Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

0d9d5b89be...18.exe

windows7-x64

7

0d9d5b89be...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

cjzg.exe

windows7-x64

1

cjzg.exe

windows10-2004-x64

1

config.dll

windows7-x64

5

config.dll

windows10-2004-x64

5

iconAnimate.exe

windows7-x64

1

iconAnimate.exe

windows10-2004-x64

1

iconTips.exe

windows7-x64

1

iconTips.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    94s
  • max time network
    101s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/05/2024, 05:22 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/KillProcDLL.dll

  • Size

    4KB

  • MD5

    99f345cf51b6c3c317d20a81acb11012

  • SHA1

    b3d0355f527c536ea14a8ff51741c8739d66f727

  • SHA256

    c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93

  • SHA512

    937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\KillProcDLL.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4924
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\KillProcDLL.dll,#1
      2⤵
        PID:2492
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 2492 -s 600
          3⤵
          • Program crash
          PID:4868
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 2492 -ip 2492
      1⤵
        PID:924

      Network

      • flag-us
        DNS
        g.bing.com
        Remote address:
        8.8.8.8:53
        Request
        g.bing.com
        IN A
        Response
        g.bing.com
        IN CNAME
        g-bing-com.dual-a-0034.a-msedge.net
        g-bing-com.dual-a-0034.a-msedge.net
        IN CNAME
        dual-a-0034.a-msedge.net
        dual-a-0034.a-msedge.net
        IN A
        204.79.197.237
        dual-a-0034.a-msedge.net
        IN A
        13.107.21.237
      • flag-us
        GET
        https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8fxb-CZYm_AEjwOb6szeb_zVUCUyO2Iw7FBJyWU1R8pnXK1yvcFhffEllyvAEEuXW7rpa-7sxXBzRBUHIn_poem2iIs4jqLYogsOzorovUvDiCh-5p-q094iXq5UcI2SjrDCPeuFe1pfpxuzQrsaUPNHFpXDN3hWWoaaBvr_nl_oeOxkR%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D59d35bb60fdb1914f0093d9da82d3931&TIME=20240426T131149Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E
        Remote address:
        204.79.197.237:443
        Request
        GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8fxb-CZYm_AEjwOb6szeb_zVUCUyO2Iw7FBJyWU1R8pnXK1yvcFhffEllyvAEEuXW7rpa-7sxXBzRBUHIn_poem2iIs4jqLYogsOzorovUvDiCh-5p-q094iXq5UcI2SjrDCPeuFe1pfpxuzQrsaUPNHFpXDN3hWWoaaBvr_nl_oeOxkR%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D59d35bb60fdb1914f0093d9da82d3931&TIME=20240426T131149Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E HTTP/2.0
        host: g.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        Response
        HTTP/2.0 204
        cache-control: no-cache, must-revalidate
        pragma: no-cache
        expires: Fri, 01 Jan 1990 00:00:00 GMT
        set-cookie: MUID=080CD1026E5A630F0533C5716FE162BE; domain=.bing.com; expires=Tue, 27-May-2025 05:22:26 GMT; path=/; SameSite=None; Secure; Priority=High;
        strict-transport-security: max-age=31536000; includeSubDomains; preload
        access-control-allow-origin: *
        x-cache: CONFIG_NOCACHE
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 7CB050DF5EBD48DE876D17EF83D136EC Ref B: LON04EDGE0820 Ref C: 2024-05-02T05:22:26Z
        date: Thu, 02 May 2024 05:22:26 GMT
      • flag-us
        GET
        https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8fxb-CZYm_AEjwOb6szeb_zVUCUyO2Iw7FBJyWU1R8pnXK1yvcFhffEllyvAEEuXW7rpa-7sxXBzRBUHIn_poem2iIs4jqLYogsOzorovUvDiCh-5p-q094iXq5UcI2SjrDCPeuFe1pfpxuzQrsaUPNHFpXDN3hWWoaaBvr_nl_oeOxkR%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D59d35bb60fdb1914f0093d9da82d3931&TIME=20240426T131149Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E
        Remote address:
        204.79.197.237:443
        Request
        GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8fxb-CZYm_AEjwOb6szeb_zVUCUyO2Iw7FBJyWU1R8pnXK1yvcFhffEllyvAEEuXW7rpa-7sxXBzRBUHIn_poem2iIs4jqLYogsOzorovUvDiCh-5p-q094iXq5UcI2SjrDCPeuFe1pfpxuzQrsaUPNHFpXDN3hWWoaaBvr_nl_oeOxkR%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D59d35bb60fdb1914f0093d9da82d3931&TIME=20240426T131149Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E HTTP/2.0
        host: g.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        cookie: MUID=080CD1026E5A630F0533C5716FE162BE; _EDGE_S=SID=0D569325727460F3251687567323616F
        Response
        HTTP/2.0 204
        cache-control: no-cache, must-revalidate
        pragma: no-cache
        expires: Fri, 01 Jan 1990 00:00:00 GMT
        set-cookie: MSPTC=Q526N7uCG7LLZrt0__Dmoy7RbUUDT7irkSSlppp8Iu8; domain=.bing.com; expires=Tue, 27-May-2025 05:22:27 GMT; path=/; Partitioned; secure; SameSite=None
        strict-transport-security: max-age=31536000; includeSubDomains; preload
        access-control-allow-origin: *
        x-cache: CONFIG_NOCACHE
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 4A0B96E5734147499E25736A6184A1E2 Ref B: LON04EDGE0820 Ref C: 2024-05-02T05:22:27Z
        date: Thu, 02 May 2024 05:22:26 GMT
      • flag-nl
        GET
        https://www.bing.com/aes/c.gif?RG=4fd29284991840ffac98167860493b54&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T131149Z&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893
        Remote address:
        23.62.61.194:443
        Request
        GET /aes/c.gif?RG=4fd29284991840ffac98167860493b54&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T131149Z&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893 HTTP/2.0
        host: www.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        cookie: MUID=080CD1026E5A630F0533C5716FE162BE
        Response
        HTTP/2.0 200
        cache-control: private,no-store
        pragma: no-cache
        vary: Origin
        p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: C588A4A08767415BB8BD68E86C2F8E26 Ref B: AMS04EDGE1218 Ref C: 2024-05-02T05:22:27Z
        content-length: 0
        date: Thu, 02 May 2024 05:22:27 GMT
        set-cookie: _EDGE_S=SID=0D569325727460F3251687567323616F; path=/; httponly; domain=bing.com
        set-cookie: MUIDB=080CD1026E5A630F0533C5716FE162BE; path=/; httponly; expires=Tue, 27-May-2025 05:22:27 GMT
        alt-svc: h3=":443"; ma=93600
        x-cdn-traceid: 0.be3d3e17.1714627347.dfad7d6
      • flag-us
        DNS
        237.197.79.204.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        237.197.79.204.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        79.190.18.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        79.190.18.2.in-addr.arpa
        IN PTR
        Response
        79.190.18.2.in-addr.arpa
        IN PTR
        a2-18-190-79deploystaticakamaitechnologiescom
      • flag-us
        DNS
        95.221.229.192.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.221.229.192.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        194.61.62.23.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        194.61.62.23.in-addr.arpa
        IN PTR
        Response
        194.61.62.23.in-addr.arpa
        IN PTR
        a23-62-61-194deploystaticakamaitechnologiescom
      • flag-nl
        GET
        https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
        Remote address:
        23.62.61.194:443
        Request
        GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
        host: www.bing.com
        accept: */*
        cookie: MUID=080CD1026E5A630F0533C5716FE162BE; _EDGE_S=SID=0D569325727460F3251687567323616F; MSPTC=Q526N7uCG7LLZrt0__Dmoy7RbUUDT7irkSSlppp8Iu8; MUIDB=080CD1026E5A630F0533C5716FE162BE
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-type: image/png
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        content-length: 1107
        date: Thu, 02 May 2024 05:22:28 GMT
        alt-svc: h3=":443"; ma=93600
        x-cdn-traceid: 0.be3d3e17.1714627348.dfadbce
      • flag-us
        DNS
        76.32.126.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        76.32.126.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        43.58.199.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        43.58.199.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        103.169.127.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        103.169.127.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        15.164.165.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        15.164.165.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        142.53.16.96.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        142.53.16.96.in-addr.arpa
        IN PTR
        Response
        142.53.16.96.in-addr.arpa
        IN PTR
        a96-16-53-142deploystaticakamaitechnologiescom
      • flag-us
        DNS
        240.221.184.93.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        240.221.184.93.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        14.227.111.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        14.227.111.52.in-addr.arpa
        IN PTR
        Response
      • 204.79.197.237:443
        https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8fxb-CZYm_AEjwOb6szeb_zVUCUyO2Iw7FBJyWU1R8pnXK1yvcFhffEllyvAEEuXW7rpa-7sxXBzRBUHIn_poem2iIs4jqLYogsOzorovUvDiCh-5p-q094iXq5UcI2SjrDCPeuFe1pfpxuzQrsaUPNHFpXDN3hWWoaaBvr_nl_oeOxkR%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D59d35bb60fdb1914f0093d9da82d3931&TIME=20240426T131149Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E
        tls, http2
        2.5kB
         9.0kB
         19
        17

        HTTP Request

        GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8fxb-CZYm_AEjwOb6szeb_zVUCUyO2Iw7FBJyWU1R8pnXK1yvcFhffEllyvAEEuXW7rpa-7sxXBzRBUHIn_poem2iIs4jqLYogsOzorovUvDiCh-5p-q094iXq5UcI2SjrDCPeuFe1pfpxuzQrsaUPNHFpXDN3hWWoaaBvr_nl_oeOxkR%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D59d35bb60fdb1914f0093d9da82d3931&TIME=20240426T131149Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E

        HTTP Response

        204

        HTTP Request

        GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8fxb-CZYm_AEjwOb6szeb_zVUCUyO2Iw7FBJyWU1R8pnXK1yvcFhffEllyvAEEuXW7rpa-7sxXBzRBUHIn_poem2iIs4jqLYogsOzorovUvDiCh-5p-q094iXq5UcI2SjrDCPeuFe1pfpxuzQrsaUPNHFpXDN3hWWoaaBvr_nl_oeOxkR%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D59d35bb60fdb1914f0093d9da82d3931&TIME=20240426T131149Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E

        HTTP Response

        204
      • 23.62.61.194:443
        https://www.bing.com/aes/c.gif?RG=4fd29284991840ffac98167860493b54&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T131149Z&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893
        tls, http2
        1.5kB
         5.4kB
         17
        13

        HTTP Request

        GET https://www.bing.com/aes/c.gif?RG=4fd29284991840ffac98167860493b54&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T131149Z&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893

        HTTP Response

        200
      • 23.62.61.194:443
        https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
        tls, http2
        1.7kB
         6.4kB
         18
        13

        HTTP Request

        GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

        HTTP Response

        200
      • 52.111.227.11:443
        322 B
         7
      • 8.8.8.8:53
        g.bing.com
        dns
        56 B
         151 B
         1
        1

        DNS Request

        g.bing.com

        DNS Response

        204.79.197.237
        13.107.21.237

      • 8.8.8.8:53
        237.197.79.204.in-addr.arpa
        dns
        73 B
         143 B
         1
        1

        DNS Request

        237.197.79.204.in-addr.arpa

      • 8.8.8.8:53
        79.190.18.2.in-addr.arpa
        dns
        70 B
         133 B
         1
        1

        DNS Request

        79.190.18.2.in-addr.arpa

      • 8.8.8.8:53
        95.221.229.192.in-addr.arpa
        dns
        73 B
         144 B
         1
        1

        DNS Request

        95.221.229.192.in-addr.arpa

      • 8.8.8.8:53
        194.61.62.23.in-addr.arpa
        dns
        71 B
         135 B
         1
        1

        DNS Request

        194.61.62.23.in-addr.arpa

      • 8.8.8.8:53
        76.32.126.40.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        76.32.126.40.in-addr.arpa

      • 8.8.8.8:53
        43.58.199.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        43.58.199.20.in-addr.arpa

      • 8.8.8.8:53
        103.169.127.40.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        103.169.127.40.in-addr.arpa

      • 8.8.8.8:53
        15.164.165.52.in-addr.arpa
        dns
        72 B
         146 B
         1
        1

        DNS Request

        15.164.165.52.in-addr.arpa

      • 8.8.8.8:53
        142.53.16.96.in-addr.arpa
        dns
        71 B
         135 B
         1
        1

        DNS Request

        142.53.16.96.in-addr.arpa

      • 8.8.8.8:53
        240.221.184.93.in-addr.arpa
        dns
        73 B
         144 B
         1
        1

        DNS Request

        240.221.184.93.in-addr.arpa

      • 8.8.8.8:53
        14.227.111.52.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        14.227.111.52.in-addr.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2492-0-0x0000000010000000-0x0000000010003000-memory.dmp

        Filesize

        12KB

        Download

      • memory/2492-1-0x0000000010000000-0x0000000010003000-memory.dmp

        Filesize

        12KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.