f3de7ea017d2cd5e1dbcf677d71
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\bXd5NmgWVQpBNxgFFRRSTx8NQhgeTVYZAQoQVFEJABIKGAsCGlZFH0MdChRETwQUUEpXRlUUHAwQJl8MT01bAV5ZQUwDSkFVCkMKMh4dBEpXVRwPWwtEHFBYQENMB11AQ01TWEBOSANcQBMbAlEOE0EOXls[1].js
text
MD5: fe7289a3f2e0b98c9796c2d52da65c5d
SHA256: 56957fe9588a05664c7ac41ab2bf1449d6ff82a2782ba818aa827c8fd5c96ba8
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\hh12[1].gif
image
MD5: 4a6368b11f5c4a351f602942bd1c6d85
SHA256: 46bd36adfbe4b7e43bf762dec0d3ed44f8af4b152793105152d17a32e670d6c7
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B3D6C5B72CB13E7478022827A73E94D3
binary
MD5: 89a6182e4d48d320733b96b39de163ae
SHA256: ebae6102bee7fb077b54dab0ee1e50e087e8acc2d3fcfb7939082d7d4673550f
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B3D6C5B72CB13E7478022827A73E94D3
der
MD5: 753c056db649e6bbaac8629d7279b356
SHA256: 069bf119efde1b4b31662011780e8765a77e31787a56360dc116dc57c05f9cf3
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7105DA720C893345551AF023CBF09231
binary
MD5: 2c340d147eab4e728ff6261495a94202
SHA256: 47e19ba0599de1dd530099d8b932c15d4701a56dfc99232866da5314767eb749
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F
binary
MD5: d12c50337d38eb2e5ee6dd685c487895
SHA256: 2904b45eaebb1584054e23721e19b701068c98eece5e0fc76c7dfee6e70b6e03
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\ch2[1].gif
image
MD5: 8c83a537646967267d24fe9bf70a80eb
SHA256: 90d91bfdc78789266ad314bca93cfec6e8ccaf132a656750d1763ccd5d8a0e7b
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\embed-v2.min[1].js
text
MD5: c56baf84f247b4399e47eaf8f154c30a
SHA256: ea657040d754b4a9f652d24fa42348098da743b994af800ba97ade49aebd3f1b
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7105DA720C893345551AF023CBF09231
der
MD5: 822dba4acf86c1554db116035602be31
SHA256: 88c6ccd4139763c3c6490f9386e6cafcf8528c898865ffb0be14ad9f13a5755b
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\WOW03[1].jpg
image
MD5: 38ad1d7d8aedfbb15c8f0110d73ae526
SHA256: c777fbbee0ab53bed83b7081d921f0a6a48e3a3bd8c0d0ea42c8ed97614f8cfb
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F
der
MD5: 029fb7dd858601813ae129d575d2b242
SHA256: 98dba01c5b1a4c1dd4abe3819dbb8a9846fecc746bee19bc15b4626d4c7b62de
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
binary
MD5: cb1f43fc630e52a52d210cd914e3c326
SHA256: 72408944ed1e05cb5befaad4e73a16db46873080b108c3268c7aedcdfe86c19a
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\iggbackground[1].jpg
image
MD5: 50c87abf77507dfd23497f2229250894
SHA256: a0354bdf6c1e149ce18615e97cf2f703d758c25685d650db7ea355035d8c9e26
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\bebi_v3[1].js
text
MD5: b6d6e376249643484befd7522dde34d2
SHA256: ad05740966a78657cf685251d6aea88a1e8f9df8355707c82bd727d62133011f
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
der
MD5: 54e9306f95f32e50ccd58af19753d929
SHA256: 45f94dceb18a8f738a26da09ce4558995a4fe02b971882e8116fc9b59813bb72
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_E0990A7CF057A22E5C656F7713BE4EB4
binary
MD5: 5efec59529360250fa63ae0dfdfdb492
SHA256: 8a9c59338a8e644bc52615929c9d37c8102f1f9a851e3acb939aa6d69558f29c
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
binary
MD5: fc1155ba4f4f8d9953b872ae86a41944
SHA256: cc3a2eb8a971442cd8b612e5b5b81533dc3c3235d98c73ab479515ede73d43fb
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_E0990A7CF057A22E5C656F7713BE4EB4
der
MD5: 6db8179c1b6f6cbac6cc02ec5b11ede1
SHA256: 6e2c10a5909297c7514cea94712a17fe2ffec69e59305e3f70993677cb14f41e
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
binary
MD5: 85fb20bef05841e61ba92090753ecaef
SHA256: 9f06f5150fce1c7bdc665fa41ddd15ea0e08ed5efa7429d5b70ddbeb7e626ade
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\sm.23[1].htm
html
MD5: f1054e019f5960efe961bf69182a59d2
SHA256: 4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
3800
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\N8DIIDFE.txt
text
MD5: 6dc2878dbf2526621a83a8e8d162441b
SHA256: 02a97c762350bdb325f8b7f1bee2f1018574adc76b11b67027f4d00104ef5d4f
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
der
MD5: 1ba78c901bf35f9710be47ae2a6b3d25
SHA256: 7e96651546ae845fcfeb2a1b3149e6b9edb3198cfb4e6a8155c60951c1874585
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
der
MD5: 9b980225c891790166a8a8535bb4e178
SHA256: eefabcf46b58056a1447b6a084046fafdbe7d8f512415eff473544202fe1e047
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\icons.30.svg[1].js
text
MD5: 38664eb3f2a96ee18310f6e323c96da2
SHA256: 7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\info[1].svg
image
MD5: c2e941078662032ef78b8ec2e36aaa1b
SHA256: 7d1ff9bbec9ee847d82ff275b73731c894050c94111249f739346072cff6c7e4
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\question[1].svg
image
MD5: cf591e1948591bbddd121f09c42b3ab6
SHA256: d0da8fa3e2e9bebfc7edaa30db429a6665ccd89305c5108ea15942b5dffdbdf8
3800
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\UOB8APQH.txt
text
MD5: a4264d2904422788d3704f5e2d166015
SHA256: 8b7a4d62db8640bfc53df647ecb35d91c7d6d6a801abe93fcf7f3753c559da7f
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\settings[1].svg
image
MD5: e79258322157349dc6488ce4186690b9
SHA256: b91a2dfa32b76029aefe06a90fe8765ee35f79546ec1a5838252209b1b0b97c2
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\list[1].svg
image
MD5: a9d122466a2195210389a2954669a2ae
SHA256: fff4e8d84745c28214712e40ccd50e2c458b8d5fe7ce14557c9a2dc388089869
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\push[1].svg
image
MD5: 419ca5d222de0dc38ac9f59d24fa733a
SHA256: 7fd111acdf33dca18c768544a50d97c94ddcd4847fa9e0d06e8e36905031d5ba
3800
iexplore.exe
C:\Users\admin\AppData\Local\Temp\Low\Cab5E4A.tmp
compressed
MD5: acaeda60c79c6bcac925eeb3653f45e0
SHA256: 6b0ceccf0103afd89844761417c1d23acc41f8aebf3b7230765209b61eee5658
3800
iexplore.exe
C:\Users\admin\AppData\Local\Temp\Low\Tar5E4B.tmp
cat
MD5: d99661d0893a52a0700b8ae68457351a
SHA256: bdd5111162a6fa25682e18fa74e37e676d49cafcb5b7207e98e5256d1ef0d003
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
binary
MD5: 4a7a0579022c0d8417d043db4b85ccff
SHA256: 685f464e03be3f57f1b66e26c3bd9602c16fd33ca1e769513992b44dbf3f9dc2
3800
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\WW0XR1AA.txt
text
MD5: cce05a0285c73bac3ba532fb79f4a13d
SHA256: d1772a57bc2fbea262b7fdcd03b50a454d4a08978f6079f2a0c67b2904d090a7
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\analytics[1].js
text
MD5: d40531c5e99a6f84e42535859476fe35
SHA256: a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\font-e3cf6290[1].woff
woff
MD5: 1fce830e6112511a77108832e13172fd
SHA256: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
compressed
MD5: acaeda60c79c6bcac925eeb3653f45e0
SHA256: 6b0ceccf0103afd89844761417c1d23acc41f8aebf3b7230765209b61eee5658
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\font-862a2744[1].woff
woff
MD5: dad8b32d6402d45efbd9f2a8ee6f203a
SHA256: d1549d751143cd945fd14ec0d1a12ffa214315f4a7ead2a9ecba7d7f24a17790
3800
iexplore.exe
C:\Users\admin\AppData\Local\Temp\Low\Cab5E5B.tmp
compressed
MD5: acaeda60c79c6bcac925eeb3653f45e0
SHA256: 6b0ceccf0103afd89844761417c1d23acc41f8aebf3b7230765209b61eee5658
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\font-4d8aa978[1].woff
woff
MD5: bafb105baeb22d965c70fe52ba6b49d9
SHA256: 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\home[1].svg
image
MD5: c0d000dbf226539182c129b779ab2313
SHA256: a09cb932c7c03f8b30d179ac77f83d519a643fbf0c764b079fe524ba3db550de
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\page[1].js
text
MD5: 7380578ef9b3f8921025e4df838cbb64
SHA256: f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
3800
iexplore.exe
C:\Users\admin\AppData\Local\Temp\Low\Tar5E5C.tmp
cat
MD5: d99661d0893a52a0700b8ae68457351a
SHA256: bdd5111162a6fa25682e18fa74e37e676d49cafcb5b7207e98e5256d1ef0d003
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\happy[1].svg
image
MD5: b41f82f44e8ef13165e3b88219ddce35
SHA256: f6a7d99e228e56d27978dd94c581b5546202d7aaa83966f73c28b19c4e569a0d
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\js[1].js
text
MD5: f78a96b309724c913d8e91889aac82e8
SHA256: 67ed0567906c952ae204de21f5a410ca812e058b883c4eb056071ac8f2d39254
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_E5B132B41B26E2FD23A912C0CB5FBCBA
binary
MD5: 1029d71e3855c00eac60809615945ef6
SHA256: 95374d6c4563e2561ececea575237e8b216711d79ae49441d74d2e438fa26255
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_A01EFC9EF87B331821A80D893F4D7FE8
binary
MD5: 004c79ce1422bcd875a93c0584740008
SHA256: eaebbabb8f23ef3f072fb5166ddce27a7da82f68d03a7ac51bb628f78614ca99
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_E5B132B41B26E2FD23A912C0CB5FBCBA
der
MD5: c4815bbdddd37a45a6df78b6c330d07c
SHA256: 29e78bf056e19e529bd143d9c325ae9ff506c0b25b5b8c477171575d5d081186
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\jquery.min[1].js
text
MD5: dc5e7f18c8d36ac1d3d4753a87c98d0a
SHA256: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\freecourseweb[1].gif
image
MD5: 8393f679824c785cc38e405411074b4d
SHA256: 325a1cc6e3d346e6e3f499a599f5142cbfc3148a4ff8595bddee9940c6aea540
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\Buck-Up-And-Drive-Free-Download-1add24d2cd5d25fe5f55c996d2819039[1].jpg
image
MD5: b478c288c33ee666d6743ede8292f5ef
SHA256: 537b54a9ef0aadbfdeb1fa3728a7fd966202665f88be792ffaf2bbabb6106eb4
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\Beautiful-Mystic-Defenders-Free-Download-8e287ff6c78e5aa94a83376f53089ca1[1].jpg
image
MD5: 3b652950e9a6b89c2192e36e083ad76a
SHA256: 94a246de3bf5958cc052986f58046bae6aaf03547266b492afbc0e2222e1303c
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\Fears-to-Fathom-Norwood-Hitchhike-Free-Download-abfce0a6fd8ef6d95af9c49e068c16f8[1].jpg
image
MD5: f25f25ed0604860e276fb9a40ae1e86c
SHA256: 8d48d4746dbd388d514469b6f678b63121b16e6b1519574393952039c429ef27
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_A01EFC9EF87B331821A80D893F4D7FE8
der
MD5: 8568135856bb7a64dc01cd86ddfeedf3
SHA256: b6f9ebc6817249a914aca6c071d1e0051a1edb3c49dd2863b44520053d201472
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\crackshashlogo-1[1].jpg
image
MD5: ac326a2861aad04eadd11ee7807fc0a9
SHA256: 920717978baa8271302862ea11c5521ce02c9c6427f70d9ed6a36ffbbc58f5f9
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
der
MD5: 64e9b8bb98e2303717538ce259bec57d
SHA256: 76bd459ec8e467efc3e3fb94cb21b9c77a2aa73c9d4c0f3faf823677be756331
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\Alien-Marauder-Free-Download-e560dcb9f69822c26012ebb243e91d61[1].jpg
image
MD5: 2a392886ad02d87c10c64dafaa74d4af
SHA256: 56e35f6fead72512f0c8f3f48cb6e630a15de5e8a56d1394096be9f1653b8f54
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
binary
MD5: 7ea2ed2473069c9e62511bd6bf775ad6
SHA256: 0c40c0fec47edb9b7882b776178a68d9a9dfd316ffc578f38740c927b48f6653
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\link[1].svg
image
MD5: 3e3d7181ee7de38bdf4dd413e3946611
SHA256: d7defae29340294c1062947b099418a13d5091d9970d1858c3b064882f8e9fb1
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\1hacklogo[1].jpg
image
MD5: 8c3d24e42ef82fbec40cb5a7c932de8b
SHA256: 891ed0fd9928e54afd4829b5b822f1520e70422d0818a12a3ffff1b140452217
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\Fast-Food-Manager-Free-Download-bbc6b0e71374919a7ac159d0cbcc8b9e[1].jpg
image
MD5: 3b5388f64bd534fb915907dcdd2c2836
SHA256: 8e9e1fa229ad1b3df269a63f093c746ac3d1a19f9a4515c3ad85b9aa742056d2
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\moviesfdlogo[1].jpg
image
MD5: 508009c775c443c75d4547e5d23ec7bc
SHA256: 65cc58b3f14b4756d5554c7615caad81de25b9d6a8f3d88317a333d9dfdb2e63
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\prostylex[1].jpg
image
MD5: 6cba9fe9c96ac2553c4a4a96a289bc52
SHA256: cc92774bfd4a329935d0660cb1644c6b3eaa7cffb10cc1634b00d1fb14a3ad64
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\font-5629e504[1].woff
woff
MD5: 521d17bc9f3526c690e8ada6eee55bec
SHA256: 624b3c987e1731e2871567be1451a257be8ebcaa2abebaa45651d3d95fa99492
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\Candy-Disaster-Tower-Defense-Free-Download-375c4463e3aa6d89f1d7ed33cfd86d2b[1].jpg
image
MD5: fdd8958a14838b98e13d31602baabd3d
SHA256: 0a4c4facbc859d74453dd8555b4b2bf7d7ba4f71b0e26db2f614e8e22f9571ce
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\God-of-War-PC-Crack[1].jpg
image
MD5: cc626bd5d746e7cb04c356f5129e07af
SHA256: 1de4fbab52ff1434e37a6df7660b691adfbc2896584dbed3e49cd6ed0bb829ec
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
binary
MD5: 6dce069f685b18c2a4f4735ccd54d797
SHA256: 5aafe08d8e9c272e0e90ecff2153611b8c8ba48924f00e9d57d719f1ed22dc10
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\tgxlogo-compressor[1].jpg
image
MD5: 7ffefcf7dfb5d556c93799b9cbf64df9
SHA256: efeb55695d60e8257ce935050af47eb22273f8e9aa1cf0ad2b1495b1493b5dbc
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\GloDLSa[1].png
image
MD5: 6fcffea3a994569263d7895ed19e3a37
SHA256: 94e08f64e3f6a0baee59b933ef5858e06b1541849b2dda3413df6605ffc6870d
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\Into-the-Radius-VR-Free-Download-61ec58ff18e7bc100e7e1c0389260529[1].jpg
image
MD5: 8ce2a1ebd6a2f2cdcfba437bcacb498c
SHA256: 362803f1b236f588165de27658ba21bbe3ecb9da514cc7f937182a04d16ba93c
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\clock[1].svg
image
MD5: 259d0f1a2b7042877f7f31e7e7ffbc9c
SHA256: f73597af2ef246aa0e45e16ad21c89ee90b85025df1d6f1ea7cf460d9dbf7038
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
der
MD5: 2663bed1f902bed00647b84fabbf8dea
SHA256: 7a3c6a8be401f6de91999c00919ea0f3bdcf80d06eb0e8a15d801f8f9a465de9
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\Liftoff-FPV-Drone-Racing-Free-Download-da9eadc3a7d113e4c1a5be5365142d3e[1].jpg
image
MD5: 116757f612f75b5fd08c83883eccde7e
SHA256: 0bde956e09a1885d1ea1ed6fd689f3096660dd454f567b263ef669cd18dade6d
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\God-of-War-Free-Download-46c52d281d83c737368087a00371882d[1].jpg
image
MD5: 02f0e62ee84b63855a054557d07a376f
SHA256: 1c3b384bdf6cf47f94a855869bf8a09e27734c23a3f8d59b378cb9e3768d0162
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\wp-embed.min[1].js
text
MD5: 570ae0f3c201604926ea599d3d1f6c04
SHA256: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\tag[1].svg
image
MD5: 3bfd34b8bd231637f4444e640ae09218
SHA256: 4c803f4fce9d559a2dd22476d5054e7568d48a4ea762697fc09933a38042ef73
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\GearCity-Free-Download-d91ddd7eed427cfde6d5e2955b7b612a[1].jpg
image
MD5: ae1926ec6afe291f0e93e0e2afc83ca9
SHA256: 9c6a89987c5e7e9d8b749313a7c1c9a78acfa72bf715853a089c3ccfa9f81818
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\logo-1[1].png
image
MD5: 2a0e3b5067b0262ff4d8b05cf51efd53
SHA256: 949143c983bc5a7abfe2907f53a238e29d4b80ccb50fa843fa2ab1dd6009ede6
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\Supraland-Six-Inches-Under-Free-Download-adf34eb193311099ca27cda916b5919d[1].jpg
image
MD5: 890fd20e67ed71b64fa6df8c89d10137
SHA256: 5a0f7c67164ddfa3a179e6cd3e7461240dabf5fedf8c29edc885a6cbe0d18e0e
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YTOWV792\God-of-War-Free-Download[1].jpg
image
MD5: 67980791ee146a8968b1ccfa80ff94cc
SHA256: 58ebc2534ce2d71ec86b0010d86d2cf9019db09b23d11153e1ce861af14e512d
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\comment-reply.min[1].js
text
MD5: 9ef21a469fc37e845d6303fcfea70897
SHA256: 6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\user[1].svg
image
MD5: e4284b298a505cefcf161336a272063b
SHA256: f507d345bc6bb9120b23aeab6cc16cd60a0cada262f8a93a68e5caaf0359ce67
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\wp-emoji-release.min[1].js
text
MD5: fe0575b66568074463f12485d90f6d4c
SHA256: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\God-of-War-Torrent-Download[1].jpg
image
MD5: 328d7afd55f6a04e82ce5513577e8638
SHA256: f1bf82d69e7373a44b115246274708702de9195d92f25dd4e1800566baff4b03
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\It-follows-you-Free-Download-6834eb72d23935805aae65e7ad51b38f[1].jpg
image
MD5: 63dd31fa868ea78dceaa1861f2215aac
SHA256: 2a597434652609a6f725f357f055fb2b5947571be01cce8fcf42960d90f7bd75
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\uikit2-93c878ce[1].js
text
MD5: 4a054657a1fcd9102e2276cf2dbb892b
SHA256: 83798d6b3992dc05c7d9f583da5a88eb643bb518fca839615ec097b5520df452
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\sw[1].js
text
MD5: 426fdcd8de1a0ab482cf76fa123830ed
SHA256: 5915bb432c93521a2bab5ab70f740799a29236cf56ae1bf8d20ed928eabdd15d
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\uikit-icons-joline.min[1].js
text
MD5: c6dd2319a5b6f6cb8c2576ffc8a726cb
SHA256: 13ab26296f14104784b030881efc1e342b06cbb97ee8d6477d47cc5f6142fe84
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\theme[1].js
text
MD5: dbfba4233606bdc8ffd21b530903604f
SHA256: 324d3eb6a9e6ee6f6ee24fc1a7bf92817d59aa716cdb531eedf3ce5237b61497
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\uikit.min[1].js
text
MD5: 4105132c59a09c574f521e0ce2d2e92b
SHA256: 716dfd7df011064a72fe15f69cdf5ade3137461eb146143eb017c4a817395d99
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\addtoany.min[1].js
text
MD5: 5ef26b5e47e6951f43ecf2b1fc645222
SHA256: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\wk-scripts-67e9c66c[1].js
text
MD5: 3a658890d1ecef16288cbe6eee10359d
SHA256: 286fe04d4afe2a090e7760fc17e5ca72640b116a8af9de76c5fecce5cbcf206f
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\theme.1[1].css
text
MD5: fecd610405c9ca74f7dc4e42dc0890a1
SHA256: 72ae3e578b425130ef1bb382f6aea4afdc963b9a0a267449ff304e72f21fc21a
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\addtoany.min[1].css
text
MD5: 044bffd070f6c8f8cb1771dc79c6f412
SHA256: 5f64e90872b2bcdbfb1949f71d1cb5d78761f1cdba703d655f5581d4287eb59e
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\jquery-migrate.min[1].js
text
MD5: 7121994eec5320fbe6586463bf9651c2
SHA256: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\wk-styles-b1a0a3a8[1].css
text
MD5: 25ac2507cdde6565839494d467af835c
SHA256: 4ee8e0bdfb58c427f0b3e011e66a320e0454d25fdc75ee1a356eb8e76c68dd13
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\jquery[1].js
text
MD5: 233c7d5dea90dffee999afd6891aeb4d
SHA256: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
3800
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DY534W2X\god-of-war-free-download[1].htm
html
MD5: 80c08811d142ae5d36a05f31b628eadf
SHA256: 862246684c306fd312bc3fa35848005737596b19be24aebaeab4c4f206e7534d
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\82CB34DD3343FE727DF8890D352E0D8F
binary
MD5: dbb5b18b4a2c03a84edc73f79fa4ba79
SHA256: 0330288a96c8e7aa465d912f47271ace65570ae52e24a9b55164a6a9692c8bc3
2152
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_711ED44619924BA6DC33E69F97E7FF63
der
MD5: ac68acf50745357d4ea92b214d9e7132
SHA256: ae3f7fde380d2d90571a61378e52b1bc284b4c4c6a1e099f6f022395ebed6154
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\82CB34DD3343FE727DF8890D352E0D8F
der
MD5: 4ce3ebbc54bf47d856f19f1bdfd546bd
SHA256: 03887a592e96c10969759d00f7e8e58a8323de635fa9946b111ce1cf3abc6d76
2152
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_711ED44619924BA6DC33E69F97E7FF63
binary
MD5: fef157806051e6065eda2a2677a2a31a
SHA256: e271f379a565e849688f155e1ccda7e594bb49254b764c93c18e8cd485e30cbf
2152
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
image
MD5: da597791be3b6e732f0bc8b20e38ee62
SHA256: 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
2152
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PO2HN1X2\favicon[1].ico
image
MD5: da597791be3b6e732f0bc8b20e38ee62
SHA256: 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
compressed
MD5: f7dcb24540769805e5bb30d193944dce
SHA256: 6b88c6ac55bbd6fea0ebe5a760d1ad2cfce251c59d0151a1400701cb927e36ea
3800
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
binary
MD5: 3c953092f6eb035dafa5fdeffccb79e2
SHA256: bde39797b97314ced40161eacb40348ff7ce191d58cb686f3d4a2e2f23eb0b03
2152
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PO2HN1X2\favicon[2].ico
image
MD5: da597791be3b6e732f0bc8b20e38ee62
SHA256: 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
18
TCP/UDP connections
51
DNS requests
25
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
3800 iexplore.exe GET 200 2.16.106.186:80 http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?d68f4ae558fb6517 unknown
compressed
whitelisted
3800 iexplore.exe GET 200 2.16.106.186:80 http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?93a388791bae1293 unknown
compressed
whitelisted
2152 iexplore.exe GET 200 93.184.220.29:80 http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEA8Ull8gIGmZT9XHrHiJQeI%3D US
der
shared
3800 iexplore.exe GET 200 93.184.220.29:80 http://crl3.digicert.com/Omniroot2025.crl US
der
shared
3800 iexplore.exe GET 200 142.250.185.195:80 http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D US
der
shared
3800 iexplore.exe GET 200 142.250.185.195:80 http://ocsp.pki.goog/gtsr1/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBQwkcLWD4LqGJ7bE7B1XZsEbmfwUAQU5K8rJnEaK0gnhS9SZizv8IkTcT4CDQIDvFNZazTHGPUBUGY%3D US
der
shared
3800 iexplore.exe GET 200 142.250.185.195:80 http://ocsp.pki.goog/gts1c3/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBTHLnmK3f9hNLO67UdCuLvGwCQHYwQUinR%2Fr4XN7pXNPZzQ4kYU83E1HScCEQCAnDacZA1UWwoAAAABJ9nq US
der
shared
3800 iexplore.exe GET 200 2.16.106.186:80 http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?9759c5fa94af0013 unknown
compressed
whitelisted
3800 iexplore.exe GET 200 2.16.106.186:80 http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?dddd2e469bae7bbf unknown
compressed
whitelisted
3800 iexplore.exe GET 200 142.250.185.195:80 http://ocsp.pki.goog/gts1c3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTHLnmK3f9hNLO67UdCuLvGwCQHYwQUinR%2Fr4XN7pXNPZzQ4kYU83E1HScCEGmSmALa8169CgAAAAEn3NM%3D US
der
shared
3800 iexplore.exe GET 200 142.250.185.195:80 http://ocsp.pki.goog/gts1c3/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBTHLnmK3f9hNLO67UdCuLvGwCQHYwQUinR%2Fr4XN7pXNPZzQ4kYU83E1HScCEQD1gKWbifArxwoAAAABJ9nk US
der
shared
3800 iexplore.exe GET 200 23.45.105.185:80 http://x1.c.lencr.org/ NL
der
whitelisted
3800 iexplore.exe GET 200 18.66.92.70:80 http://o.ss2.us//MEowSDBGMEQwQjAJBgUrDgMCGgUABBSLwZ6EW5gdYc9UaSEaaLjjETNtkAQUv1%2B30c7dH4b0W1Ws3NcQwg6piOcCCQCnDkpMNIK3fw%3D%3D US
der
shared
3800 iexplore.exe GET 200 52.222.250.112:80 http://ocsp.rootg2.amazontrust.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBSIfaREXmfqfJR3TkMYnD7O5MhzEgQUnF8A36oB1zArOIiiuG1KnPIRkYMCEwZ%2FlEoqJ83z%2BsKuKwH5CO65xMY%3D US
der
whitelisted
3800 iexplore.exe GET 200 52.222.250.112:80 http://ocsp.rootca1.amazontrust.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBRPWaOUU8%2B5VZ5%2Fa9jFTaU9pkK3FAQUhBjMhTTsvAyUlC4IWZzHshBOCggCEwZ%2FlFeFh%2Bisd96yUzJbvJmLVg0%3D US
der
whitelisted
3800 iexplore.exe GET 200 2.16.186.8:80 http://r3.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRI2smg%2ByvTLU%2Fw3mjS9We3NfmzxAQUFC6zF7dYVsuuUAlA5h%2BvnYsUwsYCEgS8ZML%2BVCP42bMd6ACtBTsFYw%3D%3D unknown
der
shared
3800 iexplore.exe GET 200 2.16.186.8:80 http://r3.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRI2smg%2ByvTLU%2Fw3mjS9We3NfmzxAQUFC6zF7dYVsuuUAlA5h%2BvnYsUwsYCEgRMRekUrnNN1O7P5CqooxpBPA%3D%3D unknown
der
shared
2152 iexplore.exe GET 200 93.184.220.29:80 http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D US
der
shared

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
3800 iexplore.exe 2.16.106.186:80 Akamai International B.V. –– whitelisted
3800 iexplore.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
2152 iexplore.exe 204.79.197.200:443 Microsoft Corporation US whitelisted
2152 iexplore.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
–– –– 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
–– –– 142.250.185.200:443 Google Inc. US suspicious
3800 iexplore.exe 142.250.185.200:443 Google Inc. US suspicious
3800 iexplore.exe 142.250.185.74:443 Google Inc. US whitelisted
–– –– 142.250.185.74:443 Google Inc. US whitelisted
3800 iexplore.exe 18.66.137.127:443 Massachusetts Institute of Technology US unknown
–– –– 18.66.137.127:443 Massachusetts Institute of Technology US unknown
3800 iexplore.exe 45.79.81.62:443 Linode, LLC US unknown
3800 iexplore.exe 104.22.71.197:443 Cloudflare Inc US unknown
3800 iexplore.exe 142.250.186.174:443 Google Inc. US whitelisted
3800 iexplore.exe 142.250.185.195:80 Google Inc. US whitelisted
3800 iexplore.exe 104.21.94.194:443 Cloudflare Inc US unknown
–– –– 142.251.5.156:443 Google Inc. US unknown
–– –– 23.45.105.185:80 Akamai International B.V. NL unknown
3800 iexplore.exe 172.64.160.16:443 Cloudflare Inc US shared
3800 iexplore.exe 18.66.92.70:80 Massachusetts Institute of Technology US unknown
3800 iexplore.exe 52.222.250.112:80 Amazon.com, Inc. US whitelisted
–– –– 52.222.250.112:80 Amazon.com, Inc. US whitelisted
3800 iexplore.exe 2.16.186.8:80 Akamai International B.V. –– whitelisted
3800 iexplore.exe 44.195.137.121:443 University of California, San Diego US suspicious
2152 iexplore.exe 172.64.160.16:443 Cloudflare Inc US shared
–– –– 152.199.19.161:443 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3800 iexplore.exe 142.251.5.157:443 Google Inc. US unknown
2152 iexplore.exe 152.199.19.161:443 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted

DNS requests

Domain IP Reputation
igg-games.com 172.64.160.16
172.64.161.16
whitelisted
ctldl.windowsupdate.com 2.16.106.186
2.16.106.171
whitelisted
ocsp.digicert.com 93.184.220.29
shared
api.bing.com 13.107.5.80
whitelisted
www.bing.com 204.79.197.200
13.107.21.200
whitelisted
crl3.digicert.com 93.184.220.29
shared
www.googletagmanager.com 142.250.185.200
whitelisted
ajax.googleapis.com 142.250.185.74
shared
cdn.fastcomments.com 45.79.81.62
unknown
d1ks8roequxbwa.cloudfront.net 18.66.137.127
18.66.137.131
18.66.137.154
18.66.137.44
whitelisted
ocsp.pki.goog 142.250.185.195
shared
o.ss2.us 18.66.92.70
18.66.92.28
18.66.92.73
18.66.92.207
shared
static.addtoany.com 104.22.71.197
104.22.70.197
172.67.39.148
whitelisted
www.google-analytics.com 142.250.186.174
shared
st.bebi.com 104.21.94.194
172.67.168.161
malicious
stats.g.doubleclick.net 142.251.5.156
142.251.5.157
142.251.5.155
142.251.5.154
whitelisted
r3.o.lencr.org 2.16.186.8
2.16.186.11
shared
x1.c.lencr.org 23.45.105.185
whitelisted
ocsp.rootg2.amazontrust.com 52.222.250.112
52.222.250.42
52.222.250.185
52.222.250.174
whitelisted
ocsp.rootca1.amazontrust.com 52.222.250.112
52.222.250.185
52.222.250.42
52.222.250.174
whitelisted
hionedaugsbu.info 44.195.137.121
107.22.28.167
shared
r20swj13mr.microsoft.com 152.199.19.161
whitelisted
iecvlist.microsoft.com 152.199.19.161
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.