Analysis
-
max time kernel
149s -
max time network
131s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
26/12/2023, 15:51 UTC
Static task
static1
Behavioral task
behavioral1
Sample
7a618dc69ecc982efadd2ef80c4b8013.js
Resource
win7-20231215-en
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
7a618dc69ecc982efadd2ef80c4b8013.js
Resource
win10v2004-20231215-en
0 signatures
150 seconds
General
-
Target
7a618dc69ecc982efadd2ef80c4b8013.js
-
Size
14KB
-
MD5
7a618dc69ecc982efadd2ef80c4b8013
-
SHA1
5ca1592e7d1d2d39cdcb62289ded631ba70c5282
-
SHA256
e511eb3c2cbecd1c9f8c5f3c8a1e8f97db9e530213f85dbf386c70f2a3cfb937
-
SHA512
0ae21bf5e42d2d7c52a46ef9f339ce34871ae45d64ea92d4d0be621eb03c9eafaa1d3adf37dff095a1904131c54ebacee91825c6410cc46308febc8dd3b04bd2
-
SSDEEP
384:Wnfk3H8snY4JEhsyyvdVHVdwVMVvpVeLOFlZwZdXmV4Ku:WnfkjImeLOFlGnXmV4Ku
Score
1/10
Malware Config
Signatures
Processes
Network
-
Remote address:8.8.8.8:53Request2.136.104.51.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request68.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request180.178.17.96.in-addr.arpaIN PTRResponse180.178.17.96.in-addr.arpaIN PTRa96-17-178-180deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request180.178.17.96.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request241.154.82.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request241.154.82.20.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request103.169.127.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request103.169.127.40.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request41.110.16.96.in-addr.arpaIN PTRResponse41.110.16.96.in-addr.arpaIN PTRa96-16-110-41deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request59.128.231.4.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request59.128.231.4.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request56.126.166.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request56.126.166.20.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request56.126.166.20.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request104.241.123.92.in-addr.arpaIN PTRResponse104.241.123.92.in-addr.arpaIN PTRa92-123-241-104deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request119.110.54.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request174.178.17.96.in-addr.arpaIN PTRResponse174.178.17.96.in-addr.arpaIN PTRa96-17-178-174deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request174.178.17.96.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request64.134.221.88.in-addr.arpaIN PTRResponse64.134.221.88.in-addr.arpaIN PTRa88-221-134-64deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request64.134.221.88.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request32.134.221.88.in-addr.arpaIN PTRResponse32.134.221.88.in-addr.arpaIN PTRa88-221-134-32deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request178.223.142.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request178.223.142.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request176.178.17.96.in-addr.arpaIN PTRResponse176.178.17.96.in-addr.arpaIN PTRa96-17-178-176deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request176.178.17.96.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Requesttse1.mm.bing.netIN AResponsetse1.mm.bing.netIN CNAMEmm-mm.bing.net.trafficmanager.netmm-mm.bing.net.trafficmanager.netIN CNAMEdual-a-0001.a-msedge.netdual-a-0001.a-msedge.netIN A204.79.197.200dual-a-0001.a-msedge.netIN A13.107.21.200
-
Remote address:8.8.8.8:53Requesttse1.mm.bing.netIN A
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301665_1S4CNP8PR7TX8NHG9&pid=21.2&w=1080&h=1920&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301665_1S4CNP8PR7TX8NHG9&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 374639
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 43C97D4FB77C4C2B8CCFE04DF0B0EC51 Ref B: LON04EDGE1109 Ref C: 2023-12-28T04:03:43Z
date: Thu, 28 Dec 2023 04:03:42 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301633_110EXF4Z7ZKXDIEIX&pid=21.2&w=1080&h=1920&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301633_110EXF4Z7ZKXDIEIX&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 328393
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 192B44167C6A443FB6D0B6B65B0CE01E Ref B: LON04EDGE1109 Ref C: 2023-12-28T04:03:43Z
date: Thu, 28 Dec 2023 04:03:42 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301103_1AT2QBQ1Q6ANODZ4C&pid=21.2&w=1920&h=1080&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301103_1AT2QBQ1Q6ANODZ4C&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 301075
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CAB5EB5396347BE84003EE36E5FFF0D Ref B: LON04EDGE1109 Ref C: 2023-12-28T04:03:43Z
date: Thu, 28 Dec 2023 04:03:42 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301224_1J28RV4KN5VDAG7RX&pid=21.2&w=1920&h=1080&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301224_1J28RV4KN5VDAG7RX&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 356325
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CD559C71DFEF4F07A7FA3304EE551366 Ref B: LON04EDGE1109 Ref C: 2023-12-28T04:03:43Z
date: Thu, 28 Dec 2023 04:03:42 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301256_1KGERJE9NLTBHW1IO&pid=21.2&w=1920&h=1080&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301256_1KGERJE9NLTBHW1IO&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 470736
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A46CFF73F22745CD916C52C1CDCF7741 Ref B: LON04EDGE1109 Ref C: 2023-12-28T04:03:43Z
date: Thu, 28 Dec 2023 04:03:42 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301536_1KEHL2APX3BZOFBAK&pid=21.2&w=1080&h=1920&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301536_1KEHL2APX3BZOFBAK&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
-
Remote address:8.8.8.8:53Request88.156.103.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request88.156.103.20.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request90.135.221.88.in-addr.arpaIN PTRResponse90.135.221.88.in-addr.arpaIN PTRa88-221-135-90deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request90.135.221.88.in-addr.arpaIN PTRResponse90.135.221.88.in-addr.arpaIN PTRa88-221-135-90deploystaticakamaitechnologiescom
-
-
-
-
1.3kB 10.9kB 17 13
-
1.3kB 10.5kB 17 14
-
1.3kB 8.3kB 16 13
-
1.3kB 8.2kB 16 13
-
204.79.197.200:443https://tse1.mm.bing.net/th?id=OADD2.10239317301536_1KEHL2APX3BZOFBAK&pid=21.2&w=1080&h=1920&c=4tls, http247.7kB 1.3MB 976 971
HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301665_1S4CNP8PR7TX8NHG9&pid=21.2&w=1080&h=1920&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301633_110EXF4Z7ZKXDIEIX&pid=21.2&w=1080&h=1920&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301103_1AT2QBQ1Q6ANODZ4C&pid=21.2&w=1920&h=1080&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301224_1J28RV4KN5VDAG7RX&pid=21.2&w=1920&h=1080&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301256_1KGERJE9NLTBHW1IO&pid=21.2&w=1920&h=1080&c=4HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301536_1KEHL2APX3BZOFBAK&pid=21.2&w=1080&h=1920&c=4HTTP Response
200 -
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
71 B 157 B 1 1
DNS Request
2.136.104.51.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
68.32.126.40.in-addr.arpa
-
144 B 137 B 2 1
DNS Request
180.178.17.96.in-addr.arpa
DNS Request
180.178.17.96.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
144 B 158 B 2 1
DNS Request
241.154.82.20.in-addr.arpa
DNS Request
241.154.82.20.in-addr.arpa
-
146 B 147 B 2 1
DNS Request
103.169.127.40.in-addr.arpa
DNS Request
103.169.127.40.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
41.110.16.96.in-addr.arpa
-
142 B 157 B 2 1
DNS Request
59.128.231.4.in-addr.arpa
DNS Request
59.128.231.4.in-addr.arpa
-
216 B 158 B 3 1
DNS Request
56.126.166.20.in-addr.arpa
DNS Request
56.126.166.20.in-addr.arpa
DNS Request
56.126.166.20.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
104.241.123.92.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
119.110.54.20.in-addr.arpa
-
144 B 137 B 2 1
DNS Request
174.178.17.96.in-addr.arpa
DNS Request
174.178.17.96.in-addr.arpa
-
144 B 137 B 2 1
DNS Request
64.134.221.88.in-addr.arpa
DNS Request
64.134.221.88.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
32.134.221.88.in-addr.arpa
-
146 B 294 B 2 2
DNS Request
178.223.142.52.in-addr.arpa
DNS Request
178.223.142.52.in-addr.arpa
-
144 B 137 B 2 1
DNS Request
176.178.17.96.in-addr.arpa
DNS Request
176.178.17.96.in-addr.arpa
-
124 B 173 B 2 1
DNS Request
tse1.mm.bing.net
DNS Request
tse1.mm.bing.net
DNS Response
204.79.197.20013.107.21.200
-
144 B 158 B 2 1
DNS Request
88.156.103.20.in-addr.arpa
DNS Request
88.156.103.20.in-addr.arpa
-
144 B 274 B 2 2
DNS Request
90.135.221.88.in-addr.arpa
DNS Request
90.135.221.88.in-addr.arpa
-