https://spankbang.com/s/japanese%20mother/
This report is generated from a file or URL submitted to this webservice on August 21st 2023 01:51:26 (UTC) and action script Default browser analysis
Guest System: Windows 10 64 bit, Professional, 10.0 (build 16299),
Report generated by
Falcon Sandbox v10.2.0 © Hybrid Analysis
Incident Response
Risk Assessment
- Network Behavior
- Contacts 45 domains and 54 hosts. View all details
MITRE ATT&CK™ Techniques Detection
Indicators
Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.
-
Suspicious Indicators 3
-
Anti-Detection/Stealthyness
-
Possibly checks for the presence of an Antivirus engine
- details
-
""superantispyware.recurly.com"," (Indicator: "superantispyware") in Source: wallet-checkout-eligible-sites.json
""totaldefense.com"," (Indicator: "totaldefense") in Source: wallet-checkout-eligible-sites.json - source
- File/Memory
- relevance
- 3/10
- ATT&CK ID
- T1518.001 (Show technique in the MITRE ATT&CK™ matrix)
-
Possibly checks for the presence of an Antivirus engine
-
External Systems
-
Detected Suricata Alert
- details
- Detected alert "ET DNS Query to a *.top domain - Likely Hostile" (SID: 2023883, Rev: 4, Severity: 2) categorized as "Potentially Bad Traffic"
- source
- Suricata Alerts
- relevance
- 10/10
-
Detected Suricata Alert
-
Network Related
-
Found potential IP address in binary/memory
- details
-
Potential IP "1.5.75.75" found in string "d="M10 2a8 8 0 110 16 8 8 0 010-16zm0 10.5a.75.75 0 100 1.5.75.75 0 000-1.5zM10 6a.5.5 0 00-.5.41v4.68a.5.5 0 001 0V6.41A.5.5 0 0010 6z""
Potential IP "192.168.1.3" found in string ""192.168.1.3","
Potential IP "192.168.1.1" found in string ""192.168.1.1"," - source
- File/Memory
- relevance
- 3/10
- ATT&CK ID
- T1071 (Show technique in the MITRE ATT&CK™ matrix)
-
Found potential IP address in binary/memory
-
Informative 12
-
External Systems
-
Detected Suricata Alert
- details
- Detected alert "ET INFO Microsoft Connection Test" (SID: 2031071, Rev: 4, Severity: 3) categorized as "Misc activity"
- source
- Suricata Alerts
- relevance
- 10/10
-
Sample was identified as clean by Antivirus engines
- details
- 0/78 Antivirus vendors marked sample as malicious (0% detection rate)
- source
- External System
- relevance
- 10/10
-
Detected Suricata Alert
-
General
-
Contacts server
- details
-
"104.19.136.100:443"
"138.91.254.96:443"
"104.18.200.68:443"
"104.17.25.14:443"
"104.16.57.101:443"
"104.18.218.46:443"
"104.18.7.225:443"
"89.187.187.20:443"
"23.62.46.17:443"
"89.187.187.9:443"
"66.254.114.171:443"
"104.18.101.40:443"
"213.174.157.105:443"
"74.117.182.34:443"
"172.64.175.26:443"
"104.18.51.106:443"
"172.64.106.29:443"
"209.197.3.25:443"
"208.99.84.23:443" - source
- Network Traffic
- relevance
- 1/10
- ATT&CK ID
- T1071 (Show technique in the MITRE ATT&CK™ matrix)
-
Creates mutants
- details
-
"SM0:7656:304:WilStaging_02"
"Local\SM0:7656:304:WilStaging_02"
"InternetShortcutMutex"
"SM0:7656:120:WilError_01"
"Local\SM0:7656:120:WilError_01" - source
- Created Mutant
- relevance
- 3/10
-
Found a reference to a known community page
- details
-
Found string ""baysidebuddy.com"," (Indicator: "ebuddy.com"; File: "wallet-pre-stable.json")
Found string ""comeherebuddy.com"," (Indicator: "ebuddy.com"; File: "wallet-pre-stable.json")
Found string ""www.facebook.com"," (Indicator: "facebook.com"; File: "wallet-pre-stable.json")
Found string ""linkedin.com"," (Indicator: "linkedin.com"; File: "wallet-pre-stable.json")
Found string ""paypal.com"," (Indicator: "paypal"; File: "wallet-checkout-eligible-sites.json")
Found string ""netflix.com"," (Indicator: "netflix.com"; File: "wallet-checkout-eligible-sites.json")
Found string ""ads.twitter.com"," (Indicator: "twitter"; File: "wallet-checkout-eligible-sites.json")
Found string ""ipnpb.paypal.com"," (Indicator: "paypal"; File: "wallet-checkout-eligible-sites.json")
Found string ""youtube.com"," (Indicator: "youtube"; File: "wallet-checkout-eligible-sites.json")
Found string ""developer.twitter.com"," (Indicator: "twitter"; File: "wallet-checkout-eligible-sites.json")
Found string ""securepayments.paypal.com"," (Indicator: "paypal"; File: "wallet-checkout-eligible-sites.json")
Found string ""payflowlink.paypal.com"," (Indicator: "paypal"; File: "wallet-checkout-eligible-sites.json")
Found string ""tubebuddy.com"," (Indicator: "ebuddy.com"; File: "wallet-checkout-eligible-sites.json")
Found string ""music.youtube.com"," (Indicator: "youtube"; File: "wallet-checkout-eligible-sites.json") - source
- File/Memory
- relevance
- 2/10
-
Queries DNS server
- details
-
"a.adtng.com"
"a.bestcontentfood.top"
"api.edgeoffer.microsoft.com"
"assets.sb-cd.com"
"b-hls-18.doppiocdn.org"
"b.bestcontentindustry.top"
"bam.nr-data.net"
"c.ptgncdn.com"
"cbjpeg.stream.highwebmedia.com"
"cdn3.bestcontentindustry.top"
"cdnjs.cloudflare.com"
"chaturbate.com"
"creative.xlviirdr.com"
"deliver.ptgncdn.com"
"desire2do3675.spankbang.com"
"edge-hls.doppiocdn.org"
"edge11-sea.live.mmcdn.com"
"fonts.googleapis.com"
"fonts.gstatic.com"
"go.xlviirdr.com"
"hls-uranus.sb-cd.com"
"ht-cdn2.adtng.com"
"hw-cdn2.adtng.com"
"img.strpst.com"
"js-agent.newrelic.com" - source
- Network Traffic
- relevance
- 1/10
- ATT&CK ID
- T1071.004 (Show technique in the MITRE ATT&CK™ matrix)
-
Contacts server
-
Installation/Persistence
-
Dropped files
- details
-
"edge_driver.js" has type "UTF-8 Unicode text with very long lines with no line terminators"- Location: [%TEMP%\4660_438256467\edge_driver.js]- [targetUID: 00000000-00006260]
"load_statistics.db-wal" has type "SQLite Write-Ahead Log version 3007000"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\load_statistics.db-wal]- [targetUID: 00000000-00004660]
"Ruleset Data" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\35\scoped_dir4660_1877046014\Ruleset Data]- [targetUID: 00000000-00004660]
"wallet.bundle.js" has type "UTF-8 Unicode text with very long lines with no line terminators"- [targetUID: N/A]
"wallet-stable.json" has type "ASCII text"- [targetUID: N/A]
"wallet-pre-stable.json" has type "ASCII text"- [targetUID: 00000000-00004660]
"recovery-component-inner.crx" has type "Google Chrome extension version 3"- Location: [%TEMP%\4660_1210463552\recovery-component-inner.crx]- [targetUID: 00000000-00005724]
"Filtering Rules" has type "data"- Location: [%TEMP%\4660_1281401267\Filtering Rules]- [targetUID: 00000000-00007880]
"f_0004f9" has type "MPEG transport stream data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f9]- [targetUID: 00000000-00001512]
"vendor.bundle.js" has type "ASCII text with very long lines"- [targetUID: N/A]
"wallet-drawer.bundle.js" has type "UTF-8 Unicode text with very long lines"- [targetUID: N/A]
"f_0004f8" has type "MPEG transport stream data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f8]- [targetUID: 00000000-00001512]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log]- [targetUID: 00000000-00006552]
"bnpl.bundle.js" has type "UTF-8 Unicode text with very long lines"- Location: [%TEMP%\4660_438256467\bnpl\bnpl.bundle.js]- [targetUID: 00000000-00006260]
"f_0004cf" has type "ISO Media MP4 Base Media v1 [IS0 14496-12:2003]"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004cf]- [targetUID: 00000000-00001512]
"wallet-checkout-eligible-sites.json" has type "ASCII text"- Location: [%TEMP%\4660_438256467\json\wallet\wallet-checkout-eligible-sites.json]- [targetUID: 00000000-00006260]
"f_0004f7" has type "MPEG transport stream data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f7]- [targetUID: 00000000-00001512]
"tokenized-card.bundle.js" has type "UTF-8 Unicode text with very long lines"- [targetUID: N/A]
"f_0004f5" has type "JSON data"- [targetUID: N/A]
"notification.bundle.js" has type "UTF-8 Unicode text with very long lines"- [targetUID: N/A]
"619cfaaa-d99a-4dc4-bc64-f57f2486b02a.tmp" has type "gzip compressed data from FAT filesystem (MS-DOS OS/2 NT) original size modulo 2^32 177865"- Location: [%TEMP%\619cfaaa-d99a-4dc4-bc64-f57f2486b02a.tmp]- [targetUID: 00000000-00007440]
"load_statistics.db" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\load_statistics.db]- [targetUID: 00000000-00004660]
"f_0004dc" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004dc]- [targetUID: 00000000-00001512]
"Filtering Rules-AA" has type "data"- Location: [%TEMP%\4660_1281401267\Filtering Rules-AA]- [targetUID: 00000000-00007880]
"f_0004e7" has type "data"- [targetUID: N/A]
"f_0004f2" has type "data"- [targetUID: N/A]
"f_0004de" has type "data"- [targetUID: N/A]
"notification_fast.bundle.js" has type "ASCII text with very long lines"- [targetUID: N/A]
"f_0004f4" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f4]- [targetUID: 00000000-00001512]
"f_0004eb" has type "data"- [targetUID: N/A]
"miniwallet.bundle.js" has type "ASCII text with very long lines"- Location: [%TEMP%\4660_438256467\Mini-Wallet\miniwallet.bundle.js]- [targetUID: 00000000-00006260]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\GrShaderCache\data_1]- [targetUID: 00000000-00001512]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\DawnCache\data_1]- [targetUID: 00000000-00001512]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1]- [targetUID: 00000000-00001512]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\ShaderCache\data_1]- [targetUID: 00000000-00001512]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\GPUCache\data_1]- [targetUID: 00000000-00001512]
"index" has type "FoxPro FPT blocks size 768 next free block index 3284796353 field type 0 dBase III DBT version number 0 next free block index 3238251203"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index]- [targetUID: 00000000-00004660]
"f_0004f3" has type "MPEG transport stream data"- [targetUID: N/A]
"f_0004da" has type "data"- [targetUID: N/A]
"e901afe9-6e61-4e78-ac92-df2bcfdef0d6.tmp" has type "gzip compressed data from FAT filesystem (MS-DOS OS/2 NT) original size modulo 2^32 12332"- Location: [%TEMP%\e901afe9-6e61-4e78-ac92-df2bcfdef0d6.tmp]- [targetUID: 00000000-00000396]
"edge_autofill_field_data.json" has type "JSON data"- Location: [%TEMP%\4660_391702275\edge_autofill_field_data.json]- [targetUID: 00000000-00006992]
"f_0004f6" has type "MPEG transport stream data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f6]- [targetUID: 00000000-00001512]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1]- [targetUID: 00000000-00001512]
"f_0004d0" has type "RIFF (little-endian) data Web/P image"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d0]- [targetUID: 00000000-00001512]
"History" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\History]- [targetUID: 00000000-00007656]
"data_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0]- [targetUID: 00000000-00001512]
"wallet-checkout-eligible-sites-pre-stable.json" has type "ASCII text"- Location: [%TEMP%\4660_438256467\json\wallet\wallet-checkout-eligible-sites-pre-stable.json]- [targetUID: 00000000-00004660]
"Session_13337081694522778" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Sessions\Session_13337081694522778]- [targetUID: 00000000-00004660]
"Web Data" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Web Data]- [targetUID: 00000000-00004660]
"f_0004c5" has type "data"- [targetUID: N/A]
"Visited Links" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Visited Links]- [targetUID: 00000000-00004660]
"safety_tips.pb" has type "data"- Location: [%TEMP%\4660_142541280\safety_tips.pb]- [targetUID: 00000000-00006128]
"f_0004f0" has type "MPEG transport stream data"- [targetUID: N/A]
"Tabs_13337081694933854" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Sessions\Tabs_13337081694933854]- [targetUID: 00000000-00004660]
"980483c9-a6c1-4df3-834b-c0a4ff149f65.tmp" has type "JSON data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Ad Blocking\980483c9-a6c1-4df3-834b-c0a4ff149f65.tmp]- [targetUID: 00000000-00004660]
"f_0004df" has type "data"- [targetUID: N/A]
"3eed23f7-66d8-4352-8574-a8d93046c121.tmp" has type "JSON data"- [targetUID: N/A]
"f_0004cc" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004cc]- [targetUID: 00000000-00001512]
"f_0004d8" has type "data"- [targetUID: N/A]
"Diagnostic Data-wal" has type "SQLite Write-Ahead Log version 3007000"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Diagnostic Data-wal]- [targetUID: 00000000-00004660]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\ru\strings.json]- [targetUID: 00000000-00006260]
"ff50eca4b427d00b_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\ff50eca4b427d00b_0]- [targetUID: 00000000-00004660]
"8d0a6f8c-8b0d-4094-8330-157f1ff10469.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\8d0a6f8c-8b0d-4094-8330-157f1ff10469.tmp]- [targetUID: 00000000-00004660]
"7e607e6e-f2a6-4264-976c-07b1eeb40ef3.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\7e607e6e-f2a6-4264-976c-07b1eeb40ef3.tmp]- [targetUID: 00000000-00004660]
"ac9784d8-2b10-41d2-b75f-15dbc6756e25.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\ac9784d8-2b10-41d2-b75f-15dbc6756e25.tmp]- [targetUID: 00000000-00004660]
"72ca78c7-0398-4080-989f-fb9b8c7d644e.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\72ca78c7-0398-4080-989f-fb9b8c7d644e.tmp]- [targetUID: 00000000-00004660]
"2d198ca3-e1c0-47af-ae83-87dd059602c6.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\2d198ca3-e1c0-47af-ae83-87dd059602c6.tmp]- [targetUID: 00000000-00004660]
"d987d133-2086-43b2-a33e-8539f6f40fde.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\d987d133-2086-43b2-a33e-8539f6f40fde.tmp]- [targetUID: 00000000-00004660]
"5b5adf12-4caf-4f2d-82c6-0d69413acd89.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\5b5adf12-4caf-4f2d-82c6-0d69413acd89.tmp]- [targetUID: 00000000-00004660]
"958fe18e-97ae-43ab-9502-ab5d78c405a5.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\958fe18e-97ae-43ab-9502-ab5d78c405a5.tmp]- [targetUID: 00000000-00004660]
"6acbbc4e-f5b0-441e-b2e3-f2c53ca17e1a.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\6acbbc4e-f5b0-441e-b2e3-f2c53ca17e1a.tmp]- [targetUID: 00000000-00004660]
"9139bb30-2fc3-4da0-8398-f0a8b60ea99f.tmp" has type "ASCII text with very long lines with no line terminators"- [targetUID: N/A]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\ar\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\ja\strings.json]- [targetUID: 00000000-00006260]
"History-journal" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\History-journal]- [targetUID: 00000000-00004660]
"f_0004e4" has type "MPEG ADTS layer III v1 128 kbps 44.1 kHz Monaural"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e4]- [targetUID: 00000000-00001512]
"f_0004e5" has type "MPEG ADTS layer III v1 128 kbps 44.1 kHz Monaural"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e5]- [targetUID: 00000000-00001512]
"Network Action Predictor" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network Action Predictor]- [targetUID: 00000000-00004660]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\fr-CA\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\fr\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\de\strings.json]- [targetUID: 00000000-00006260]
"f_0004d9" has type "data"- [targetUID: N/A]
"fa744c8f-4dc9-43e1-9099-2606cb0fd5b2.tmp" has type "gzip compressed data from FAT filesystem (MS-DOS OS/2 NT) original size modulo 2^32 13568"- Location: [%TEMP%\fa744c8f-4dc9-43e1-9099-2606cb0fd5b2.tmp]- [targetUID: 00000000-00008128]
"000004.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000004.log]- [targetUID: 00000000-00006552]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\pt-PT\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\es\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\it\strings.json]- [targetUID: 00000000-00006260]
"f_0004d4" has type "data"- [targetUID: N/A]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\pt-BR\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\nl\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\sv\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\id\strings.json]- [targetUID: 00000000-00006260]
"f_0004ef" has type "GIF image data version 89a 70 x 80"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ef]- [targetUID: 00000000-00001512]
"QuotaManager" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager]- [targetUID: 00000000-00004660]
"HubApps Icons" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\HubApps Icons]- [targetUID: 00000000-00004660]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\en-GB\strings.json]- [targetUID: 00000000-00006260]
"f_0004d3" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d3]- [targetUID: 00000000-00001512]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\zh-Hant\strings.json]- [targetUID: 00000000-00006260]
"Cookies" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\Cookies]- [targetUID: 00000000-00001512]
"f_0004c7" has type "data"- [targetUID: N/A]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-hub\zh-Hans\strings.json]- [targetUID: 00000000-00006260]
"f_0004dd" has type "data"- [targetUID: N/A]
"f_0004e0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e0]- [targetUID: 00000000-00001512]
"Favicons" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Favicons]- [targetUID: 00000000-00004660]
"f_0004d5" has type "data"- [targetUID: N/A]
"checkoutdata.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\wallet\wallet-checkout\checkoutdata.json]- [targetUID: 00000000-00006260]
"f_0004d2" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d2]- [targetUID: 00000000-00001512]
"f_0004f1" has type "Web Open Font Format (Version 2) TrueType length 37924 version 1.0"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004f1]- [targetUID: 00000000-00001512]
"f_0004d7" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d7]- [targetUID: 00000000-00001512]
"f_0004c6" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004c6]- [targetUID: 00000000-00001512]
"f_0004d6" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004d6]- [targetUID: 00000000-00001512]
"f_0004db" has type "data"- [targetUID: N/A]
"f_0004e2" has type "MPEG ADTS layer III v1 128 kbps 44.1 kHz Monaural"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e2]- [targetUID: 00000000-00001512]
"f_0004e1" has type "data"- [targetUID: N/A]
"Favicons-journal" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Favicons-journal]- [targetUID: 00000000-00004660]
"Vpn Tokens" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Vpn Tokens]- [targetUID: 00000000-00004660]
"9f0083c844a77834_0" has type "data"- [targetUID: N/A]
"shopping_iframe_driver.js" has type "ASCII text with very long lines with no line terminators"- [targetUID: N/A]
"f_0004d1" has type "data"- [targetUID: N/A]
"d78ad72e-dfe8-427d-b208-6814c61e8c8c.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\d78ad72e-dfe8-427d-b208-6814c61e8c8c.tmp]- [targetUID: 00000000-00004660]
"f_0004c4" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004c4]- [targetUID: 00000000-00001512]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log]- [targetUID: 00000000-00006552]
"f_0004ce" has type "data"- [targetUID: N/A]
"f_0004e3" has type "Audio file with ID3 version 2.3.0 contains:MPEG ADTS layer III v1 128 kbps 44.1 kHz Monaural"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004e3]- [targetUID: 00000000-00001512]
"f_0004e8" has type "data"- [targetUID: N/A]
"LICENSE" has type "ASCII text with CRLF line terminators"- Location: [%TEMP%\4660_1281401267\LICENSE]- [targetUID: 00000000-00007880]
"wallet-tokenization-config.json" has type "ASCII text"- [targetUID: N/A]
"edd5e9ed-5601-4c79-a21f-466be19b42b3.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\edd5e9ed-5601-4c79-a21f-466be19b42b3.tmp]- [targetUID: 00000000-00004660]
"ef1785a3-c9e0-4e23-b95d-ac57a05904d4.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\ef1785a3-c9e0-4e23-b95d-ac57a05904d4.tmp]- [targetUID: 00000000-00004660]
"be4d39af-9e34-4c1a-96f9-f4d3e7dad48f.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\be4d39af-9e34-4c1a-96f9-f4d3e7dad48f.tmp]- [targetUID: 00000000-00004660]
"119d66f1-80eb-49a2-8a63-dcb41a03d214.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\119d66f1-80eb-49a2-8a63-dcb41a03d214.tmp]- [targetUID: 00000000-00004660]
"39906100-4166-4540-ab2e-0ff6d1eca8aa.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\39906100-4166-4540-ab2e-0ff6d1eca8aa.tmp]- [targetUID: 00000000-00004660]
"f_0004ed" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ed]- [targetUID: 00000000-00001512]
"e82fa083-7be7-418e-9102-1b5b949dc6e0.tmp" has type "ASCII text with very long lines with no line terminators"- [targetUID: N/A]
"crl-set" has type "data"- Location: [%TEMP%\4660_1140849887\crl-set]- [targetUID: 00000000-00007496]
"67ff1782-ca36-45e7-ba42-cbfa3a91abba.tmp" has type "ASCII text with very long lines with no line terminators"- [targetUID: N/A]
"f_0004cb" has type "gzip compressed data max compression original size modulo 2^32 52916"- [targetUID: N/A]
"super_coupon.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\wallet\super_coupon.json]- [targetUID: 00000000-00004660]
"Shortcuts" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Shortcuts]- [targetUID: 00000000-00004660]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\ru\strings.json]- [targetUID: 00000000-00006260]
"f_0004c3" has type "data"- [targetUID: N/A]
"f_0004e6" has type "MPEG ADTS layer III v1 128 kbps 44.1 kHz Monaural"- [targetUID: N/A]
"f_0004ee" has type "gzip compressed data from Unix original size modulo 2^32 61199"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ee]- [targetUID: 00000000-00001512]
"f_0004ea" has type "JPEG image data JFIF standard 1.02 aspect ratio density 1280x1281 segment length 16 comment: "Lavc58.134.100" baseline precision 8 854x480 components 3"- [targetUID: N/A]
"f_0004e9" has type "JPEG image data JFIF standard 1.02 aspect ratio density 1280x1281 segment length 16 comment: "Lavc58.134.100" baseline precision 8 854x480 components 3"- [targetUID: N/A]
"arbitration_service_config.json" has type "ASCII text with very long lines with CRLF line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\arbitration_service_config.json]- [targetUID: 00000000-00004660]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\ar\strings.json]- [targetUID: 00000000-00006260]
"f_0004c9" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004c9]- [targetUID: 00000000-00001512]
"f_0004cd" has type "ASCII text with very long lines with no line terminators"- [targetUID: N/A]
"f_0004c8" has type "RIFF (little-endian) data Web/P image"- [targetUID: N/A]
"heavy_ad_intervention_opt_out.db" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db]- [targetUID: 00000000-00004660]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\ja\strings.json]- [targetUID: 00000000-00006260]
"load-ec-i18n.bundle.js" has type "ASCII text with very long lines with no line terminators"- Location: [%TEMP%\4660_438256467\Wallet-Checkout\load-ec-i18n.bundle.js]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\fr-CA\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\fr\strings.json]- [targetUID: 00000000-00006260]
"driver-signature.txt" has type "ASCII text with very long lines with no line terminators"- Location: [%TEMP%\4660_438256467\driver-signature.txt]- [targetUID: 00000000-00006260]
"WebAssistDatabase" has type "SQLite 3.x database last written using SQLite version 3039003"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\WebAssistDatabase]- [targetUID: 00000000-00004660]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\de\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\pt-PT\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\es\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\it\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\pt-BR\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\nl\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\id\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\sv\strings.json]- [targetUID: 00000000-00006260]
"temp-index" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index]- [targetUID: 00000000-00004660]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\zh-Hant\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\en-GB\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-ec\zh-Hans\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- [targetUID: 00000000-00006260]
"cc447452-b30e-463a-a13a-05fdb2099d66.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\cc447452-b30e-463a-a13a-05fdb2099d66.tmp]- [targetUID: 00000000-00001512]
"bnpl_driver.js" has type "ASCII text with very long lines with no line terminators"- Location: [%TEMP%\4660_438256467\bnpl_driver.js]- [targetUID: 00000000-00006260]
"c0618159-3be5-4a9c-a8d2-d48685f62209.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\c0618159-3be5-4a9c-a8d2-d48685f62209.tmp]- [targetUID: 00000000-00001512]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-shared-components\ja\strings.json]- [targetUID: 00000000-00006260]
"data_2" has type "dBase III DBT version number 0 next free block index 3238316739"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2]- [targetUID: 00000000-00004660]
"data_3" has type "dBase III DBT version number 0 next free block index 3238316739"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3]- [targetUID: 00000000-00004660]
"data_0" has type "FoxPro FPT blocks size 512 next free block index 3284796609 field type 0 dBase III DBT version number 0 next free block index 3238316739"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0]- [targetUID: 00000000-00001512]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-notification-shared\ru\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-shared-components\zh-Hans\strings.json]- [targetUID: 00000000-00006260]
"000004.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Session Storage\000004.log]- [targetUID: 00000000-00006552]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-notification-shared\ar\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-notification-shared\ja\strings.json]- [targetUID: 00000000-00006260]
"mini-wallet.html" has type "HTML document ASCII text with very long lines"- [targetUID: N/A]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-notification-shared\de\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-notification-shared\en-GB\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-notification-shared\zh-Hans\strings.json]- [targetUID: 00000000-00006260]
"notification_fast.html" has type "HTML document ASCII text with very long lines"- Location: [%TEMP%\4660_438256467\Notification\notification_fast.html]- [targetUID: 00000000-00006260]
"notification.html" has type "HTML document ASCII text with very long lines"- Location: [%TEMP%\4660_438256467\Notification\notification.html]- [targetUID: 00000000-00004660]
"1f08622e-1fa6-4ec3-824e-91b0e01ef0bc.tmp" has type "gzip compressed data from FAT filesystem (MS-DOS OS/2 NT) original size modulo 2^32 16885"- Location: [%TEMP%\1f08622e-1fa6-4ec3-824e-91b0e01ef0bc.tmp]- [targetUID: 00000000-00008004]
"5cd0f8d0-72e9-45ff-9458-2e7ca7b209c2.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\5cd0f8d0-72e9-45ff-9458-2e7ca7b209c2.tmp]- [targetUID: 00000000-00001512]
"a4a506da-4302-4b72-a9aa-9393589509d1.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\a4a506da-4302-4b72-a9aa-9393589509d1.tmp]- [targetUID: 00000000-00001512]
"ff677307-783b-49a6-86ae-e091d898a5ca.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\ff677307-783b-49a6-86ae-e091d898a5ca.tmp]- [targetUID: 00000000-00001512]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\ru\strings.json]- [targetUID: 00000000-00006260]
"da6691a1-99ec-4974-b0cc-9e2a1c10e8a4.tmp" has type "ASCII text with very long lines with no line terminators"- [targetUID: N/A]
"9a18b67d-1495-4f90-8198-e12856616f55.tmp" has type "ASCII text with very long lines with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Network\9a18b67d-1495-4f90-8198-e12856616f55.tmp]- [targetUID: 00000000-00001512]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\ar\strings.json]- [targetUID: 00000000-00006260]
"deny_full_domains.list" has type "data"- Location: [%TEMP%\4660_1949884933\deny_full_domains.list]- [targetUID: 00000000-00004660]
"edge_autofill_global_block_list.json" has type "JSON data"- Location: [%TEMP%\4660_391702275\edge_autofill_global_block_list.json]- [targetUID: 00000000-00006992]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\ja\strings.json]- [targetUID: 00000000-00006260]
"typosquatting_list.pb" has type "data"- Location: [%TEMP%\4660_142541280\typosquatting_list.pb]- [targetUID: 00000000-00006128]
"47e9b7b5-0742-466a-9c33-97b869ef078c.tmp" has type "gzip compressed data from FAT filesystem (MS-DOS OS/2 NT) original size modulo 2^32 12260"- Location: [%TEMP%\47e9b7b5-0742-466a-9c33-97b869ef078c.tmp]- [targetUID: 00000000-00006848]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\fr\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\de\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\pt-PT\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\nl\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\id\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\it\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\es\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\pt-BR\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\sv\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\en-GB\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\zh-Hans\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\zh-Hant\strings.json]- [targetUID: 00000000-00006260]
"f6a4f247dbf4d697c26b375e3580d6053baf25f5.tbres" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\TokenBroker\Cache\f6a4f247dbf4d697c26b375e3580d6053baf25f5.tbres]- [targetUID: 00000000-00004660]
"adblock_snippet.js" has type "ASCII text with very long lines with no line terminators"- Location: [%TEMP%\4660_1281401267\adblock_snippet.js]- [targetUID: 00000000-00007880]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-tokenized-card\es\strings.json]- [targetUID: 00000000-00006260]
"runtime.bundle.js" has type "ASCII text with very long lines with no line terminators"- [targetUID: N/A]
"wallet-crypto.html" has type "HTML document ASCII text with very long lines"- Location: [%TEMP%\4660_438256467\wallet-crypto.html]- [targetUID: 00000000-00004660]
"wallet.html" has type "HTML document ASCII text with very long lines"- [targetUID: N/A]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-tokenized-card\zh-Hant\strings.json]- [targetUID: 00000000-00006260]
"wallet-drawer.html" has type "HTML document ASCII text with very long lines"- [targetUID: N/A]
"vendor.bundle.js.LICENSE.txt" has type "ASCII text"- [targetUID: N/A]
"wallet-drawer.bundle.js.LICENSE.txt" has type "ASCII text"- [targetUID: N/A]
"verified_contents.json" has type "JSON data"- Location: [%TEMP%\4660_142541280\_metadata\verified_contents.json]- [targetUID: 00000000-00006128]
"bnpl.bundle.js.LICENSE.txt" has type "ASCII text"- Location: [%TEMP%\4660_438256467\bnpl\bnpl.bundle.js.LICENSE.txt]- [targetUID: 00000000-00006260]
"tokenized-card.html" has type "HTML document ASCII text with very long lines"- Location: [%TEMP%\4660_438256467\Tokenized-Card\tokenized-card.html]- [targetUID: 00000000-00006260]
"bnpl.html" has type "HTML document ASCII text with very long lines"- Location: [%TEMP%\4660_438256467\bnpl\bnpl.html]- [targetUID: 00000000-00006260]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log]- [targetUID: 00000000-00006552]
"load-hub-i18n.bundle.js" has type "ASCII text with very long lines with no line terminators"- [targetUID: N/A]
"tokenized-card.bundle.js.LICENSE.txt" has type "ASCII text"- Location: [%TEMP%\4660_438256467\Tokenized-Card\tokenized-card.bundle.js.LICENSE.txt]- [targetUID: 00000000-00004660]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log]- [targetUID: 00000000-00006552]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Extension State\000003.log]- [targetUID: 00000000-00006552]
"hub-signature.txt" has type "ASCII text with very long lines with no line terminators"- Location: [%TEMP%\4660_438256467\hub-signature.txt]- [targetUID: 00000000-00006260]
"wallet-notification-config.json" has type "ASCII text"- [targetUID: N/A]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG]- [targetUID: 00000000-00006552]
"deny_etld1_domains.list" has type "data"- Location: [%TEMP%\4660_1949884933\deny_etld1_domains.list]- [targetUID: 00000000-00004660]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG]- [targetUID: 00000000-00006552]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Platform Notifications\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG]- [targetUID: 00000000-00006552]
"77EC63BDA74BD0D0E0426DC8F8008506" has type "data"- Location: [%LOCALAPPDATA%\ow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506]- [targetUID: 00000000-00004660]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Extension Scripts\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Extension State\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Session Storage\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\shared_proto_db\LOG]- [targetUID: 00000000-00006552]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG]- [targetUID: 00000000-00006552]
"notification_fast.bundle.js.LICENSE.txt" has type "ASCII text"- [targetUID: N/A]
"LOG" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\File System\Origins\LOG]- [targetUID: 00000000-00006552]
"settings.dat" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Crashpad\settings.dat]- [targetUID: 00000000-00005600]
"81662ada2251fa7c_0" has type "data"- [targetUID: N/A]
"e80cf1cf0d8cd1e5_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\e80cf1cf0d8cd1e5_0]- [targetUID: 00000000-00004660]
"91a0e917ad0abd1d_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\91a0e917ad0abd1d_0]- [targetUID: 00000000-00004660]
"4672785f5b017f07_0" has type "data"- [targetUID: N/A]
"58fa1b3e5c7e4630_0" has type "data"- [targetUID: N/A]
"35468fcd151c96df_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\35468fcd151c96df_0]- [targetUID: 00000000-00004660]
"8b081ea79d2e4b6a_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\8b081ea79d2e4b6a_0]- [targetUID: 00000000-00004660]
"29733ac8896deccc_0" has type "data"- [targetUID: N/A]
"4f0ba461d3a254a3_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\4f0ba461d3a254a3_0]- [targetUID: 00000000-00004660]
"9d8d468a6da17618_0" has type "data"- [targetUID: N/A]
"c1eb9298af6cad0e_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\c1eb9298af6cad0e_0]- [targetUID: 00000000-00004660]
"ce109ec3368f324c_0" has type "data"- [targetUID: N/A]
"a3918791611a29e4_0" has type "data"- [targetUID: N/A]
"7f3b4434b10b106a_0" has type "data"- [targetUID: N/A]
"bd4f545b6128b495_0" has type "data"- [targetUID: N/A]
"9f9e38cff455e504_0" has type "data"- [targetUID: N/A]
"3d93b918591c8cd0_0" has type "data"- [targetUID: N/A]
"8c689325d360af82_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\8c689325d360af82_0]- [targetUID: 00000000-00004660]
"ae678fc5f684eaa4_0" has type "data"- [targetUID: N/A]
"dc3e71bef044c721_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\dc3e71bef044c721_0]- [targetUID: 00000000-00004660]
"a4c008432b227523_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\a4c008432b227523_0]- [targetUID: 00000000-00004660]
"ff5f14a0b15d690d_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\ff5f14a0b15d690d_0]- [targetUID: 00000000-00004660]
"4887119be0ef0ba1_0" has type "data"- [targetUID: N/A]
"41a74cb0b39b7ed6_0" has type "data"- [targetUID: N/A]
"b6ca4a0b779b491d_0" has type "data"- [targetUID: N/A]
"f4ad00abcfb5f520_0" has type "data"- [targetUID: N/A]
"57f33eadb94bbc0d_0" has type "data"- [targetUID: N/A]
"a65e8ac1c37a1e61_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\a65e8ac1c37a1e61_0]- [targetUID: 00000000-00004660]
"11041887b6de949b_0" has type "data"- [targetUID: N/A]
"72949656bd434558_0" has type "data"- [targetUID: N/A]
"12473002c482e146_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\12473002c482e146_0]- [targetUID: 00000000-00004660]
"b8956917b2a37f2e_0" has type "data"- [targetUID: N/A]
"26635f3284de4728_0" has type "data"- [targetUID: N/A]
"bcf1fec46ce0de50_0" has type "data"- [targetUID: N/A]
"c10ee2453bc5f714_0" has type "data"- [targetUID: N/A]
"fbfa452dda6426e6_0" has type "data"- [targetUID: N/A]
"0b317ec7dad584a6_0" has type "data"- [targetUID: N/A]
"d9e73961eb77466f_0" has type "data"- [targetUID: N/A]
"2d79308b2162bc08_0" has type "data"- [targetUID: N/A]
"2dbfec56d75718f9_0" has type "data"- [targetUID: N/A]
"59aedb2d918ff1ee_0" has type "data"- [targetUID: N/A]
"2a6a087ab2b03f4a_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\2a6a087ab2b03f4a_0]- [targetUID: 00000000-00004660]
"945dd6c970ccb041_0" has type "data"- [targetUID: N/A]
"2341b670bba449c9_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\2341b670bba449c9_0]- [targetUID: 00000000-00004660]
"459283cbd7be647b_0" has type "data"- [targetUID: N/A]
"e1868486655e9668_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\e1868486655e9668_0]- [targetUID: 00000000-00004660]
"dad91cb57420d733_0" has type "data"- [targetUID: N/A]
"84dc3aef7ee484b4_0" has type "data"- [targetUID: N/A]
"29394e63847ab028_0" has type "data"- [targetUID: N/A]
"d4a93d099cf27101_0" has type "data"- [targetUID: N/A]
"2a789b778739bbd1_0" has type "data"- [targetUID: N/A]
"6e7ffd4fef8cf5ef_0" has type "data"- [targetUID: N/A]
"d3cc71bfed89f8d2_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\d3cc71bfed89f8d2_0]- [targetUID: 00000000-00004660]
"7221218eda7c7999_0" has type "data"- [targetUID: N/A]
"d61f5ce137d943c6_0" has type "data"- [targetUID: N/A]
"33ccd9b381238735_0" has type "data"- [targetUID: N/A]
"3d9263b0da298a6b_0" has type "data"- [targetUID: N/A]
"42f94c35a0fc8f1a_0" has type "data"- [targetUID: N/A]
"c0675d1cbc6fd376_0" has type "data"- [targetUID: N/A]
"bffd2bb9b4bd3e60_0" has type "data"- [targetUID: N/A]
"23ea4334ba590c37_0" has type "data"- [targetUID: N/A]
"3a1710a2ebfa9500_0" has type "data"- [targetUID: N/A]
"9bc2ca6a0706b5da_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\9bc2ca6a0706b5da_0]- [targetUID: 00000000-00004660]
"regex_patterns.json" has type "JSON data"- Location: [%TEMP%\4660_391702275\regex_patterns.json]- [targetUID: 00000000-00006992]
"b18240c1a855d9aa_0" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Code Cache\js\b18240c1a855d9aa_0]- [targetUID: 00000000-00004660]
"manifest.json" has type "JSON data"- Location: [%TEMP%\4660_1949884933\manifest.json]- [targetUID: 00000000-00007496]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\File System\Origins\000003.log]- [targetUID: 00000000-00006552]
"manifest.json" has type "UTF-8 Unicode (with BOM) text with CRLF line terminators"- Location: [%TEMP%\4660_1210463552\manifest.json]- [targetUID: 00000000-00007496]
"manifest.json" has type "UTF-8 Unicode (with BOM) text with CRLF line terminators"- [targetUID: 00000000-00007496]
"crypto.bundle.js" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_438256467\crypto.bundle.js]- [targetUID: 00000000-00006260]
"Last Browser" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Last Browser]- [targetUID: 00000000-00004660]
"manifest.json" has type "UTF-8 Unicode (with BOM) text with CRLF line terminators"- Location: [%TEMP%\4660_391702275\manifest.json]- [targetUID: 00000000-00007496]
"manifest.json" has type "JSON data"- Location: [%TEMP%\4660_1281401267\manifest.json]- [targetUID: 00000000-00007496]
"manifest.json" has type "JSON data"- Location: [%TEMP%\4660_1140849887\manifest.json]- [targetUID: 00000000-00007496]
"README.md" has type "ASCII text"- [targetUID: N/A]
"Variations" has type "JSON data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Variations]- [targetUID: 00000000-00004660]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log]- [targetUID: 00000000-00006552]
"manifest.json" has type "JSON data"- Location: [%TEMP%\4660_142541280\manifest.json]- [targetUID: 00000000-00007496]
"manifest.fingerprint" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_1210463552\manifest.fingerprint]- [targetUID: 00000000-00004660]
"manifest.fingerprint" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_1140849887\manifest.fingerprint]- [targetUID: 00000000-00004660]
"manifest.fingerprint" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_391702275\manifest.fingerprint]- [targetUID: 00000000-00004660]
"manifest.fingerprint" has type "ASCII text with no line terminators"- [targetUID: 00000000-00004660]
"manifest.fingerprint" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_438256467\manifest.fingerprint]- [targetUID: 00000000-00004660]
"manifest.fingerprint" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_1281401267\manifest.fingerprint]- [targetUID: 00000000-00004660]
".ses" has type "ASCII text with CRLF line terminators"- Location: [%TEMP%\.ses]- [targetUID: 00000000-00004660]
"MANIFEST-000001" has type "PGP Secret Key -"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\File System\Origins\MANIFEST-000001]- [targetUID: 00000000-00004660]
"app-setup.js" has type "ASCII text with no line terminators"- [targetUID: 00000000-00006260]
"000003.log" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log]- [targetUID: 00000000-00006552]
"000001.dbtmp" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\File System\Origins\000001.dbtmp]- [targetUID: 00000000-00004660]
"Last Version" has type "ASCII text with no line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Last Version]- [targetUID: 00000000-00004660]
"strings.json" has type "ASCII text with no line terminators"- [targetUID: 00000000-00006260]
"5998c6c7-ee49-45f5-a062-4c3206acbd10.tmp" has type "very short file (no magic)"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\5998c6c7-ee49-45f5-a062-4c3206acbd10.tmp]- [targetUID: 00000000-00004660]
"data_1" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1]- [targetUID: 00000000-00001512]
"LICENSE" has type "ASCII text with CRLF line terminators"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\35\scoped_dir4660_1877046014\LICENSE]- [targetUID: 00000000-00007880]
"f_0004ec" has type "gzip compressed data from Unix original size modulo 2^32 61199"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ec]- [targetUID: 00000000-00001512]
"f_0004ca" has type "data"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0004ca]- [targetUID: 00000000-00001512]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-mobile-hub\fr-CA\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "JSON data"- Location: [%TEMP%\4660_438256467\json\i18n-tokenized-card\fr-CA\strings.json]- [targetUID: 00000000-00006260]
"notification.bundle.js.LICENSE.txt" has type "ASCII text"- [targetUID: N/A]
"miniwallet.bundle.js.LICENSE.txt" has type "ASCII text"- Location: [%TEMP%\4660_438256467\Mini-Wallet\miniwallet.bundle.js.LICENSE.txt]- [targetUID: 00000000-00004660]
"MANIFEST-000001" has type "PGP Secret Key -"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001]- [targetUID: 00000000-00004660]
"app-setup.js" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_438256467\app-setup.js]- [targetUID: 00000000-00006260]
"000001.dbtmp" has type "ASCII text"- Location: [%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp]- [targetUID: 00000000-00004660]
"strings.json" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_438256467\json\i18n-notification\zh-Hant\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_438256467\json\i18n-notification\ar\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_438256467\json\i18n-notification\en-GB\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_438256467\json\i18n-notification\de\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_438256467\json\i18n-notification\nl\strings.json]- [targetUID: 00000000-00006260]
"strings.json" has type "ASCII text with no line terminators"- Location: [%TEMP%\4660_438256467\json\i18n-notification\es\strings.json]- [targetUID: 00000000-00006260] - source
- Binary File
- relevance
- 3/10
- ATT&CK ID
- T1105 (Show technique in the MITRE ATT&CK™ matrix)
-
Drops a license file
- details
-
"vendor.bundle.js.LICENSE.txt" has type "ASCII text"- [targetUID: N/A]
"wallet-drawer.bundle.js.LICENSE.txt" has type "ASCII text"- [targetUID: N/A]
"bnpl.bundle.js.LICENSE.txt" has type "ASCII text"- Location: [%TEMP%\4660_438256467\bnpl\bnpl.bundle.js.LICENSE.txt]- [targetUID: 00000000-00006260]
"tokenized-card.bundle.js.LICENSE.txt" has type "ASCII text"- Location: [%TEMP%\4660_438256467\Tokenized-Card\tokenized-card.bundle.js.LICENSE.txt]- [targetUID: 00000000-00004660]
"notification_fast.bundle.js.LICENSE.txt" has type "ASCII text"- [targetUID: N/A]
"notification.bundle.js.LICENSE.txt" has type "ASCII text"- [targetUID: N/A]
"miniwallet.bundle.js.LICENSE.txt" has type "ASCII text"- Location: [%TEMP%\4660_438256467\Mini-Wallet\miniwallet.bundle.js.LICENSE.txt]- [targetUID: 00000000-00004660] - source
- Binary File
- relevance
- 1/10
- ATT&CK ID
- T1083 (Show technique in the MITRE ATT&CK™ matrix)
-
Dropped files
-
Network Related
-
Contacts random domain names
- details
-
"cdnjs.cloudflare.com" seems to be random
"hls-uranus.sb-cd.com" seems to be random
"report-uri.mmcdn.com" seems to be random
"s3.cherry.tv" seems to be random
"video.ktkjmp.com" seems to be random - source
- Network Traffic
- relevance
- 5/10
- ATT&CK ID
- T1071.001 (Show technique in the MITRE ATT&CK™ matrix)
-
Found mail related domain names
- details
-
Observed email domain:""colourpop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""aepop.net"," [Source: wallet-pre-stable.json]
Observed email domain:""artpop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""avenuepop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""bassettbmx.com"," [Source: wallet-pre-stable.json]
Observed email domain:""canvasmx.com"," [Source: wallet-pre-stable.json]
Observed email domain:""drinkolipop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""fashionfunpop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""fastandloosebmx.com"," [Source: wallet-pre-stable.json]
Observed email domain:""flitebmx.com"," [Source: wallet-pre-stable.json]
Observed email domain:""fofopop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""gellipop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""gforcemx.com"," [Source: wallet-pre-stable.json]
Observed email domain:""happipop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""hauzofpop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""hiccapop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""hijabipop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""jellypop.la"," [Source: wallet-pre-stable.json]
Observed email domain:""kinkbmx.com"," [Source: wallet-pre-stable.json]
Observed email domain:""kloudkpop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""knitpop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""kpop.exchange"," [Source: wallet-pre-stable.json]
Observed email domain:""laperlamx.com"," [Source: wallet-pre-stable.json]
Observed email domain:""lovepop.com"," [Source: wallet-pre-stable.json]
Observed email domain:""lullipop.com"," [Source: wallet-pre-stable.json] - source
- File/Memory
- relevance
- 1/10
- ATT&CK ID
- T1071.003 (Show technique in the MITRE ATT&CK™ matrix)
-
Found potential URL in binary/memory
- details
-
Pattern match: "https://spankbang.com/s/japanese%20mother/"
Pattern match: "https://spankbang.com"
Pattern match: "https://spankbang.com/s/japanese%20mother"
Pattern match: "r.Zc/J0c]3x7L}==awd`AD"
Pattern match: "UE.QRd/9\lo?0H1^"
Pattern match: "learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170Latest"
Pattern match: "https://spankbang.com/s/japanese%20mother/https://spankbang.comhttps://spankbang.com/s/japanese%20mother/https://spankbang.com/s/japanese%20mother/https://spankbang.comhttps://spankbang.comhttps://deliver.ptgncdn.comhttps://spankbang.comhttps://deliver.ptg"
Pattern match: "search.yahoo.com/favicon.icohttps://search.yahoo.com/search{google:pathWildcard}?ei={inputEncoding}&fr=crmas_sfp&p={searchTerms}UTF-8https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}485bf7d3-0215-45af-87dc-53886800000"
Pattern match: "https://ntp.msn.com/edge/ntp?locale=en&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531edge://settings/profileskeygjgieestate_{edge://settingsedge://settings/edge://settings/?search=smartkeygr10nmstate_{edge://settingsedge://settings/?search=smartedge"
Pattern match: "ref.cherry.tv/scripts/sdk/everflow.jsthis"
Pattern match: "https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redisthttps://www.bing.com/ck/a?!&&p=dda47b155ec1706bJmltdHM9MTY3ODQwNjQwMCZpZ3VpZD0xYmQzZjhjNS1lMTdlLTZ"
Pattern match: "kL.kD/tlZL?/jDurz[ry:=VE08*#+^^MJv"
Pattern match: "https://ntp.www.office.com&_https://ntp.msn.comCookieSyncExpiry'_https://ntp.msn.comDefaultFeedPolicy_https://ntp.msn.comGpuExist/_https://ntp.msn.comNOTIFICATION_CACHE_LS_KEY_https://ntp.msn.combkgdV+_https://ntp.msn.combreakingNewsDismissed"
Pattern match: "http://www.w3.org/1999/02/22-rdf-syntax-ns#"
Pattern match: "tsyndicate.com/defaulthttps://spankbang.com/defaulthttps://www.office.com/defaulthttps://ntp.msn.com/defaulttsyndicate.comspankbang.comwww.office.comntp.msn.comQ"
Pattern match: "edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_search_light.png/1.3.4/asset9ce3c9c2-462f-4cc9-bbd7-57d656445be0https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_etree_light.png/1.1.9/asset8682d0fa-50b3-4ece-aa5b-e0b33f9919e2h"
Pattern match: "www.clarity.msCLIDv10"
Pattern match: "https://learn.microsoft.com/favicon.ico$Mhttps://www.bing.com/favicon.icohttps://spankbang.com/static/desktop/Images/icons/v3/favicon.ico@https://assets.msn.com/statics/icons/favicon_newtabpage.pnghttps://www.bing.com/search?q=vs+crt+redist&cvid=b24c929981"
Pattern match: "https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redisthttps://www.bing.com/ck/a?!&&p=dda47b155ec1706bJmltdHM9MTY3ODQwNjQwMCZpZ3VpZD0xYmQzZjhjNS1lMTdlLTZkNzctMWUxYi1lYWE2ZTU3ZTYzMzUmaW5zaWQ9NTE4Ng&ptn=3&hsh=3&fclid=1bd3f8c5-e17e-6d77-1e1b-"
Pattern match: "https://*excel.officeapps.live.com/*,https://*onenote.officeapps.live.com/*,https://*powerpoint.officeapps.live.com/*,https://*word-edit.officeapps.live.com/*,https://*excel.partner.officewebapps.cn/*,https://*onenote.partner.officewebapps.cn/*,"
Pattern match: "github.com/notepad-plus-plus/notepad-plus-plus/releases/download/v8.4.7/npp.8.4.7.portable.x64.7zhttps://objects.githubusercontent.com/github-production-release-asset-2e65be/33014811/42d9bc38-89f0-48d8-94ec-d1f3649d2fc3?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-A"
Pattern match: "https://github.com/easylist"
Pattern match: "https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE53r3l?ver=5412,PORTRAIT:https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE53bta?ver=2bf3,update_period:86400},creativeId:128000000003595"
Pattern match: "https://www.coupert.com"
Heuristic match: "SQLite format 3Wtableenabled_previews_v1enabled_previews_v1CREATE TABLE enabled_previews_v1 (type INTEGER NOT NULL, version INTEGER NOT NULL, PRIMARY KEY(type))ktablepreviews_v1previews_v1CREATE TABLE previews_v1 (host_name VARCHAR NOT NULL, time INTEGER N"
Pattern match: "spankbang.com/s/japanese%20mother/Japanese"
Pattern match: "https://www.clarity.ms,supports_spdy:true},{anonymization:[],server:https://microsoftedgewelcome.microsoft.com,supports_spdy:true},{anonymization:[],server:https://edgefrecdn.azureedge.net,supports_spdy:true},{anonymization:[],server"
Pattern match: "http://www.w3.org/2000/svg,svg"
Pattern match: "https://googleads.g.doubleclick.net/next-map-idQnamespace-3bbc91a6_51d0_4200_9fa7_2e3ec0fddf25-https://tpc.googlesyndication.com/34U"
Pattern match: "autofill.account.microsoft.com/,type"
Pattern match: "1123movies.la/123moviess.la/3dmmgame.com/4playstation.com/aashingtonpost.com/adultdfriendfinder.com/aircananda.com/aks.ms/alaskaaair.com/alibabaa.com/alibbaba.com/alrecipes.com/ameritraade.com/answwers.com/arketwatch.com/ashshleyfurniture.com/ationalgeogra"
Pattern match: "jedwatson.github.io/classnames"
Pattern match: "https://github.com/focus-trap/tabbable/blob/master/LICENSE"
Pattern match: "https://github.com/jsstyles/css-vendor"
Pattern match: "assets.db/MANIFEST-0000012023/08/21-01:55:01.418"
Pattern match: "static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854"
Pattern match: "lps.iluvestreaming.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js"
Pattern match: "ref.cherry.tv/scripts/sdk/everflow.js"
Pattern match: "assets.sb-cd.com/static/desktop/gen/universal.master.6.1.packed.player.v3.a7211eba.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/theatermode-react-7e01666220516bbe4f6c.js"
Pattern match: "assets.sb-cd.com/static/desktop/gen/universal.master.6.1.packed.lozad.7de1c9ae.js"
Pattern match: "lps.iluvestreaming.com/_next/static/chunks/pages/models-4117e6704ae07f33.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/chatembed-prod-618fb5699431fe4cc223.js"
Pattern match: "lps.iluvestreaming.com/_next/static/N6w5XJENhnEXAGScc4rDO/_buildManifest.js"
Pattern match: "assets.sb-cd.com/static/desktop/gen/universal.master.6.1.packed.sync.44b4ae0d.js"
Pattern match: "chaturbate.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js"
Pattern match: "assets.sb-cd.com/static/desktop/gen/universal.master.6.1.main.packed.22cd249b.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/runtime-react-400f99641068374534e4.js"
Pattern match: "spankbang.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/runtime-prod-22cfbb8c72d95d4777ae.js"
Pattern match: "lps.iluvestreaming.com/_next/static/chunks/pages/_app-bba785f9ee3595c3.js"
Pattern match: "lps.iluvestreaming.com/_next/static/chunks/framework-79bce4a3a540b080.js"
Pattern match: "lps.iluvestreaming.com/_next/static/chunks/29107295-4a69275373f23f88.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/428-react-7da8cfffb197512b615f.js"
Pattern match: "lps.iluvestreaming.com/_next/static/chunks/webpack-e492080c1460dac8.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/681-react-c811f535a33e39eb1f3e.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/619-prod-8433445512200e6e8097.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/788-prod-769049592fd7f9fd42b5.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/746-prod-065967daec25dd7cba49.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/854-prod-402ae7ded9845ae9c021.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/635-prod-709b467edea14d63ce1c.js"
Pattern match: "static-assets.highwebmedia.com/cachebust/61-react-af1a43b1f9d9251beb62.js"
Pattern match: "js-agent.newrelic.com/page_view_timing-aggregate.7b2a53ee-1.237.1.min.js"
Pattern match: "js-agent.newrelic.com/page_view_event-aggregate.4988d952-1.237.1.min.js"
Pattern match: "lps.iluvestreaming.com/_next/static/chunks/main-a7fd6ff2f06d41d6.js"
Pattern match: "lps.iluvestreaming.com/_next/static/chunks/7816-f2af6d83308d777e.js"
Pattern match: "static-assets.highwebmedia.com/jsi18n/en/djangojs.js?hash=38df9dee7d2c"
Pattern match: "js-agent.newrelic.com/session_trace-aggregate.ac30a1f3-1.237.1.min.js"
Pattern match: "creative.xlviirdr.com/widgets/Spot/vendors~hls.ac6c6376a4f6d2484d91.js"
Pattern match: "js-agent.newrelic.com/page_action-aggregate.467f8594-1.237.1.min.js"
Pattern match: "hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js"
Pattern match: "static-assets.highwebmedia.com/vendor/fingerprintjs-pro-cb.min.js"
Pattern match: "js-agent.newrelic.com/lazy-feature-loader.c1052c27-1.237.1.min.js"
Pattern match: "js-agent.newrelic.com/jserrors-aggregate.319b8300-1.237.1.min.js"
Pattern match: "js-agent.newrelic.com/metrics-aggregate.b86cefcf-1.237.1.min.js"
Pattern match: "static-assets.highwebmedia.com/CACHE/js/output.e1067846ea15.js"
Pattern match: "static-assets.highwebmedia.com/CACHE/js/output.9b823bb2f723.js"
Pattern match: "static-assets.highwebmedia.com/CACHE/js/output.a6262276739d.js"
Pattern match: "static-assets.highwebmedia.com/CACHE/js/output.14a236a94bf9.js"
Pattern match: "static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js"
Pattern match: "static-assets.highwebmedia.com/CACHE/js/output.21e4d7885076.js"
Pattern match: "static-assets.highwebmedia.com/CACHE/js/output.caee332d326d.js"
Pattern match: "js-agent.newrelic.com/session-manager.d080e4cc-1.237.1.min.js"
Pattern match: "js-agent.newrelic.com/ajax-aggregate.d95c640e-1.237.1.min.js"
Pattern match: "js-agent.newrelic.com/spa-aggregate.550eec7b-1.237.1.min.js"
Pattern match: "cdnjs.cloudflare.com/ajax/libs/video.js/7.18.1/video.min.js"
Pattern match: "cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js"
Pattern match: "js-agent.newrelic.com/async-api.e9f77430-1.237.1.min.js"
Pattern match: "www.googletagmanager.com/gtag/js?id=G-2LDH4M9FT8"
Pattern match: "ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js"
Pattern match: "js-agent.newrelic.com/860.95a91211-1.237.1.min.js"
Pattern match: "js-agent.newrelic.com/646.9e7a6b8d-1.237.1.min.js"
Pattern match: "spankbang.com/javascript/translation/51az/en.js"
Pattern match: "creative.xlviirdr.com/widgets/Spot/lib.js"
Pattern match: "a.bestcontentfood.top/warp/4786039?r=36466"
Pattern match: "www.google-analytics.com/analytics.js"
Pattern match: "lcdn.tsyndicate.com/sdk/v1/b.b.js"
Pattern match: "deliver.ptgncdn.com/5a47a834.js"
Heuristic match: "a.adtng.com"
Heuristic match: "a.bestcontentfood.top"
Heuristic match: "assets.sb-cd.com"
Heuristic match: "b-hls-18.doppiocdn.org"
Heuristic match: "b.bestcontentindustry.top"
Heuristic match: "bam.nr-data.net"
Heuristic match: "c.ptgncdn.com"
Heuristic match: "cbjpeg.stream.highwebmedia.com"
Heuristic match: "cdn3.bestcontentindustry.top"
Heuristic match: "cdnjs.cloudflare.com"
Heuristic match: "chaturbate.com"
Heuristic match: "creative.xlviirdr.com"
Heuristic match: "deliver.ptgncdn.com"
Heuristic match: "desire2do3675.spankbang.com"
Heuristic match: "edge-hls.doppiocdn.org"
Heuristic match: "edge11-sea.live.mmcdn.com"
Heuristic match: "fonts.googleapis.com"
Heuristic match: "fonts.gstatic.com"
Heuristic match: "go.xlviirdr.com"
Heuristic match: "hls-uranus.sb-cd.com"
Heuristic match: "ht-cdn2.adtng.com"
Heuristic match: "hw-cdn2.adtng.com"
Heuristic match: "img.strpst.com"
Heuristic match: "js-agent.newrelic.com"
Heuristic match: "lcdn.tsyndicate.com"
Heuristic match: "lps.iluvestreaming.com"
Heuristic match: "pxl.tsyndicate.com"
Heuristic match: "realtime.pa.highwebmedia.com"
Heuristic match: "ref.cherry.tv"
Heuristic match: "report-uri.mmcdn.com"
Heuristic match: "s3.cherry.tv"
Heuristic match: "spankbang.com"
Heuristic match: "static-assets.highwebmedia.com"
Heuristic match: "static-pub.highwebmedia.com"
Heuristic match: "static.cloudflareinsights.com"
Heuristic match: "static.spankbang.com"
Heuristic match: "stats.postgen.com"
Heuristic match: "tb.sb-cd.com"
Heuristic match: "tbi.sb-cd.com"
Heuristic match: "tsyndicate.com"
Heuristic match: "video.ktkjmp.com"
Pattern match: "www.bing.com"
Heuristic match: "xlivesex.com"
Pattern match: "https://reactjs.org/docs/error-decoder.html?invariant=+e,o=1;o"
Pattern match: "http://www.w3.org/2000/svg"
Pattern match: "http://www.w3.org/2000/svg};class"
Pattern match: "www.klarna.com"
Pattern match: "www.google.com"
Pattern match: "www.gstatic.com"
Pattern match: "www.transunion.com"
Pattern match: "www.googletagmanager.com"
Pattern match: "www.facebook.com"
Pattern match: "www.googleadservices.com"
Pattern match: "www.gap.com"
Pattern match: "www.gapfactory.com"
Pattern match: "www2.hm.com"
Pattern match: "www.gapcanada.ca"
Pattern match: "www2.factoryoutletstore.com"
Pattern match: "www2.invoicecloud.com"
Pattern match: "www1.ussailing.org"
Pattern match: "www2.doggysuperfoods.com"
Pattern match: "www1.agenciatributaria.gob.es"
Pattern match: "www9.agenciatributaria.gob.es"
Pattern match: "www.vaxvacationaccess.com"
Pattern match: "www2.promap.co.uk"
Pattern match: "www2.correios.com.br"
Pattern match: "www2.stanlycountync.gov"
Pattern match: "www2.registerblast.com"
Pattern match: "www5.maine.gov"
Pattern match: "www2.haircarerefined.com"
Pattern match: "www2.tonyprotein.com"
Pattern match: "www2.vinesse.com"
Pattern match: "www5.ibackup.com"
Pattern match: "www3.thedatabank.com"
Pattern match: "www2.helminc.com"
Pattern match: "www2.unifyhealthlabs.com"
Pattern match: "www3.benefitsolver.com"
Pattern match: "www1.nobexpartners.com"
Pattern match: "www6.agenciatributaria.gob.es"
Pattern match: "www2.kintsugihair.com"
Pattern match: "www2.lectinblocker.com"
Pattern match: "www1.hhrd.org"
Pattern match: "www6.lifeatworkportal.com"
Pattern match: "www3.mutualofomaha.com"
Pattern match: "www3.masterwriter.com"
Pattern match: "www1.carey.com"
Pattern match: "www2.gundrymdtotalrestore.com"
Pattern match: "www2.ymtvacations.com"
Pattern match: "www2.invisicrepe.com"
Pattern match: "www2.americanprofessional.com"
Pattern match: "www2.ambrose.edu"
Pattern match: "www1.netfirms.com"
Pattern match: "www2.agenciatributaria.gob.es"
Pattern match: "www1.12cloudpayroll.com"
Pattern match: "www2.bwproducers.com"
Pattern match: "www2.bhdpanama.com"
Pattern match: "www2.fl-dcf.org"
Pattern match: "www3.sylectus.com"
Pattern match: "www1.iaproducers.com"
Pattern match: "www1.mydomain.com"
Pattern match: "www1.payroo.com"
Pattern match: "www40.polyu.edu.hk"
Pattern match: "www2.csebo.it"
Pattern match: "www3.subcontrataley.cl"
Pattern match: "www4.texashealth.org"
Pattern match: "www2.drmartypets.com"
Pattern match: "https://reactjs.org/docs/error-decoder.html?invariant=+e,i=1;i"
Pattern match: "https://aka.ms/EdgeSaveCardFAQ,gs.UseVirtualCardLearnMore=https://aka.ms/EdgeVirtualCardFAQ,gs.WalletSettings=edge://wallet/settings,gs.microsoftRewardsDashboardURL=https://rewards.microsoft.com/,gs.microsoftRewardsRedeemURL=https://rewards.microso" - source
- File/Memory
- relevance
- 3/10
- ATT&CK ID
- T1071 (Show technique in the MITRE ATT&CK™ matrix)
-
Contacts random domain names
-
Unusual Characteristics
-
Detected known bank URL artifact
- details
-
""4amscrubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com")
""6whiskey.com"," (Source: wallet-pre-stable.json, Indicator: "key.com")
""99centsubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com")
""allieandmickey.com"," (Source: wallet-pre-stable.json, Indicator: "key.com")
""alteregoscrubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com")
""annabelbleu.com"," (Source: wallet-pre-stable.json, Indicator: "leu.com")
""aspirefashionscrubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com")
""augustbleu.com"," (Source: wallet-pre-stable.json, Indicator: "leu.com")
""bananasmonkey.com"," (Source: wallet-pre-stable.json, Indicator: "key.com")
""baseballmonkey.com"," (Source: wallet-pre-stable.json, Indicator: "key.com")
""beautiiskey.com"," (Source: wallet-pre-stable.json, Indicator: "key.com")
""beautyandwhiskey.com"," (Source: wallet-pre-stable.json, Indicator: "key.com")
""bellagracehealthscrubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com")
""belleandbubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com")
""beyondblessedscrubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com")
""blingbykey.com"," (Source: wallet-pre-stable.json, Indicator: "key.com")
""boosted-luckey.com"," (Source: wallet-pre-stable.json, Indicator: "key.com")
""bowlingmonkey.com"," (Source: wallet-pre-stable.json, Indicator: "key.com")
""burgeonbleu.com"," (Source: wallet-pre-stable.json, Indicator: "leu.com")
""busybeescrubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com")
""cabbagekey.com"," (Source: wallet-pre-stable.json, Indicator: "key.com")
""coatsandscrubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com")
""codenxtscrubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com")
""cognitiontsscrubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com")
""concreterosescrubs.com"," (Source: wallet-pre-stable.json, Indicator: "ubs.com") - source
- File/Memory
- relevance
- 2/10
-
Detected known bank URL artifact
Session Details
No relevant data available.
Screenshots
Loading content, please wait...
Hybrid Analysis
Tip: Click an analysed process below to view more details.
Analysed 37 processes in total.
-
rundll32.exe
"%WINDIR%\system32\ieframe.dll",OpenURL C:\sample.url
(PID: 7656)
-
msedge.exe
--single-argument https://spankbang.com/s/japanese%20mother/
(PID: 4660)
- msedge.exe --type=crashpad-handler "--user-data-dir=%LOCALAPPDATA%\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=%LOCALAPPDATA%\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=107.0.5304.110 "--annotation=exe=%PROGRAMFILES%\(x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=107.0.1418.56 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0x74,0x7ff9341ab208,0x7ff9341ab218,0x7ff9341ab228 (PID: 5600)
- msedge.exe --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:2 (PID: 6868)
- msedge.exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1948 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:3 (PID: 1512)
- msedge.exe --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1776 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 6552)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1155129719 --mojo-platform-channel-handle=3164 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 7224)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1155427631 --mojo-platform-channel-handle=3188 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 7440)
- msedge.exe --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3520 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 5516)
- msedge.exe --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=3616 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 2124)
- msedge.exe --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1156263367 --mojo-platform-channel-handle=3684 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 7064)
- msedge.exe --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1156538416 --mojo-platform-channel-handle=3708 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 5124)
- msedge.exe --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1156832261 --mojo-platform-channel-handle=3628 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 5252)
- msedge.exe --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1157130414 --mojo-platform-channel-handle=3840 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 6128)
- msedge.exe --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1157406924 --mojo-platform-channel-handle=3696 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 6848)
- msedge.exe --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5696 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 7368)
- msedge.exe --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6592 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 8184)
- msedge.exe --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6904 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 8120)
- msedge.exe --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6724 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 6684)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1159807897 --mojo-platform-channel-handle=7028 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 8024)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1160515914 --mojo-platform-channel-handle=7396 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 8004)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1160830092 --mojo-platform-channel-handle=7384 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 8128)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1161110583 --mojo-platform-channel-handle=7388 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 2376)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1161399637 --mojo-platform-channel-handle=7496 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 396)
- msedge.exe --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=7988 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 508)
- msedge.exe --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --time-ticks-at-unix-epoch=-1692606937782111 --launch-time-ticks=1163156260 --mojo-platform-channel-handle=8436 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:1 (PID: 6508)
- msedge.exe --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5116 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 3852)
- msedge.exe --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6656 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 7496)
- msedge.exe --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6336 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 6992)
- msedge.exe --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6580 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 7880)
- msedge.exe --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6924 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 5724)
- msedge.exe --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.16299.192 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6420 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:2 (PID: 7432)
- msedge.exe --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6100 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 6260)
- msedge.exe --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8292 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 4400)
- msedge.exe --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6428 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 7896)
- msedge.exe --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8344 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 6500)
- msedge.exe --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2424 --field-trial-handle=2080,i,16734805180343351272,18377156473789725962,131072 /prefetch:8 (PID: 5012)
-
msedge.exe
--single-argument https://spankbang.com/s/japanese%20mother/
(PID: 4660)
Network Analysis
DNS Requests
Domain | Address | Registrar | Country |
---|---|---|---|
a.adtng.com
OSINT |
66.254.114.171
TTL: 12244 |
Amazon Registrar, Inc.
Organization: Whois Privacy Service Name Server: NS-1343.AWSDNS-39.ORG Creation Date: 2018-07-20T16:37:50 |
United States |
a.bestcontentfood.top
OSINT |
172.64.175.26
TTL: 300 |
Key-Systems GmbH
Organization: REDACTED FOR PRIVACY Name Server: fred.ns.cloudflare.com Creation Date: 2016-04-25T03:02:40 |
United States |
api.edgeoffer.microsoft.com
OSINT |
138.91.254.96
TTL: 1927 |
MarkMonitor, Inc.
Organization: Microsoft Corporation Name Server: NS1.MSFT.NET Creation Date: 1991-05-02T00:00:00 |
United States |
assets.sb-cd.com
OSINT |
104.18.218.46
TTL: 300 |
NAMECHEAP INC
Organization: WhoisGuard, Inc. Name Server: JONAH.NS.CLOUDFLARE.COM Creation Date: 2019-08-29T19:00:36 |
United States |
b-hls-18.doppiocdn.org
OSINT |
8.252.180.249
TTL: 189 |
NAMECHEAP INC
Organization: Privacy service provided by Withheld for Privacy ehf Name Server: amy.ns.cloudflare.com Creation Date: 2022-08-16T08:26:43 |
United States |
b.bestcontentindustry.top
OSINT |
172.64.106.29
TTL: 300 |
Key-Systems GmbH
Organization: REDACTED FOR PRIVACY Name Server: fred.ns.cloudflare.com Creation Date: 2016-04-25T03:02:53 |
United States |
bam.nr-data.net
OSINT |
162.247.243.29
TTL: 3287 |
Rebel.com
Organization: New Relic Name Server: DNS1.P07.NSONE.NET Creation Date: 2014-04-11T00:00:00 |
United States |
c.ptgncdn.com
OSINT |
89.187.187.20
TTL: 300 |
NAMECHEAP INC
Organization: WhoisGuard, Inc. Name Server: JONAH.NS.CLOUDFLARE.COM Creation Date: 2019-10-31T16:44:36 |
Czech Republic |
cbjpeg.stream.highwebmedia.com
OSINT |
131.153.81.176
TTL: 60 |
DYNADOT LLC
Name Server: CNS1.HIGHWEBMEDIA.COM Creation Date: 2004-12-03T00:00:00 |
United States |
cdn3.bestcontentindustry.top |
172.64.106.29
TTL: 300 |
- | United States |
cdnjs.cloudflare.com |
104.17.25.14
TTL: 300 |
- | United States |
chaturbate.com |
104.18.101.40
TTL: 300 |
- | United States |
creative.xlviirdr.com |
104.18.59.150
TTL: 300 |
- | United States |
deliver.ptgncdn.com |
104.18.7.225
TTL: 300 |
- | United States |
desire2do3675.spankbang.com |
104.19.136.100
TTL: 300 |
- | United States |
edge-hls.doppiocdn.org |
8.252.72.121
TTL: 146 |
- | United States |
edge11-sea.live.mmcdn.com |
131.153.84.40
TTL: 300 |
- | United States |
fonts.googleapis.com |
142.250.189.170
TTL: 300 |
- | United States |
fonts.gstatic.com |
142.251.46.227
TTL: 86 |
- | United States |
go.xlviirdr.com |
104.18.59.150
TTL: 300 |
- | United States |
hls-uranus.sb-cd.com |
104.18.218.46
TTL: 300 |
- | United States |
ht-cdn2.adtng.com |
208.99.84.23
TTL: 21561 |
- | United States |
hw-cdn2.adtng.com |
209.197.3.25
TTL: 3247 |
- | United States |
img.strpst.com |
104.18.63.124
TTL: 300 |
- | United States |
js-agent.newrelic.com |
151.101.2.137
TTL: 20309 |
- | United States |
lcdn.tsyndicate.com |
8.252.188.249
TTL: 20 |
- | United States |
lps.iluvestreaming.com |
172.64.128.20
TTL: 300 |
- | United States |
models-api.cherry-tv-marketing.workers.dev |
104.21.61.219
TTL: 300 |
- | United States |
pxl.tsyndicate.com |
213.174.157.105
TTL: 21600 |
- | Netherlands |
realtime.pa.highwebmedia.com |
13.35.121.91
TTL: 300 |
- | United States |
ref.cherry.tv |
35.201.126.52
TTL: 300 |
- | United States |
report-uri.mmcdn.com |
104.16.92.18
TTL: 300 |
- | United States |
s3.cherry.tv |
104.16.13.94
TTL: 300 |
- | United States |
spankbang.com |
104.19.136.100
TTL: 300 |
- | United States |
static-assets.highwebmedia.com |
104.16.93.42
TTL: 300 |
- | United States |
static-pub.highwebmedia.com |
104.16.93.42
TTL: 300 |
- | United States |
static.cloudflareinsights.com |
104.16.57.101
TTL: 300 |
- | United States |
static.spankbang.com |
104.19.136.100
TTL: 300 |
- | United States |
stats.postgen.com |
74.117.182.34
TTL: 300 |
- | United States |
tb.sb-cd.com |
104.18.218.46
TTL: 300 |
- | United States |
tbi.sb-cd.com |
89.187.187.9
TTL: 300 |
- | Czech Republic |
tsyndicate.com |
213.174.157.105
TTL: 21600 |
- | Netherlands |
video.ktkjmp.com |
104.18.62.235
TTL: 300 |
- | United States |
www.bing.com |
23.62.46.17
TTL: 2472 |
- | United States |
xlivesex.com |
104.18.63.131
TTL: 300 |
- | United States |
Contacted Hosts
IP Address | Port/Protocol | Associated Process | Details |
---|---|---|---|
104.19.136.100 |
443
TCP |
msedge.exe PID: 1512 |
United States |
138.91.254.96 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.19.136.100 |
443
UDP |
msedge.exe PID: 1512 |
United States |
104.18.200.68 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.17.25.14 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.16.57.101 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.18.218.46 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.18.7.225 |
443
TCP |
msedge.exe PID: 1512 |
United States |
89.187.187.20 |
443
TCP |
msedge.exe PID: 1512 |
Czech Republic |
104.18.218.46 |
443
UDP |
msedge.exe PID: 1512 |
United States |
23.62.46.17 |
443
TCP |
msedge.exe PID: 1512 |
United States |
23.62.46.17 |
443
UDP |
msedge.exe PID: 1512 |
United States |
104.18.7.225 |
443
UDP |
msedge.exe PID: 1512 |
United States |
89.187.187.9 |
443
TCP |
msedge.exe PID: 1512 |
Czech Republic |
66.254.114.171 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.18.101.40 |
443
TCP |
msedge.exe PID: 1512 |
United States |
213.174.157.105 |
443
TCP |
msedge.exe PID: 1512 |
Netherlands |
74.117.182.34 |
443
TCP |
msedge.exe PID: 1512 |
United States |
172.64.175.26 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.18.101.40 |
443
UDP |
msedge.exe PID: 1512 |
United States |
104.18.51.106 |
443
TCP |
msedge.exe PID: 1512 |
United States |
172.64.106.29 |
443
TCP |
msedge.exe PID: 1512 |
United States |
209.197.3.25 |
443
TCP |
msedge.exe PID: 1512 |
United States |
208.99.84.23 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.18.51.106 |
443
UDP |
msedge.exe PID: 1512 |
United States |
104.18.59.150 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.18.62.235 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.18.59.150 |
443
UDP |
msedge.exe PID: 1512 |
United States |
89.187.187.9 |
443
UDP |
msedge.exe PID: 1512 |
Czech Republic |
8.252.188.249 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.16.93.42 |
443
TCP |
msedge.exe PID: 1512 |
United States |
172.64.106.29 |
443
UDP |
msedge.exe PID: 1512 |
United States |
104.18.63.124 |
443
TCP |
msedge.exe PID: 1512 |
United States |
172.64.128.20 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.18.63.131 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.16.93.42 |
443
UDP |
msedge.exe PID: 1512 |
United States |
172.64.128.20 |
443
UDP |
msedge.exe PID: 1512 |
United States |
8.252.72.121 |
443
TCP |
msedge.exe PID: 1512 |
United States |
8.252.180.249 |
443
TCP |
msedge.exe PID: 1512 |
United States |
142.250.189.170 |
443
TCP |
msedge.exe PID: 1512 |
United States |
151.101.2.137 |
443
TCP |
msedge.exe PID: 1512 |
United States |
142.251.46.227 |
443
TCP |
msedge.exe PID: 1512 |
United States |
131.153.81.176 |
443
TCP |
msedge.exe PID: 1512 |
United States |
35.201.126.52 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.21.61.219 |
443
TCP |
msedge.exe PID: 1512 |
United States |
131.153.84.40 |
443
TCP |
msedge.exe PID: 1512 |
United States |
35.201.126.52 |
443
UDP |
msedge.exe PID: 1512 |
United States |
162.247.243.29 |
443
TCP |
msedge.exe PID: 1512 |
United States |
13.35.121.91 |
443
TCP |
msedge.exe PID: 1512 |
United States |
104.16.13.94 |
443
TCP |
msedge.exe PID: 1512 |
United States |
23.62.46.19 |
443
UDP |
msedge.exe PID: 1512 |
United States |
104.16.92.18 |
443
TCP |
msedge.exe PID: 1512 |
United States |
23.62.46.24 |
443
UDP |
msedge.exe PID: 1512 |
United States |
104.16.92.18 |
443
UDP |
msedge.exe PID: 1512 |
United States |
Contacted Countries
HTTP Traffic
No relevant HTTP requests were made.
Suricata Alerts
Event | Category | Description | SID |
---|---|---|---|
local -> 8.8.8.8:53 (UDP) | Potentially Bad Traffic | ET DNS Query to a *.top domain - Likely Hostile | 2023883 |
local -> 184.30.148.170:80 (TCP) | Misc activity | ET INFO Microsoft Connection Test | 2031071 |
Extracted Strings
Extracted Files
Displaying 50 extracted file(s). The remaining 368 file(s) are available in the full version and XML/JSON reports.
-
Informative Selection 50
-
-
2d198ca3-e1c0-47af-ae83-87dd059602c6.tmp
- Size
- 62KiB (63976 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- 3f945c92077d070c2781b20acab06a31
- SHA1
- 43af238020ff84a9dce85ef2978a7182a83cf579
- SHA256
- b83a7348c03fdde4d06c153d086ef14ada6a6e57716c9a8adab560beefc286c5
-
5b5adf12-4caf-4f2d-82c6-0d69413acd89.tmp
- Size
- 62KiB (63975 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- e1079d953d8a01f0de2fe2ce0348cd1a
- SHA1
- 9eceb007eccb4b6fb734549249a7205752963ec7
- SHA256
- 9b7f72b57b4b024f8fa81d58ba59db660650327367e4cfdf900c9daf0c88205a
-
6acbbc4e-f5b0-441e-b2e3-f2c53ca17e1a.tmp
- Size
- 62KiB (63974 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- 601f2758688b24c91cb2f44d7db1d7e5
- SHA1
- c4ed75d94c0f3595e80295ebb707def1e025b50d
- SHA256
- 97e373c27742ef0cfea4b6965d990c48bc16291062485f1c1d424440544aa3bd
-
72ca78c7-0398-4080-989f-fb9b8c7d644e.tmp
- Size
- 63KiB (64066 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- 17fe6732215b9c77b79e9c3c5292cc63
- SHA1
- acbc65234998745b69f458fe577c0cf3e124bb7b
- SHA256
- caff45a56289219a77dec69efaadf275f83c21fde74e853d35a429b51a2c570e
-
7e607e6e-f2a6-4264-976c-07b1eeb40ef3.tmp
- Size
- 63KiB (64166 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- ebe9b77e925bbdb7e05aaae314fde2e2
- SHA1
- bfbaf43bd2c5d33f798f213b01fbddfd62dec90d
- SHA256
- c1614a346dbc2f37c092e350ee4adb9c85b0e0032a5ec4e9f611c9a52cb2a5d6
-
8d0a6f8c-8b0d-4094-8330-157f1ff10469.tmp
- Size
- 63KiB (64167 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- a5f59b19f0653a802bb7050acd7657fe
- SHA1
- e83ebc5ba449990faa7eaeb0005ba578b56dfcce
- SHA256
- bf459bc38bd91e3fb276c8a698933b7c60a82b92e500cbd723c96fa2de68c30f
-
958fe18e-97ae-43ab-9502-ab5d78c405a5.tmp
- Size
- 62KiB (63975 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- 34e4b18f561a88545d054ed9601e1169
- SHA1
- 069917c140fd37edcf19172c5b3500d90afa757f
- SHA256
- 51abb4f91b32b634fe4967f63e6f72e83d620efc71b38ca1179fd80e377410af
-
980483c9-a6c1-4df3-834b-c0a4ff149f65.tmp
- Size
- 90KiB (92328 bytes)
- Type
- data
- Description
- JSON data
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- 8953e74b5269660f89078b371b7f8af0
- SHA1
- 3e125f8e21325f05b6488e8ddaab55277b297826
- SHA256
- 637c7f546fdb1866759bbef465409204801f46e7d1cf55a5168f5d7f2707b875
-
settings.dat
- Size
- 280B (280 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 5600)
- MD5
- ad0bc7a515cdef716546f1fe7dffce24
- SHA1
- 1211554ababfbadba842f3c900fdd9d76e3186a0
- SHA256
- ff788ad9260235970674c12b2c4faa4c1825b6cbe3b471b8de23ef1ae13b1a56
-
119d66f1-80eb-49a2-8a63-dcb41a03d214.tmp
- Size
- 23KiB (23314 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- a5982e568a1d8aa2d5b78dc7cc9e1d3e
- SHA1
- fdd1d8c228af3045f6385ae75f1a06956128312d
- SHA256
- f7fe2587c72fcab84637ece08c1e1ccec41bb87d9d2a28877873a2ee629f475d
-
39906100-4166-4540-ab2e-0ff6d1eca8aa.tmp
- Size
- 23KiB (23314 bytes)
- Type
- text
- Description
- ASCII text, with very long lines, with no line terminators
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- 071c62262463508e868f8e2ae91b7a96
- SHA1
- 76a27fb78a2d062923d3302c5717770e632e1465
- SHA256
- 7aa09f6b82f6d565649b5011ec6802283d3d2995dc64cff594a7fdb3ffdf5cad
-
5998c6c7-ee49-45f5-a062-4c3206acbd10.tmp
- Size
- 1B (1 bytes)
- Type
- unknown
- Description
- very short file (no magic)
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- 5058f1af8388633f609cadb75a75dc9d
- SHA1
- 3a52ce780950d4d969792a2559cd519d7ee8c727
- SHA256
- cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
-
000001.dbtmp
- Size
- 16B (16 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- 46295cac801e5d4857d09837238a6394
- SHA1
- 44e0fa1b517dbf802b18faf0785eeea6ac51594b
- SHA256
- 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
-
000003.log
- Size
- 33B (33 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 6552)
- MD5
- f27314dd366903bbc6141eae524b0fde
- SHA1
- 4714d4a11c53cf4258c3a0246b98e5f5a01fbc12
- SHA256
- 68c7ad234755b9edb06832a084d092660970c89a7305e0c47d327b6ac50dd898
-
LOG
- Size
- 311B (311 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- msedge.exe (PID: 6552)
- MD5
- 68889d5f56e468abeb79144f35f4e963
- SHA1
- 6c13d87e9b30b9bbe0062c5db0a3b42c066ce25a
- SHA256
- f8159bb23574a628f39c232fd9d23ad2d84c1d5d8b53080ce8e8ba29b6ceb549
-
MANIFEST-000001
- Size
- 41B (41 bytes)
- Type
- unknown
- Description
- PGP Secret Key -
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- 5af87dfd673ba2115e2fcf5cfdb727ab
- SHA1
- d5b5bbf396dc291274584ef71f444f420b6056f1
- SHA256
- f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
-
000003.log
- Size
- 949KiB (971570 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 6552)
- MD5
- 9a0ffb4c2542260e7a14d3c580e4bb0b
- SHA1
- 6d106cad21491f2dcdf311420b80e5dc11638882
- SHA256
- 673b5e2cfb0f6e50cf601fff87d5651bf06769bdfeaa448764775fea0e8fd6b4
-
LOG
- Size
- 338B (338 bytes)
- Type
- text
- Description
- ASCII text
- Runtime Process
- msedge.exe (PID: 6552)
- MD5
- d1c75bc2284ed02c7ab394b9477e3b25
- SHA1
- 65db090a073c579d01ba2b82945fd33fbcf33ad0
- SHA256
- 951b3c7483fe04a305c427582cbfb6999c01c174f695e9f4c83d55a3dd346c5b
-
data_0
- Size
- 152KiB (155648 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 2440252b0bed68d2e7f72c9f5c1d7505
- SHA1
- 6a388951456bf04a68d13dab7c9423131bb74c18
- SHA256
- 7556d6a80994eec981e5d5f85c81bd590e66fdc59349abd512253b705d88b5c9
-
data_1
- Size
- 208KiB (212992 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 0518d876b46753bc4ded60a13638b0c1
- SHA1
- fffc16c32803ab4f650a1327c7e798a7a00f3453
- SHA256
- 6bee8a6639e0dd2b85779a2b25a91105e3d64254d3577bafe45bfa0f4150238f
-
f_0004c4
- Size
- 27KiB (27755 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 04d3fe45720d0690b1f1cd6d4ec1972f
- SHA1
- ff4ac08654688081f3220beeb3497d0d8d5eeca0
- SHA256
- b1691970d4c68fccdceb5838a63898b71b9b47f23268134eed3e9876c4d1dcfc
-
f_0004c6
- Size
- 33KiB (33301 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 927614963798a364841ebcb6d6016847
- SHA1
- cfea1059ba132cfb9a1b460121fd4ed2457f8dfa
- SHA256
- 1e4315ca2b6b19120192a45efdd002a95f6d2641603f91d05e92e2d50204f855
-
f_0004c9
- Size
- 17KiB (16934 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 04bba95bc0a99cee69cf76804055f05c
- SHA1
- 630d29c3fdfbd8b8a8a201a7e02b32ca31b6b438
- SHA256
- 2819801c269f97def561b372bc25c10d8098f1e0cc07758e6f0e5b175e074e89
-
f_0004ca
- Size
- 17KiB (16934 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 04bba95bc0a99cee69cf76804055f05c
- SHA1
- 630d29c3fdfbd8b8a8a201a7e02b32ca31b6b438
- SHA256
- 2819801c269f97def561b372bc25c10d8098f1e0cc07758e6f0e5b175e074e89
-
f_0004cc
- Size
- 78KiB (80092 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- f2c6999981da4eb2e4b8183eb7397a71
- SHA1
- ddd71f977d364212fd65af311efd037deb7c2918
- SHA256
- 411b39f05ff88f36258811625bd54a25eb1be59cfa5ce52bf465dde48f1c7074
-
f_0004cf
- Size
- 642KiB (657687 bytes)
- Type
- unknown
- Description
- ISO Media, MP4 Base Media v1 [IS0 14496-12:2003]
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- f39dc2fda23ba9cc45ee02721674280a
- SHA1
- 1e7cacaa0f23c0902fa7e8d3b5d23fa861ee1960
- SHA256
- 248ec3e8674b5ae5d7a9c3eb02d829bbf00fcad4613ab2315ee63b7ae3c88759
-
f_0004d0
- Size
- 164KiB (167516 bytes)
- Type
- data
- Description
- RIFF (little-endian) data, Web/P image
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 9968a0e5adaa346a697e37e6284b8df0
- SHA1
- e89ee521faf7e0b433686a8818aa1ffe49354047
- SHA256
- cd43833c8bf91d758b4aed62db1ee417557933ccf867a630e16d6f6afd2c1e5b
-
f_0004d2
- Size
- 39KiB (39727 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 8a01d7bd464b2259236b6445048c4ade
- SHA1
- e41cbc2336894b2ae8af62936c7fc730d63d4cda
- SHA256
- a3486546585228eca8c93ca7d7f5e9ebf08d0775b4a551aa4cd0fa6837202e01
-
f_0004d3
- Size
- 45KiB (46082 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 9a47b10e309513a0331983defbaa540e
- SHA1
- 5ce4d637c91060f24f19b976cc12352173788310
- SHA256
- 822f72aac278f374155c254c48203cfcc862bf58c3c286e9926c2788cabbd73e
-
f_0004d6
- Size
- 32KiB (32880 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 2065d22139e64000cf95d8717c4000de
- SHA1
- 390d88a943d6b4b59976a7f5bd8247b6e343cb0f
- SHA256
- 86b56c835cd08f6a61da0464d0140de1cf11cd745fdd8107d0db35fa04248c7c
-
f_0004d7
- Size
- 36KiB (37155 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 1724bbc5b25bcfa883885bc0748456e1
- SHA1
- 1b57defd8b8a42c1fc2b89f6d67711c20bc8c6dd
- SHA256
- dcdc14744c4d7830914d4d07c843441a48a54ab7d5069b2c86273ca7eca711f2
-
f_0004dc
- Size
- 411KiB (420433 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 80b6e1f82533960c156fea12212a9711
- SHA1
- fab05d82e9fe73153ae79995997cbdab87f71706
- SHA256
- 5bb433c0ae936ee0c6203eccad060c47cd96695a05b7ed5c6e976c1b4cdef757
-
f_0004e0
- Size
- 42KiB (42518 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 6f7969fba5e67444d71e7a035bf4f041
- SHA1
- 562f512324e7dbb3c50798e859c8bdde66b7d8cf
- SHA256
- 770edd6eef062d22d3eeec419d95bc6e648b3a20a4121bd687421307667f0483
-
f_0004e2
- Size
- 32KiB (32600 bytes)
- Type
- unknown
- Description
- MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- a1b122ed72ab3c7f31eaf55a21fb14ce
- SHA1
- d59bad3ba30640b238502ae3d2a8eba40574d51f
- SHA256
- 61aac93b83752081003a02921e70af75a4786b5b33467c8ef50add2d76cb8000
-
f_0004e3
- Size
- 25KiB (25728 bytes)
- Type
- unknown
- Description
- Audio file with ID3 version 2.3.0, contains:MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 069c25fa18c496300dce85718add378b
- SHA1
- e16d86da14847005e3e99b3741b1a55585a8067c
- SHA256
- 8e1f038b4fc8a72ed517c74eebc5ffedaa5689f26dc3a323007dc6dbc235e5fb
-
f_0004e4
- Size
- 56KiB (57678 bytes)
- Type
- unknown
- Description
- MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 4f5f5acc1f52a82663f8b8762df7508d
- SHA1
- 15197386d884cfc8c6a04b2ca37f4e6325146567
- SHA256
- 8b2f2a0e8f6c4506f802775ffc24567495279088c55dc16d76da9e32257f58ce
-
f_0004e5
- Size
- 56KiB (57678 bytes)
- Type
- unknown
- Description
- MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 3c341f99a417abeaa0e76f070d2ee776
- SHA1
- c14d20fc3b5c6f0ec8085a59ff7108a0fd4ccd70
- SHA256
- 06a32e4bddac3148330822781fc4a9a62cab480e46e1ba8e8158b9d86445a7c7
-
f_0004ec
- Size
- 18KiB (18907 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 61199
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 5ddd9744f061be0be3822bccee4babcb
- SHA1
- dbd3bfa1e2410f14b86ef7f6db773f2464b5464b
- SHA256
- 94d7b14227fbb5bb7eb9fea8c4151c0c30699094bc9d301275f1d9b2040a6b3e
-
f_0004ed
- Size
- 23KiB (23148 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- f97a330040fc1de850694698b6aa493e
- SHA1
- 45077735e23e47e637537aea717acc5c8ecc8bcf
- SHA256
- b301b56ec31475b15491e419c6d633f738b1c344e27004ab933d8418720b29ea
-
f_0004ee
- Size
- 18KiB (18907 bytes)
- Type
- compressed gzip
- Description
- gzip compressed data, from Unix, original size modulo 2^32 61199
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 5ddd9744f061be0be3822bccee4babcb
- SHA1
- dbd3bfa1e2410f14b86ef7f6db773f2464b5464b
- SHA256
- 94d7b14227fbb5bb7eb9fea8c4151c0c30699094bc9d301275f1d9b2040a6b3e
-
f_0004ef
- Size
- 48KiB (49265 bytes)
- Type
- img image
- Description
- GIF image data, version 89a, 70 x 80
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- de72003e2423a34b822d8e1e1cfd7e1e
- SHA1
- 3751fd1e27af2bb39c09d8956b963f01b4eca334
- SHA256
- 8a3464ebf3f0295ce9e3b0feee9cf09197f18fbcbca06c8176d62cefea2710c2
-
f_0004f1
- Size
- 37KiB (37924 bytes)
- Type
- unknown
- Description
- Web Open Font Format (Version 2), TrueType, length 37924, version 1.0
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- e08be6d5d433944f7ad52902e4d24db5
- SHA1
- e2600c1d60d12d397b3ee44411a021231d71e974
- SHA256
- 450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
-
f_0004f4
- Size
- 305KiB (311965 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- b5fb62406c27fa62294fec6b0ea74430
- SHA1
- 42e8de61494badb064bfd6a84ddf6cfad8abcbcd
- SHA256
- e835d2b4892629edaa02334fe90ed21761304c3432de64f4bfe951d665721f2b
-
f_0004f6
- Size
- 210KiB (214884 bytes)
- Type
- data
- Description
- MPEG transport stream data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 24456e6bd35b4e4fff2db4dc1c5787dd
- SHA1
- 681ce6f89dc7dc7088d49bc6d18fe6b20f5c467e
- SHA256
- 1c688c66d66faad32dc03abe3fd91e5ef2b4bf19c47c30344b2fcaad659acce1
-
f_0004f7
- Size
- 588KiB (601976 bytes)
- Type
- data
- Description
- MPEG transport stream data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 0d6d0e6527f7c977d8ad87f348758605
- SHA1
- 6629057cc3b61ad6ba643fa4500f017d1df14724
- SHA256
- 0584413d1f9aade3de2037e185c5f3fd5bc3ca836e8bb0072c33ced435ac323c
-
f_0004f8
- Size
- 965KiB (988316 bytes)
- Type
- data
- Description
- MPEG transport stream data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 68913410cd0a158acd62bfce8ac597ad
- SHA1
- 6f32c49eef0947fe4c256d965aaf00758a45e9bf
- SHA256
- 2b5b65314e7f9dfd4584269374fe55c8f273ec6397e907394c1b784c419e35a1
-
f_0004f9
- Size
- 1.4MiB (1472040 bytes)
- Type
- data
- Description
- MPEG transport stream data
- Runtime Process
- msedge.exe (PID: 1512)
- MD5
- 6928b316a18a6ab3ad1425c5a33f6491
- SHA1
- c46edd9d284172cea8c3cc95bd2e6fa49e8757e4
- SHA256
- f642471fbd7edd4f9b94d33e3c897c8ad924162aa485eeabd954bb34950daab9
-
12473002c482e146_0
- Size
- 240B (240 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- db713372dd0947c4fa0a4a381dc60d0a
- SHA1
- 35fa71bb9c20d3808a76b36463056b21ae45d4e9
- SHA256
- 76ad1fef35f3f0dd26ae04a914d8e22f1c4ada5ba9de6c8cac70312b8b879a50
-
2341b670bba449c9_0
- Size
- 231B (231 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- 7c4e3547a00911c2b32df2f2af8e2825
- SHA1
- d935db9072cba203e0b345aec86a322baff4ea82
- SHA256
- edcabb6be0f3a1072ec988fe05709cd3a250c4959a40706c5d1119ae3b2e02be
-
2a6a087ab2b03f4a_0
- Size
- 231B (231 bytes)
- Type
- data
- Runtime Process
- msedge.exe (PID: 4660)
- MD5
- 3adf111eb761776b285dc3855481995e
- SHA1
- 7bbff2c9f88e5d42a20839e338893a1fc26ed7b5
- SHA256
- 02d9444e8be8fd55ae0f4c3b50d0c82229989cc6bfaf5fdf2e17aea55b9195b3
-
Notifications
-
Runtime
- Not all IP/URL string resources were checked online
- Not all created files are visible for msedge.exe (PID: 4660)
- Not all file accesses are visible for msedge.exe (PID: 1512)
- Not all file accesses are visible for msedge.exe (PID: 2124)
- Not all file accesses are visible for msedge.exe (PID: 2376)
- Not all file accesses are visible for msedge.exe (PID: 3852)
- Not all file accesses are visible for msedge.exe (PID: 396)
- Not all file accesses are visible for msedge.exe (PID: 4400)
- Not all file accesses are visible for msedge.exe (PID: 4660)
- Not all file accesses are visible for msedge.exe (PID: 5012)
- Not all file accesses are visible for msedge.exe (PID: 508)
- Not all file accesses are visible for msedge.exe (PID: 5124)
- Not all file accesses are visible for msedge.exe (PID: 5252)
- Not all file accesses are visible for msedge.exe (PID: 5516)
- Not all file accesses are visible for msedge.exe (PID: 5600)
- Not all file accesses are visible for msedge.exe (PID: 5724)
- Not all file accesses are visible for msedge.exe (PID: 6128)
- Not all file accesses are visible for msedge.exe (PID: 6260)
- Not all file accesses are visible for msedge.exe (PID: 6500)
- Not all file accesses are visible for msedge.exe (PID: 6508)
- Not all file accesses are visible for msedge.exe (PID: 6552)
- Not all file accesses are visible for msedge.exe (PID: 6684)
- Not all file accesses are visible for msedge.exe (PID: 6848)
- Not all file accesses are visible for msedge.exe (PID: 6868)
- Not all file accesses are visible for msedge.exe (PID: 6992)
- Not all file accesses are visible for msedge.exe (PID: 7064)
- Not all file accesses are visible for msedge.exe (PID: 7224)
- Not all file accesses are visible for msedge.exe (PID: 7368)
- Not all file accesses are visible for msedge.exe (PID: 7432)
- Not all file accesses are visible for msedge.exe (PID: 7440)
- Not all file accesses are visible for msedge.exe (PID: 7496)
- Not all file accesses are visible for msedge.exe (PID: 7880)
- Not all file accesses are visible for msedge.exe (PID: 7896)
- Not all file accesses are visible for msedge.exe (PID: 8004)
- Not all file accesses are visible for msedge.exe (PID: 8024)
- Not all file accesses are visible for msedge.exe (PID: 8120)
- Not all file accesses are visible for msedge.exe (PID: 8128)
- Not all file accesses are visible for msedge.exe (PID: 8184)
- Some low-level data is hidden, as this is only a slim report
- This URL analysis has missing honeyclient data
- Not all sources for indicator ID "mutant-0" are available in the report
- Not all sources for indicator ID "network-1" are available in the report
- Not all sources for indicator ID "network-51" are available in the report
- Not all sources for indicator ID "string-23" are available in the report
- Not all sources for indicator ID "string-169" are available in the report