Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-04-2024 00:57

General

  • Target

    eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe

  • Size

    468KB

  • MD5

    eec17d7948e06d67503dea34259145f2

  • SHA1

    ce3ff6d3b66de29f2568daca2e43d01b70cc1f00

  • SHA256

    d339a24a1fd6245cefc38b24ce8ff753a1dc20bc6d213bf38bb8703a7c527042

  • SHA512

    92c6106e63dce226120760c74dbdac308ff9a3ff2bd4273f4ee3e805b85b3980fb4992565680b86e6258bd056c7d3e3464a2fea5d4ef86d72ef3fb7c89b6cc5e

  • SSDEEP

    12288:47cdIY0t2Imo15ZNJqemMV+TFnYmARlA:47GIY0t5mo1FJs/JnY

Score
10/10

Malware Config

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

  • Raccoon Stealer V1 payload 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe"
    1⤵
      PID:4196

    Network

    • flag-us
      DNS
      217.106.137.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      217.106.137.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      249.197.17.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      249.197.17.2.in-addr.arpa
      IN PTR
      Response
      249.197.17.2.in-addr.arpa
      IN PTR
      a2-17-197-249deploystaticakamaitechnologiescom
    • flag-us
      DNS
      telete.in
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      8.8.8.8:53
      Request
      telete.in
      IN A
      Response
      telete.in
      IN A
      185.53.177.54
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:57:52 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:57:57 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:02 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:07 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:12 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:18 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:23 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:28 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:33 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:38 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:43 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-us
      DNS
      54.177.53.185.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      54.177.53.185.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      104.219.191.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      104.219.191.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      50.23.12.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.23.12.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      56.126.166.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      56.126.166.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      121.118.77.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      121.118.77.104.in-addr.arpa
      IN PTR
      Response
      121.118.77.104.in-addr.arpa
      IN PTR
      a104-77-118-121deploystaticakamaitechnologiescom
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:48 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:53 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:58:58 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:03 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:08 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:13 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:19 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:24 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:29 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:34 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:39 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:44 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:49 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:54 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 00:59:59 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 01:00:04 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 01:00:09 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 01:00:14 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-de
      GET
      https://telete.in/jdiamond13
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      Remote address:
      185.53.177.54:443
      Request
      GET /jdiamond13 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Content-Type: text/plain; charset=UTF-8
      Host: telete.in
      Response
      HTTP/1.1 410 Gone
      Date: Fri, 12 Apr 2024 01:00:19 GMT
      Content-Length: 10
      Content-Type: text/plain; charset=utf-8
    • flag-us
      DNS
      172.210.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.210.232.199.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      43.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      43.229.111.52.in-addr.arpa
      IN PTR
      Response
    • 185.53.177.54:443
      https://telete.in/jdiamond13
      tls, http
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      3.9kB
      6.6kB
      31
      22

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410
    • 185.53.177.54:443
      https://telete.in/jdiamond13
      tls, http
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      6.0kB
      8.2kB
      44
      27

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410

      HTTP Request

      GET https://telete.in/jdiamond13

      HTTP Response

      410
    • 8.8.8.8:53
      217.106.137.52.in-addr.arpa
      dns
      73 B
      147 B
      1
      1

      DNS Request

      217.106.137.52.in-addr.arpa

    • 8.8.8.8:53
      249.197.17.2.in-addr.arpa
      dns
      71 B
      135 B
      1
      1

      DNS Request

      249.197.17.2.in-addr.arpa

    • 8.8.8.8:53
      telete.in
      dns
      eec17d7948e06d67503dea34259145f2_JaffaCakes118.exe
      55 B
      71 B
      1
      1

      DNS Request

      telete.in

      DNS Response

      185.53.177.54

    • 8.8.8.8:53
      54.177.53.185.in-addr.arpa
      dns
      72 B
      150 B
      1
      1

      DNS Request

      54.177.53.185.in-addr.arpa

    • 8.8.8.8:53
      104.219.191.52.in-addr.arpa
      dns
      73 B
      147 B
      1
      1

      DNS Request

      104.219.191.52.in-addr.arpa

    • 8.8.8.8:53
      50.23.12.20.in-addr.arpa
      dns
      70 B
      156 B
      1
      1

      DNS Request

      50.23.12.20.in-addr.arpa

    • 8.8.8.8:53
      56.126.166.20.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      56.126.166.20.in-addr.arpa

    • 8.8.8.8:53
      121.118.77.104.in-addr.arpa
      dns
      73 B
      139 B
      1
      1

      DNS Request

      121.118.77.104.in-addr.arpa

    • 8.8.8.8:53
      172.210.232.199.in-addr.arpa
      dns
      74 B
      128 B
      1
      1

      DNS Request

      172.210.232.199.in-addr.arpa

    • 8.8.8.8:53
      43.229.111.52.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      43.229.111.52.in-addr.arpa

    • 8.8.8.8:53

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4196-1-0x0000000002FE0000-0x00000000030E0000-memory.dmp

      Filesize

      1024KB

    • memory/4196-2-0x0000000004A80000-0x0000000004B13000-memory.dmp

      Filesize

      588KB

    • memory/4196-3-0x0000000000400000-0x0000000002CAC000-memory.dmp

      Filesize

      40.7MB

    • memory/4196-6-0x0000000004A80000-0x0000000004B13000-memory.dmp

      Filesize

      588KB

    • memory/4196-7-0x0000000002FE0000-0x00000000030E0000-memory.dmp

      Filesize

      1024KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.