Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

VirtualXP.iso

windows10-2004-x64

6

out.iso

windows10-2004-x64

1

I386/SYSTE...EFAULT

windows10-2004-x64

1

I386/SYSTE...IG/SAM

windows10-2004-x64

1

I386/SYSTE...CURITY

windows10-2004-x64

1

I386/SYSTE...FTWARE

windows10-2004-x64

1

I386/SYSTE...SS.sys

windows10-2004-x64

1

I386/SYSTE...PE.nls

windows10-2004-x64

3

I386/SYSTE...37.cab

windows10-2004-x64

1

I386/SYSTE...00.cab

windows10-2004-x64

1

I386/SYSTE...79.cab

windows10-2004-x64

1

I386/SYSTE...52.cab

windows10-2004-x64

1

I386/SYSTE...27.cab

windows10-2004-x64

1

I386/SYSTE...91.cab

windows10-2004-x64

1

I386/SYSTE...05.cab

windows10-2004-x64

1

I386/SYSTE...SK.dll

windows10-2004-x64

1

I386/SYSTE...DP.dll

windows10-2004-x64

7

I386/SYSTE...ON.dll

windows10-2004-x64

7

I386/SYSTE...RF.dll

windows10-2004-x64

7

I386/SYSTE...PY.dll

windows10-2004-x64

7

I386/SYSTE...PI.dll

windows10-2004-x64

7

I386/SYSTE...PI.sys

windows10-2004-x64

1

I386/SYSTE...XG.sys

windows10-2004-x64

1

I386/SYSTE...HK.sys

windows10-2004-x64

1

I386/SYSTE...EC.sys

windows10-2004-x64

1

I386/SYSTE...SB.sys

windows10-2004-x64

1

I386/SYSTE...DD.dll

windows10-2004-x64

1

I386/SYSTE...CD.sys

windows10-2004-x64

1

I386/SYSTE...DD.sys

windows10-2004-x64

1

I386/SYSTE...SS.sys

windows10-2004-x64

1

I386/SYSTE...DI.sys

windows10-2004-x64

1

I386/SYSTE...FS.sys

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/04/2024, 18:54 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    I386/SYSTEM32/DRIVERS/TDI.sys

  • Size

    18KB

  • MD5

    6891b74ab9a016064e82a419388d0601

  • SHA1

    3283f39bc29628605bc7921948b36043a225ca0d

  • SHA256

    eb4c813d551d73ada539946ab1bdf2d1dabf8ee27bd8e94a0daca75cc117e6c1

  • SHA512

    0e6fc7a0213640a07e1169e2d91ce2ba1862945508c2ebac2004a23e39a31c4b5b5ace379abd967892833ef6d19f3c2ccb9e2165ca8c4dfc40188b4fdfa42845

  • SSDEEP

    384:Epyk6DTuAtcekL2oQz4NQXza5AMqCVEaTW+8YIwW:EpyRTugcjCoO4NQXGCMrVeY

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\I386\SYSTEM32\DRIVERS\TDI.sys
    1⤵
      PID:4796
      • C:\Users\Admin\AppData\Local\Temp\I386\SYSTEM32\DRIVERS\TDI.sys
        C:\Users\Admin\AppData\Local\Temp\I386\SYSTEM32\DRIVERS\TDI.sys
        2⤵
          PID:2076

      Network

      • flag-us
        DNS
        g.bing.com
        Remote address:
        8.8.8.8:53
        Request
        g.bing.com
        IN A
        Response
        g.bing.com
        IN CNAME
        g-bing-com.dual-a-0034.a-msedge.net
        g-bing-com.dual-a-0034.a-msedge.net
        IN CNAME
        dual-a-0034.a-msedge.net
        dual-a-0034.a-msedge.net
        IN A
        204.79.197.237
        dual-a-0034.a-msedge.net
        IN A
        13.107.21.237
      • flag-us
        GET
        https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TMgecry_0hjpDPCi_fed0DVUCUwMV1A-qhAOyRNjopJNk6uos2WKDo0Clqxv6YfkS8ESW-Xai3k4oYjCIhoceclAYoCHQbrFA5euelxTbeA2Ic5X2Uu6dRONbCIPyS60APCTioqXXEf4ZAyJ7peFV9euhPdf061TfGTmm8yn50bAGAF9%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D19b1b5cb59ee1358b359d3e0ff2d17d4&TIME=20240426T130642Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:ADDDFB3E-F7AA-0DA8-A496-4D397794E5DF&deviceId=6896200621815266&muid=ADDDFB3EF7AA0DA8A4964D397794E5DF
        Remote address:
        204.79.197.237:443
        Request
        GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TMgecry_0hjpDPCi_fed0DVUCUwMV1A-qhAOyRNjopJNk6uos2WKDo0Clqxv6YfkS8ESW-Xai3k4oYjCIhoceclAYoCHQbrFA5euelxTbeA2Ic5X2Uu6dRONbCIPyS60APCTioqXXEf4ZAyJ7peFV9euhPdf061TfGTmm8yn50bAGAF9%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D19b1b5cb59ee1358b359d3e0ff2d17d4&TIME=20240426T130642Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:ADDDFB3E-F7AA-0DA8-A496-4D397794E5DF&deviceId=6896200621815266&muid=ADDDFB3EF7AA0DA8A4964D397794E5DF HTTP/2.0
        host: g.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        Response
        HTTP/2.0 204
        cache-control: no-cache, must-revalidate
        pragma: no-cache
        expires: Fri, 01 Jan 1990 00:00:00 GMT
        set-cookie: MUID=1C74E6E13AE66BAD2ED5F28F3B066A6B; domain=.bing.com; expires=Thu, 22-May-2025 18:55:58 GMT; path=/; SameSite=None; Secure; Priority=High;
        strict-transport-security: max-age=31536000; includeSubDomains; preload
        access-control-allow-origin: *
        x-cache: CONFIG_NOCACHE
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 9D19325186054A67BAB1D1668994ED01 Ref B: LON04EDGE1212 Ref C: 2024-04-27T18:55:58Z
        date: Sat, 27 Apr 2024 18:55:58 GMT
      • flag-us
        GET
        https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TMgecry_0hjpDPCi_fed0DVUCUwMV1A-qhAOyRNjopJNk6uos2WKDo0Clqxv6YfkS8ESW-Xai3k4oYjCIhoceclAYoCHQbrFA5euelxTbeA2Ic5X2Uu6dRONbCIPyS60APCTioqXXEf4ZAyJ7peFV9euhPdf061TfGTmm8yn50bAGAF9%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D19b1b5cb59ee1358b359d3e0ff2d17d4&TIME=20240426T130642Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:ADDDFB3E-F7AA-0DA8-A496-4D397794E5DF&deviceId=6896200621815266&muid=ADDDFB3EF7AA0DA8A4964D397794E5DF
        Remote address:
        204.79.197.237:443
        Request
        GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TMgecry_0hjpDPCi_fed0DVUCUwMV1A-qhAOyRNjopJNk6uos2WKDo0Clqxv6YfkS8ESW-Xai3k4oYjCIhoceclAYoCHQbrFA5euelxTbeA2Ic5X2Uu6dRONbCIPyS60APCTioqXXEf4ZAyJ7peFV9euhPdf061TfGTmm8yn50bAGAF9%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D19b1b5cb59ee1358b359d3e0ff2d17d4&TIME=20240426T130642Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:ADDDFB3E-F7AA-0DA8-A496-4D397794E5DF&deviceId=6896200621815266&muid=ADDDFB3EF7AA0DA8A4964D397794E5DF HTTP/2.0
        host: g.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        cookie: MUID=1C74E6E13AE66BAD2ED5F28F3B066A6B; _EDGE_S=SID=106C6E5CD711610D1ADF7A32D6BB608A
        Response
        HTTP/2.0 204
        cache-control: no-cache, must-revalidate
        pragma: no-cache
        expires: Fri, 01 Jan 1990 00:00:00 GMT
        set-cookie: MSPTC=Y4YhVaIpuaKAYl_WiJjDrBG9gK3GdvAvjpJz-3BoFYU; domain=.bing.com; expires=Thu, 22-May-2025 18:55:59 GMT; path=/; Partitioned; secure; SameSite=None
        strict-transport-security: max-age=31536000; includeSubDomains; preload
        access-control-allow-origin: *
        x-cache: CONFIG_NOCACHE
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 536CB6BA951A41399F106C184AD3E1C1 Ref B: LON04EDGE1212 Ref C: 2024-04-27T18:55:59Z
        date: Sat, 27 Apr 2024 18:55:58 GMT
      • flag-us
        DNS
        8.8.8.8.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        8.8.8.8.in-addr.arpa
        IN PTR
        Response
        8.8.8.8.in-addr.arpa
        IN PTR
        dnsgoogle
      • flag-us
        DNS
        237.197.79.204.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        237.197.79.204.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        99.58.20.217.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        99.58.20.217.in-addr.arpa
        IN PTR
        Response
      • flag-nl
        GET
        https://www.bing.com/aes/c.gif?RG=b2f67e4e6dd147acbead8f1cbe0f6193&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T130642Z&adUnitId=11730597&localId=w:ADDDFB3E-F7AA-0DA8-A496-4D397794E5DF&deviceId=6896200621815266
        Remote address:
        23.62.61.97:443
        Request
        GET /aes/c.gif?RG=b2f67e4e6dd147acbead8f1cbe0f6193&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T130642Z&adUnitId=11730597&localId=w:ADDDFB3E-F7AA-0DA8-A496-4D397794E5DF&deviceId=6896200621815266 HTTP/2.0
        host: www.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        cookie: MUID=1C74E6E13AE66BAD2ED5F28F3B066A6B
        Response
        HTTP/2.0 200
        cache-control: private,no-store
        pragma: no-cache
        vary: Origin
        p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 9F3840A240F34577A26D909AAED1CA97 Ref B: DUS30EDGE0708 Ref C: 2024-04-27T18:55:59Z
        content-length: 0
        date: Sat, 27 Apr 2024 18:55:59 GMT
        set-cookie: _EDGE_S=SID=106C6E5CD711610D1ADF7A32D6BB608A; path=/; httponly; domain=bing.com
        set-cookie: MUIDB=1C74E6E13AE66BAD2ED5F28F3B066A6B; path=/; httponly; expires=Thu, 22-May-2025 18:55:59 GMT
        alt-svc: h3=":443"; ma=93600
        x-cdn-traceid: 0.5d3d3e17.1714244159.152f0deb
      • flag-us
        DNS
        134.32.126.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        134.32.126.40.in-addr.arpa
        IN PTR
        Response
      • flag-nl
        GET
        https://www.bing.com/th?id=OADD2.10239355179391_1LFCMSFC5TYGHD1FP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
        Remote address:
        23.62.61.97:443
        Request
        GET /th?id=OADD2.10239355179391_1LFCMSFC5TYGHD1FP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
        host: www.bing.com
        accept: */*
        cookie: MUID=1C74E6E13AE66BAD2ED5F28F3B066A6B; _EDGE_S=SID=106C6E5CD711610D1ADF7A32D6BB608A; MSPTC=Y4YhVaIpuaKAYl_WiJjDrBG9gK3GdvAvjpJz-3BoFYU; MUIDB=1C74E6E13AE66BAD2ED5F28F3B066A6B
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-type: image/png
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        content-length: 1463
        date: Sat, 27 Apr 2024 18:55:59 GMT
        alt-svc: h3=":443"; ma=93600
        x-cdn-traceid: 0.5d3d3e17.1714244159.152f10bc
      • flag-us
        DNS
        97.61.62.23.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        97.61.62.23.in-addr.arpa
        IN PTR
        Response
        97.61.62.23.in-addr.arpa
        IN PTR
        a23-62-61-97deploystaticakamaitechnologiescom
      • flag-us
        DNS
        86.23.85.13.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        86.23.85.13.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        198.187.3.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        198.187.3.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        32.251.17.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        32.251.17.2.in-addr.arpa
        IN PTR
        Response
        32.251.17.2.in-addr.arpa
        IN PTR
        a2-17-251-32deploystaticakamaitechnologiescom
      • flag-us
        DNS
        134.190.18.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        134.190.18.2.in-addr.arpa
        IN PTR
        Response
        134.190.18.2.in-addr.arpa
        IN PTR
        a2-18-190-134deploystaticakamaitechnologiescom
      • flag-us
        DNS
        133.190.18.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        133.190.18.2.in-addr.arpa
        IN PTR
        Response
        133.190.18.2.in-addr.arpa
        IN PTR
        a2-18-190-133deploystaticakamaitechnologiescom
      • flag-us
        DNS
        6.173.189.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        6.173.189.20.in-addr.arpa
        IN PTR
        Response
      • 204.79.197.237:443
        https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TMgecry_0hjpDPCi_fed0DVUCUwMV1A-qhAOyRNjopJNk6uos2WKDo0Clqxv6YfkS8ESW-Xai3k4oYjCIhoceclAYoCHQbrFA5euelxTbeA2Ic5X2Uu6dRONbCIPyS60APCTioqXXEf4ZAyJ7peFV9euhPdf061TfGTmm8yn50bAGAF9%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D19b1b5cb59ee1358b359d3e0ff2d17d4&TIME=20240426T130642Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:ADDDFB3E-F7AA-0DA8-A496-4D397794E5DF&deviceId=6896200621815266&muid=ADDDFB3EF7AA0DA8A4964D397794E5DF
        tls, http2
        2.5kB
         9.0kB
         19
        17

        HTTP Request

        GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TMgecry_0hjpDPCi_fed0DVUCUwMV1A-qhAOyRNjopJNk6uos2WKDo0Clqxv6YfkS8ESW-Xai3k4oYjCIhoceclAYoCHQbrFA5euelxTbeA2Ic5X2Uu6dRONbCIPyS60APCTioqXXEf4ZAyJ7peFV9euhPdf061TfGTmm8yn50bAGAF9%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D19b1b5cb59ee1358b359d3e0ff2d17d4&TIME=20240426T130642Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:ADDDFB3E-F7AA-0DA8-A496-4D397794E5DF&deviceId=6896200621815266&muid=ADDDFB3EF7AA0DA8A4964D397794E5DF

        HTTP Response

        204

        HTTP Request

        GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TMgecry_0hjpDPCi_fed0DVUCUwMV1A-qhAOyRNjopJNk6uos2WKDo0Clqxv6YfkS8ESW-Xai3k4oYjCIhoceclAYoCHQbrFA5euelxTbeA2Ic5X2Uu6dRONbCIPyS60APCTioqXXEf4ZAyJ7peFV9euhPdf061TfGTmm8yn50bAGAF9%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D19b1b5cb59ee1358b359d3e0ff2d17d4&TIME=20240426T130642Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:ADDDFB3E-F7AA-0DA8-A496-4D397794E5DF&deviceId=6896200621815266&muid=ADDDFB3EF7AA0DA8A4964D397794E5DF

        HTTP Response

        204
      • 23.62.61.97:443
        https://www.bing.com/aes/c.gif?RG=b2f67e4e6dd147acbead8f1cbe0f6193&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T130642Z&adUnitId=11730597&localId=w:ADDDFB3E-F7AA-0DA8-A496-4D397794E5DF&deviceId=6896200621815266
        tls, http2
        1.5kB
         5.4kB
         17
        12

        HTTP Request

        GET https://www.bing.com/aes/c.gif?RG=b2f67e4e6dd147acbead8f1cbe0f6193&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T130642Z&adUnitId=11730597&localId=w:ADDDFB3E-F7AA-0DA8-A496-4D397794E5DF&deviceId=6896200621815266

        HTTP Response

        200
      • 23.62.61.97:443
        https://www.bing.com/th?id=OADD2.10239355179391_1LFCMSFC5TYGHD1FP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
        tls, http2
        1.7kB
         6.8kB
         18
        14

        HTTP Request

        GET https://www.bing.com/th?id=OADD2.10239355179391_1LFCMSFC5TYGHD1FP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

        HTTP Response

        200
      • 8.8.8.8:53
        g.bing.com
        dns
        56 B
         151 B
         1
        1

        DNS Request

        g.bing.com

        DNS Response

        204.79.197.237
        13.107.21.237

      • 8.8.8.8:53
        8.8.8.8.in-addr.arpa
        dns
        66 B
         90 B
         1
        1

        DNS Request

        8.8.8.8.in-addr.arpa

      • 8.8.8.8:53
        237.197.79.204.in-addr.arpa
        dns
        73 B
         143 B
         1
        1

        DNS Request

        237.197.79.204.in-addr.arpa

      • 8.8.8.8:53
        99.58.20.217.in-addr.arpa
        dns
        71 B
         131 B
         1
        1

        DNS Request

        99.58.20.217.in-addr.arpa

      • 8.8.8.8:53
        134.32.126.40.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        134.32.126.40.in-addr.arpa

      • 8.8.8.8:53
        97.61.62.23.in-addr.arpa
        dns
        70 B
         133 B
         1
        1

        DNS Request

        97.61.62.23.in-addr.arpa

      • 8.8.8.8:53
        86.23.85.13.in-addr.arpa
        dns
        70 B
         144 B
         1
        1

        DNS Request

        86.23.85.13.in-addr.arpa

      • 8.8.8.8:53
        198.187.3.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        198.187.3.20.in-addr.arpa

      • 8.8.8.8:53
        32.251.17.2.in-addr.arpa
        dns
        70 B
         133 B
         1
        1

        DNS Request

        32.251.17.2.in-addr.arpa

      • 8.8.8.8:53
        134.190.18.2.in-addr.arpa
        dns
        71 B
         135 B
         1
        1

        DNS Request

        134.190.18.2.in-addr.arpa

      • 8.8.8.8:53
        133.190.18.2.in-addr.arpa
        dns
        71 B
         135 B
         1
        1

        DNS Request

        133.190.18.2.in-addr.arpa

      • 8.8.8.8:53
        6.173.189.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        6.173.189.20.in-addr.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2076-0-0x0000000000010000-0x0000000000014880-memory.dmp

        Filesize

        18KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.