Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

teams.exe

windows7-x64

1

teams.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/03/2024, 13:24 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    teams.exe

  • Size

    32KB

  • MD5

    79be6407efcd8384488e10b3e4d57d28

  • SHA1

    7b85b15156bde0ad3b06ebc572c0eaef6b8c4dcb

  • SHA256

    fe6ba47c1f2b49d9c9f79100a6e901ee0b2928d85568975ca143962a2245a652

  • SHA512

    7074e000cc4100efc42962d4b604fac9acea320d5c6e7621077e9a6d1a55113ad08b09158e7f18d4b4abf2adb3aec4f7153c2cf2144d1954daf18bea53c9808e

  • SSDEEP

    768:fUeVcDsyL/Hs93u7fzR0xZ70ZBrc14aH/t5:GssPd77R076I5t

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\teams.exe
    "C:\Users\Admin\AppData\Local\Temp\teams.exe"
    1⤵
      PID:1592

    Network

    • flag-us
      DNS
      203.13.29.193.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      203.13.29.193.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      232.168.11.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      232.168.11.51.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      71.31.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      71.31.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      200.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      200.178.17.96.in-addr.arpa
      IN PTR
      Response
      200.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-200deploystaticakamaitechnologiescom
    • flag-us
      DNS
      241.154.82.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      241.154.82.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      41.110.16.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      41.110.16.96.in-addr.arpa
      IN PTR
      Response
      41.110.16.96.in-addr.arpa
      IN PTR
      a96-16-110-41deploystaticakamaitechnologiescom
    • flag-us
      DNS
      26.165.165.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      26.165.165.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      26.165.165.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      26.165.165.52.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      18.31.95.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.31.95.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      196.249.167.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      196.249.167.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      104.241.123.92.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      104.241.123.92.in-addr.arpa
      IN PTR
      Response
      104.241.123.92.in-addr.arpa
      IN PTR
      a92-123-241-104deploystaticakamaitechnologiescom
    • flag-us
      DNS
      104.241.123.92.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      104.241.123.92.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      119.110.54.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      119.110.54.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      0.204.248.87.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.204.248.87.in-addr.arpa
      IN PTR
      Response
      0.204.248.87.in-addr.arpa
      IN PTR
      https-87-248-204-0lhrllnwnet
    • flag-us
      DNS
      28.160.77.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      28.160.77.104.in-addr.arpa
      IN PTR
      Response
      28.160.77.104.in-addr.arpa
      IN PTR
      a104-77-160-28deploystaticakamaitechnologiescom
    • flag-us
      DNS
      75.179.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      75.179.17.96.in-addr.arpa
      IN PTR
      Response
      75.179.17.96.in-addr.arpa
      IN PTR
      a96-17-179-75deploystaticakamaitechnologiescom
    • flag-us
      DNS
      odnoklasniki.info
      teams.exe
      Remote address:
      8.8.8.8:53
      Request
      odnoklasniki.info
      IN A
      Response
      odnoklasniki.info
      IN A
      193.29.13.203
    • flag-us
      DNS
      23.160.77.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      23.160.77.104.in-addr.arpa
      IN PTR
      Response
      23.160.77.104.in-addr.arpa
      IN PTR
      a104-77-160-23deploystaticakamaitechnologiescom
    • flag-us
      DNS
      176.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      176.178.17.96.in-addr.arpa
      IN PTR
      Response
      176.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-176deploystaticakamaitechnologiescom
    • flag-us
      DNS
      45.56.20.217.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      45.56.20.217.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      19.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      19.229.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      tse1.mm.bing.net
      Remote address:
      8.8.8.8:53
      Request
      tse1.mm.bing.net
      IN A
      Response
      tse1.mm.bing.net
      IN CNAME
      mm-mm.bing.net.trafficmanager.net
      mm-mm.bing.net.trafficmanager.net
      IN CNAME
      dual-a-0001.a-msedge.net
      dual-a-0001.a-msedge.net
      IN A
      204.79.197.200
      dual-a-0001.a-msedge.net
      IN A
      13.107.21.200
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239317301592_19S8DNJJK87B8889G&pid=21.2&w=1080&h=1920&c=4
      Remote address:
      204.79.197.200:443
      Request
      GET /th?id=OADD2.10239317301592_19S8DNJJK87B8889G&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 516016
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 75849C68C2AD45C1949BA513E438A7C4 Ref B: LON04EDGE0807 Ref C: 2024-03-18T13:26:09Z
      date: Mon, 18 Mar 2024 13:26:08 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239317301183_1Q7FZ9HQ4P9RCH5CO&pid=21.2&w=1920&h=1080&c=4
      Remote address:
      204.79.197.200:443
      Request
      GET /th?id=OADD2.10239317301183_1Q7FZ9HQ4P9RCH5CO&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 600567
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: F35600D00A284636B0D39766DB7E21DB Ref B: LON04EDGE0807 Ref C: 2024-03-18T13:26:09Z
      date: Mon, 18 Mar 2024 13:26:08 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&w=1920&h=1080&c=4
      Remote address:
      204.79.197.200:443
      Request
      GET /th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 460493
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 6C06B55DF90841FCB8D2CE4695E79056 Ref B: LON04EDGE0807 Ref C: 2024-03-18T13:26:09Z
      date: Mon, 18 Mar 2024 13:26:08 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239339388171_1IPS9F3VG23PT8N6M&pid=21.2&w=1080&h=1920&c=4
      Remote address:
      204.79.197.200:443
      Request
      GET /th?id=OADD2.10239339388171_1IPS9F3VG23PT8N6M&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 524205
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 1CF19C2D3E904A3FB5BCCE8A127B129B Ref B: LON04EDGE0807 Ref C: 2024-03-18T13:26:10Z
      date: Mon, 18 Mar 2024 13:26:09 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239339388170_1IEK0BZGEDADTOA05&pid=21.2&w=1920&h=1080&c=4
      Remote address:
      204.79.197.200:443
      Request
      GET /th?id=OADD2.10239339388170_1IEK0BZGEDADTOA05&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 389457
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 22D688788C6F4F0DAA2B42ADF99553F5 Ref B: LON04EDGE0807 Ref C: 2024-03-18T13:26:11Z
      date: Mon, 18 Mar 2024 13:26:10 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239340418577_1YCPJO6YBYEE06VWA&pid=21.2&w=1080&h=1920&c=4
      Remote address:
      204.79.197.200:443
      Request
      GET /th?id=OADD2.10239340418577_1YCPJO6YBYEE06VWA&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 531870
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 2278FA5975294CD7B08215BE23F87E28 Ref B: LON04EDGE0807 Ref C: 2024-03-18T13:26:11Z
      date: Mon, 18 Mar 2024 13:26:10 GMT
    • flag-us
      DNS
      200.197.79.204.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      200.197.79.204.in-addr.arpa
      IN PTR
      Response
      200.197.79.204.in-addr.arpa
      IN PTR
      a-0001a-msedgenet
    • flag-us
      DNS
      200.197.79.204.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      200.197.79.204.in-addr.arpa
      IN PTR
      Response
      200.197.79.204.in-addr.arpa
      IN PTR
      a-0001a-msedgenet
    • flag-us
      DNS
      173.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      173.178.17.96.in-addr.arpa
      IN PTR
      Response
      173.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-173deploystaticakamaitechnologiescom
    • flag-us
      DNS
      173.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      173.178.17.96.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      22.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      22.178.17.96.in-addr.arpa
      IN PTR
      Response
      22.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-22deploystaticakamaitechnologiescom
    • flag-us
      DNS
      22.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      22.178.17.96.in-addr.arpa
      IN PTR
      Response
      22.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-22deploystaticakamaitechnologiescom
    • 193.29.13.203:8444
      teams.exe
      215.4kB
       10.3MB
       4443
      7387
    • 193.29.13.203:9001
      odnoklasniki.info
      tls
      teams.exe
      2.3kB
       1.5kB
       16
      13
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls, http2
      1.6kB
       8.1kB
       18
      14
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls, http2
      1.5kB
       9.9kB
       20
      15
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls, http2
      1.6kB
       8.1kB
       18
      14
    • 204.79.197.200:443
      https://tse1.mm.bing.net/th?id=OADD2.10239340418577_1YCPJO6YBYEE06VWA&pid=21.2&w=1080&h=1920&c=4
      tls, http2
      112.6kB
       3.2MB
       2302
      2291

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239317301592_19S8DNJJK87B8889G&pid=21.2&w=1080&h=1920&c=4

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239317301183_1Q7FZ9HQ4P9RCH5CO&pid=21.2&w=1920&h=1080&c=4

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&w=1920&h=1080&c=4

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239339388171_1IPS9F3VG23PT8N6M&pid=21.2&w=1080&h=1920&c=4

      HTTP Response

      200

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239339388170_1IEK0BZGEDADTOA05&pid=21.2&w=1920&h=1080&c=4

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239340418577_1YCPJO6YBYEE06VWA&pid=21.2&w=1080&h=1920&c=4

      HTTP Response

      200

      HTTP Response

      200
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls, http2
      1.5kB
       8.5kB
       19
      14
    • 8.8.8.8:53
      203.13.29.193.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      203.13.29.193.in-addr.arpa

    • 8.8.8.8:53
      232.168.11.51.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      232.168.11.51.in-addr.arpa

    • 8.8.8.8:53
      71.31.126.40.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      71.31.126.40.in-addr.arpa

    • 8.8.8.8:53
      200.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      200.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      241.154.82.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      241.154.82.20.in-addr.arpa

    • 8.8.8.8:53
      41.110.16.96.in-addr.arpa
      dns
      71 B
       135 B
       1
      1

      DNS Request

      41.110.16.96.in-addr.arpa

    • 8.8.8.8:53
      26.165.165.52.in-addr.arpa
      dns
      144 B
       146 B
       2
      1

      DNS Request

      26.165.165.52.in-addr.arpa

      DNS Request

      26.165.165.52.in-addr.arpa

    • 8.8.8.8:53
      18.31.95.13.in-addr.arpa
      dns
      70 B
       144 B
       1
      1

      DNS Request

      18.31.95.13.in-addr.arpa

    • 8.8.8.8:53
      196.249.167.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      196.249.167.52.in-addr.arpa

    • 8.8.8.8:53
      104.241.123.92.in-addr.arpa
      dns
      146 B
       139 B
       2
      1

      DNS Request

      104.241.123.92.in-addr.arpa

      DNS Request

      104.241.123.92.in-addr.arpa

    • 8.8.8.8:53
      119.110.54.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      119.110.54.20.in-addr.arpa

    • 8.8.8.8:53
      0.204.248.87.in-addr.arpa
      dns
      71 B
       116 B
       1
      1

      DNS Request

      0.204.248.87.in-addr.arpa

    • 8.8.8.8:53
      28.160.77.104.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      28.160.77.104.in-addr.arpa

    • 8.8.8.8:53
      75.179.17.96.in-addr.arpa
      dns
      71 B
       135 B
       1
      1

      DNS Request

      75.179.17.96.in-addr.arpa

    • 8.8.8.8:53
      odnoklasniki.info
      dns
      teams.exe
      63 B
       79 B
       1
      1

      DNS Request

      odnoklasniki.info

      DNS Response

      193.29.13.203

    • 8.8.8.8:53
      23.160.77.104.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      23.160.77.104.in-addr.arpa

    • 8.8.8.8:53
      176.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      176.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      45.56.20.217.in-addr.arpa
      dns
      71 B
       131 B
       1
      1

      DNS Request

      45.56.20.217.in-addr.arpa

    • 8.8.8.8:53
      19.229.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      19.229.111.52.in-addr.arpa

    • 8.8.8.8:53
      tse1.mm.bing.net
      dns
      62 B
       173 B
       1
      1

      DNS Request

      tse1.mm.bing.net

      DNS Response

      204.79.197.200
      13.107.21.200

    • 8.8.8.8:53
      200.197.79.204.in-addr.arpa
      dns
      146 B
       212 B
       2
      2

      DNS Request

      200.197.79.204.in-addr.arpa

      DNS Request

      200.197.79.204.in-addr.arpa

    • 8.8.8.8:53
      173.178.17.96.in-addr.arpa
      dns
      144 B
       137 B
       2
      1

      DNS Request

      173.178.17.96.in-addr.arpa

      DNS Request

      173.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      22.178.17.96.in-addr.arpa
      dns
      142 B
       270 B
       2
      2

      DNS Request

      22.178.17.96.in-addr.arpa

      DNS Request

      22.178.17.96.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1592-2-0x0000004250CB0000-0x0000004250DB0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1592-3-0x0000004250CB0000-0x0000004250DB0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1592-4-0x0000023627810000-0x000002362819B000-memory.dmp

      Filesize

      9.5MB

      Download

    • memory/1592-5-0x000002362A3F0000-0x000002362ADE3000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/1592-6-0x000002362A3F0000-0x000002362ADE3000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/1592-7-0x000002362A3F0000-0x000002362ADE3000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/1592-8-0x000002362A3F0000-0x000002362ADE3000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/1592-9-0x000002362A3F0000-0x000002362ADE3000-memory.dmp

      Filesize

      9.9MB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.