80edb6ae39e5e9e6b5f342b6bc92ad3e818348240a247a86bbdc30c73efd7b69

Analysis

max time kernel
141s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
08/05/2024, 04:28 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

23321a75c3f4af8c3be25cee1cf4cff7_JaffaCakes118.html
Size

201KB
MD5

23321a75c3f4af8c3be25cee1cf4cff7
SHA1

ee5e9991c366c5e15a0fa72c84e124a05c6d9234
SHA256

80edb6ae39e5e9e6b5f342b6bc92ad3e818348240a247a86bbdc30c73efd7b69
SHA512

61cb18923526de65d21f9bac9456fac65e28dc65ff89991abfff9d6b9eacacb6f3a70d243fc52ac38c03a9e4dd996013dc1c77ae502ba4e0a9507f9954839108
SSDEEP

1536:kaqMtwbyJxzvxPCzHuTc/tDXssOs6vSAyop/2haHkvsGvM:dqVDXIFL

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\23321a75c3f4af8c3be25cee1cf4cff7_JaffaCakes118.html
1⤵
PID:2548

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=1348 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:1
1⤵
PID:4352

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5732 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:1
1⤵
PID:4584

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5716 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:8
1⤵
PID:1724

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=2000 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:1
1⤵
PID:704

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5496 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:1
1⤵
PID:2036

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5004 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:8
1⤵
PID:736

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5788 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:8
1⤵
PID:4564

Network

DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-3.uksouth.cloudapp.azure.com

prod-agic-us-3.uksouth.cloudapp.azure.com

IN A

172.165.61.93
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

159.113.53.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.113.53.23.in-addr.arpa

IN PTR

Response

159.113.53.23.in-addr.arpa

IN PTR

a23-53-113-159deploystaticakamaitechnologiescom
DNS

93.61.165.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

93.61.165.172.in-addr.arpa

IN PTR

Response
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

96.16.53.149

a416.dscd.akamai.net

IN A

96.16.53.156
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
DNS

razgovorchik.ru

Remote address:

8.8.8.8:53

Request

razgovorchik.ru

IN A

Response

razgovorchik.ru

IN A

31.31.205.163
DNS

razgovorchik.ru

Remote address:

8.8.8.8:53

Request

razgovorchik.ru

IN Unknown

Response
DNS

masterhost.ru

Remote address:

8.8.8.8:53

Request

masterhost.ru

IN A

Response

masterhost.ru

IN A

90.156.132.125
DNS

masterhost.ru

Remote address:

8.8.8.8:53

Request

masterhost.ru

IN Unknown

Response
GET

http://razgovorchik.ru/style_images/razgovorchik/menu/lb.gif

Remote address:

31.31.205.163:80

Request

GET /style_images/razgovorchik/menu/lb.gif HTTP/1.1
Host: razgovorchik.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html
Content-Length: 1468
Date: Wed, 08 May 2024 04:28:17 GMT
Server: lighttpd/1.4.45
GET

http://razgovorchik.ru/style_images/razgovorchik/menu/foto1.gif

Remote address:

31.31.205.163:80

Request

GET /style_images/razgovorchik/menu/foto1.gif HTTP/1.1
Host: razgovorchik.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html
Content-Length: 1468
Date: Wed, 08 May 2024 04:28:17 GMT
Server: lighttpd/1.4.45
GET

http://razgovorchik.ru/style_images/razgovorchik/menu/find.gif

Remote address:

31.31.205.163:80

Request

GET /style_images/razgovorchik/menu/find.gif HTTP/1.1
Host: razgovorchik.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html
Content-Length: 1468
Date: Wed, 08 May 2024 04:28:17 GMT
Server: lighttpd/1.4.45
GET

http://razgovorchik.ru/style_images/razgovorchik/menu/info.gif

Remote address:

31.31.205.163:80

Request

GET /style_images/razgovorchik/menu/info.gif HTTP/1.1
Host: razgovorchik.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html
Content-Length: 1468
Date: Wed, 08 May 2024 04:28:17 GMT
Server: lighttpd/1.4.45
GET

http://razgovorchik.ru/style_images/razgovorchik/menu/faq.gif

Remote address:

31.31.205.163:80

Request

GET /style_images/razgovorchik/menu/faq.gif HTTP/1.1
Host: razgovorchik.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html
Content-Length: 1468
Date: Wed, 08 May 2024 04:28:17 GMT
Server: lighttpd/1.4.45
GET

http://razgovorchik.ru/style_images/razgovorchik/menu/users.gif

Remote address:

31.31.205.163:80

Request

GET /style_images/razgovorchik/menu/users.gif HTTP/1.1
Host: razgovorchik.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html
Content-Length: 1468
Date: Wed, 08 May 2024 04:28:17 GMT
Server: lighttpd/1.4.45
GET

http://masterhost.ru/client/buttons/88x31/15.gif

Remote address:

90.156.132.125:80

Request

GET /client/buttons/88x31/15.gif HTTP/1.1
Host: masterhost.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: ddos-guard
Date: Wed, 08 May 2024 04:28:17 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://masterhost.ru/client/buttons/88x31/15.gif
Content-Type: text/html; charset=utf8
Content-Length: 568
DNS

bs.yandex.ru

Remote address:

8.8.8.8:53

Request

bs.yandex.ru

IN A

Response

bs.yandex.ru

IN A

213.180.193.90

bs.yandex.ru

IN A

87.250.250.90

bs.yandex.ru

IN A

93.158.134.90

bs.yandex.ru

IN A

77.88.21.90

bs.yandex.ru

IN A

213.180.204.90
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
GET

http://razgovorchik.ru/style_images/razgovorchik/menu/dn.gif

Remote address:

31.31.205.163:80

Request

GET /style_images/razgovorchik/menu/dn.gif HTTP/1.1
Host: razgovorchik.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html
Content-Length: 1468
Date: Wed, 08 May 2024 04:28:18 GMT
Server: lighttpd/1.4.45
DNS

masterhost.ru

Remote address:

8.8.8.8:53

Request

masterhost.ru

IN A

Response

masterhost.ru

IN A

90.156.132.125
DNS

masterhost.ru

Remote address:

8.8.8.8:53

Request

masterhost.ru

IN Unknown

Response
DNS

ads.serveuser.com

Remote address:

8.8.8.8:53

Request

ads.serveuser.com

IN A

Response

ads.serveuser.com

IN A

41.212.227.208
DNS

ads.serveuser.com

Remote address:

8.8.8.8:53

Request

ads.serveuser.com

IN Unknown

Response
DNS

ads.serveuser.com

Remote address:

8.8.8.8:53

Request

ads.serveuser.com

IN A

Response

ads.serveuser.com

IN A

41.212.227.208
DNS

181.97.55.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

181.97.55.23.in-addr.arpa

IN PTR

Response

181.97.55.23.in-addr.arpa

IN PTR

a23-55-97-181deploystaticakamaitechnologiescom
DNS

149.53.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.53.16.96.in-addr.arpa

IN PTR

Response

149.53.16.96.in-addr.arpa

IN PTR

a96-16-53-149deploystaticakamaitechnologiescom
DNS

163.205.31.31.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.205.31.31.in-addr.arpa

IN PTR

Response

163.205.31.31.in-addr.arpa

IN PTR

ns1 domainparkingintregru
DNS

125.132.156.90.in-addr.arpa

Remote address:

8.8.8.8:53

Request

125.132.156.90.in-addr.arpa

IN PTR

Response

125.132.156.90.in-addr.arpa

IN PTR

masterhostru
DNS

dd.cb.b0.a1.top.list.ru

Remote address:

8.8.8.8:53

Request

dd.cb.b0.a1.top.list.ru

IN A

Response

dd.cb.b0.a1.top.list.ru

IN CNAME

top-fwz1.mail.ru

top-fwz1.mail.ru

IN A

95.163.52.67
DNS

dd.cb.b0.a1.top.list.ru

Remote address:

8.8.8.8:53

Request

dd.cb.b0.a1.top.list.ru

IN Unknown

Response

dd.cb.b0.a1.top.list.ru

IN CNAME

top-fwz1.mail.ru
DNS

counter.yadro.ru

Remote address:

8.8.8.8:53

Request

counter.yadro.ru

IN A

Response

counter.yadro.ru

IN A

88.212.201.198

counter.yadro.ru

IN A

88.212.201.204

counter.yadro.ru

IN A

88.212.202.52
DNS

counter.yadro.ru

Remote address:

8.8.8.8:53

Request

counter.yadro.ru

IN Unknown

Response
GET

http://counter.yadro.ru/hit?t14.1;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/23321a75c3f4af8c3be25cee1cf4cff7_JaffaCakes118.html;0.4240286419057162

Remote address:

88.212.201.198:80

Request

GET /hit?t14.1;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/23321a75c3f4af8c3be25cee1cf4cff7_JaffaCakes118.html;0.4240286419057162 HTTP/1.1
Host: counter.yadro.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Wed, 08 May 2024 04:28:18 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t14.1;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/23321a75c3f4af8c3be25cee1cf4cff7_JaffaCakes118.html;0.4240286419057162
Content-Length: 32
Expires: Mon, 08 May 2023 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
GET

http://dd.cb.b0.a1.top.list.ru/counter?id=1097164;t=211;js=13;r=;j=false;s=1280*720;d=24;rand=0.7271286939509127

Remote address:

95.163.52.67:80

Request

GET /counter?id=1097164;t=211;js=13;r=;j=false;s=1280*720;d=24;rand=0.7271286939509127 HTTP/1.1
Host: dd.cb.b0.a1.top.list.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Server: nginx
Date: Wed, 08 May 2024 04:28:18 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://top-fwz1.mail.ru/counter?id=1097164;t=211;js=13;r=;j=false;s=1280*720;d=24;rand=0.7271286939509127;ver=30
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: private, no-cache, no-store, max-age=0
Pragma: no-cache
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
Accept-CH-Lifetime: 86400
DNS

top-fwz1.mail.ru

Remote address:

8.8.8.8:53

Request

top-fwz1.mail.ru

IN A

Response

top-fwz1.mail.ru

IN A

95.163.52.67
DNS

top-fwz1.mail.ru

Remote address:

8.8.8.8:53

Request

top-fwz1.mail.ru

IN Unknown

Response
DNS

counter.yadro.ru

Remote address:

8.8.8.8:53

Request

counter.yadro.ru

IN A

Response

counter.yadro.ru

IN A

88.212.202.52

counter.yadro.ru

IN A

88.212.201.204

counter.yadro.ru

IN A

88.212.201.198
DNS

counter.yadro.ru

Remote address:

8.8.8.8:53

Request

counter.yadro.ru

IN Unknown

Response
DNS

67.52.163.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.52.163.95.in-addr.arpa

IN PTR

Response

67.52.163.95.in-addr.arpa

IN PTR

top-fwz1mailru
DNS

198.201.212.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.201.212.88.in-addr.arpa

IN PTR

Response

198.201.212.88.in-addr.arpa

IN CNAME

198.192/26.201.212.88.in-addr.arpa

198.192/26.201.212.88.in-addr.arpa

IN PTR

host198raxru
DNS

14.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.180.250.142.in-addr.arpa

IN PTR

Response

14.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f141e100net
DNS

58.55.71.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

58.55.71.13.in-addr.arpa

IN PTR

Response
DNS

52.202.212.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

52.202.212.88.in-addr.arpa

IN PTR

Response

52.202.212.88.in-addr.arpa

IN CNAME

52.0/26.202.212.88.in-addr.arpa

52.0/26.202.212.88.in-addr.arpa

IN PTR

host152raxru
DNS

79.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.190.18.2.in-addr.arpa

IN PTR

Response

79.190.18.2.in-addr.arpa

IN PTR

a2-18-190-79deploystaticakamaitechnologiescom
DNS

bs.yandex.ru

Remote address:

8.8.8.8:53

Request

bs.yandex.ru

IN A

Response

bs.yandex.ru

IN A

213.180.193.90

bs.yandex.ru

IN A

77.88.21.90

bs.yandex.ru

IN A

93.158.134.90

bs.yandex.ru

IN A

87.250.250.90

bs.yandex.ru

IN A

213.180.204.90
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

23.53.113.225
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

72.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

72.32.126.40.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

nw-umwatson.events.data.microsoft.com

Remote address:

8.8.8.8:53

Request

nw-umwatson.events.data.microsoft.com

IN A

Response

nw-umwatson.events.data.microsoft.com

IN CNAME

blobcollector.events.data.trafficmanager.net

blobcollector.events.data.trafficmanager.net

IN CNAME

onedsblobprdwus17.westus.cloudapp.azure.com

onedsblobprdwus17.westus.cloudapp.azure.com

IN A

20.189.173.22
POST

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

Remote address:

20.189.173.22:443

Request

POST /Telemetry.Request HTTP/1.1
Connection: Keep-Alive
Content-Type: application/xml
User-Agent: Crashpad/0.8.0 WinHTTP/10.0.19041.1151 Windows_NT/10.0.19041.1202 (x64)
Content-Length: 3685
Host: nw-umwatson.events.data.microsoft.com

Response

HTTP/1.1 200 200 OK

Content-Length: 634
Content-Type: text/xml
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Date: Wed, 08 May 2024 04:28:38 GMT
DNS

22.173.189.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

22.173.189.20.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

103.169.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.169.127.40.in-addr.arpa

IN PTR

Response
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

mc.yandex.ru

Remote address:

8.8.8.8:53

Request

mc.yandex.ru

IN A

Response

mc.yandex.ru

IN A

87.250.251.119

mc.yandex.ru

IN A

93.158.134.119

mc.yandex.ru

IN A

77.88.21.119

mc.yandex.ru

IN A

87.250.250.119
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net
DNS

mc.yandex.ru

Remote address:

8.8.8.8:53

Request

mc.yandex.ru

IN A

Response

mc.yandex.ru

IN A

87.250.251.119

mc.yandex.ru

IN A

93.158.134.119

mc.yandex.ru

IN A

77.88.21.119

mc.yandex.ru

IN A

87.250.250.119
DNS

97.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.61.62.23.in-addr.arpa

IN PTR

Response

97.61.62.23.in-addr.arpa

IN PTR

a23-62-61-97deploystaticakamaitechnologiescom
DNS

77.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.190.18.2.in-addr.arpa

IN PTR

Response

77.190.18.2.in-addr.arpa

IN PTR

a2-18-190-77deploystaticakamaitechnologiescom
DNS

194.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.61.62.23.in-addr.arpa

IN PTR

Response

194.61.62.23.in-addr.arpa

IN PTR

a23-62-61-194deploystaticakamaitechnologiescom
DNS

168.117.168.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

168.117.168.52.in-addr.arpa

IN PTR

Response

13.107.6.158:443

business.bing.com

tls

2.0kB
9.8kB
17
22
172.165.61.93:443

nav-edge.smartscreen.microsoft.com

tls

12.6kB
14.0kB
36
36
23.55.97.181:443

www.microsoft.com

tls

2.8kB
22.8kB
26
36
96.16.53.149:443

bzib.nelreports.net

tls

2.5kB
6.0kB
12
15
31.31.205.163:80

http://razgovorchik.ru/style_images/razgovorchik/menu/lb.gif

http

716 B
1.8kB
7
5

HTTP Request

GET http://razgovorchik.ru/style_images/razgovorchik/menu/lb.gif

HTTP Response

404
31.31.205.163:80

http://razgovorchik.ru/style_images/razgovorchik/menu/foto1.gif

http

667 B
1.8kB
6
5

HTTP Request

GET http://razgovorchik.ru/style_images/razgovorchik/menu/foto1.gif

HTTP Response

404
31.31.205.163:80

http://razgovorchik.ru/style_images/razgovorchik/menu/find.gif

http

666 B
1.8kB
6
5

HTTP Request

GET http://razgovorchik.ru/style_images/razgovorchik/menu/find.gif

HTTP Response

404
31.31.205.163:80

http://razgovorchik.ru/style_images/razgovorchik/menu/info.gif

http

718 B
1.8kB
7
5

HTTP Request

GET http://razgovorchik.ru/style_images/razgovorchik/menu/info.gif

HTTP Response

404
31.31.205.163:80

http://razgovorchik.ru/style_images/razgovorchik/menu/faq.gif

http

665 B
1.8kB
6
5

HTTP Request

GET http://razgovorchik.ru/style_images/razgovorchik/menu/faq.gif

HTTP Response

404
31.31.205.163:80

http://razgovorchik.ru/style_images/razgovorchik/menu/users.gif

http

667 B
1.8kB
6
5

HTTP Request

GET http://razgovorchik.ru/style_images/razgovorchik/menu/users.gif

HTTP Response

404
90.156.132.125:80

http://masterhost.ru/client/buttons/88x31/15.gif

http

698 B
1.1kB
7
7

HTTP Request

GET http://masterhost.ru/client/buttons/88x31/15.gif

HTTP Response

301
31.31.205.163:80

http://razgovorchik.ru/style_images/razgovorchik/menu/dn.gif

http

664 B
1.8kB
6
5

HTTP Request

GET http://razgovorchik.ru/style_images/razgovorchik/menu/dn.gif

HTTP Response

404
213.180.193.90:445

bs.yandex.ru

260 B
5
90.156.132.125:443

masterhost.ru

tls

1.8kB
8.8kB
18
24
41.212.227.208:80

ads.serveuser.com

260 B
5
41.212.227.208:80

ads.serveuser.com

260 B
5
88.212.201.198:80

http://counter.yadro.ru/hit?t14.1;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/23321a75c3f4af8c3be25cee1cf4cff7_JaffaCakes118.html;0.4240286419057162

http

770 B
599 B
6
4

HTTP Request

GET http://counter.yadro.ru/hit?t14.1;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/23321a75c3f4af8c3be25cee1cf4cff7_JaffaCakes118.html;0.4240286419057162

HTTP Response

302
95.163.52.67:80

http://dd.cb.b0.a1.top.list.ru/counter?id=1097164;t=211;js=13;r=;j=false;s=1280*720;d=24;rand=0.7271286939509127

http

762 B
1.2kB
7
6

HTTP Request

GET http://dd.cb.b0.a1.top.list.ru/counter?id=1097164;t=211;js=13;r=;j=false;s=1280*720;d=24;rand=0.7271286939509127

HTTP Response

302
95.163.52.67:443

top-fwz1.mail.ru

tls

2.0kB
8.4kB
17
19
87.250.250.90:445

bs.yandex.ru

260 B
5
93.158.134.90:445

bs.yandex.ru

260 B
5
77.88.21.90:445

bs.yandex.ru

260 B
5
213.180.204.90:445

bs.yandex.ru

260 B
5
88.212.202.52:443

counter.yadro.ru

tls

1.8kB
4.0kB
12
9
13.107.246.64:443

edgestatic.azureedge.net

tls

95.0kB
4.6MB
1942
3326
13.107.246.64:443

edgestatic.azureedge.net

98 B
52 B
2
1
13.107.246.64:443

edgestatic.azureedge.net

98 B
52 B
2
1
20.189.173.22:443

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

tls, http

4.9kB
7.6kB
13
11

HTTP Request

POST https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

HTTP Response

200
13.107.253.67:443

46 B
40 B
1
1
87.250.251.119:445

mc.yandex.ru

260 B
5
93.158.134.119:445

mc.yandex.ru

260 B
5
77.88.21.119:445

mc.yandex.ru

260 B
5
87.250.250.119:445

mc.yandex.ru

260 B
5
13.107.246.64:443

edgestatic.azureedge.net

tls

11.2kB
272.4kB
181
213
13.107.246.64:443

wcpstatic.microsoft.com

tls

4.2kB
91.0kB
52
78
23.62.61.97:443

www.bing.com

tls

1.0kB
5.1kB
9
11
23.62.61.194:443

www.bing.com

tls

1.2kB
906 B
7
7

8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
185 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
200 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

172.165.61.93
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
244 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

159.113.53.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

159.113.53.23.in-addr.arpa
8.8.8.8:53

93.61.165.172.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

93.61.165.172.in-addr.arpa
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

96.16.53.149

96.16.53.156
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

razgovorchik.ru

dns

61 B
77 B
1
1

DNS Request

razgovorchik.ru

DNS Response

31.31.205.163
8.8.8.8:53

razgovorchik.ru

dns

61 B
116 B
1
1

DNS Request

razgovorchik.ru
8.8.8.8:53

masterhost.ru

dns

59 B
75 B
1
1

DNS Request

masterhost.ru

DNS Response

90.156.132.125
8.8.8.8:53

masterhost.ru

dns

59 B
110 B
1
1

DNS Request

masterhost.ru
8.8.8.8:53

bs.yandex.ru

dns

58 B
138 B
1
1

DNS Request

bs.yandex.ru

DNS Response

213.180.193.90

87.250.250.90

93.158.134.90

77.88.21.90

213.180.204.90
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181
8.8.8.8:53

masterhost.ru

dns

59 B
75 B
1
1

DNS Request

masterhost.ru

DNS Response

90.156.132.125
8.8.8.8:53

masterhost.ru

dns

59 B
110 B
1
1

DNS Request

masterhost.ru
8.8.8.8:53

ads.serveuser.com

dns

63 B
79 B
1
1

DNS Request

ads.serveuser.com

DNS Response

41.212.227.208
8.8.8.8:53

ads.serveuser.com

dns

63 B
128 B
1
1

DNS Request

ads.serveuser.com
8.8.8.8:53

ads.serveuser.com

dns

63 B
79 B
1
1

DNS Request

ads.serveuser.com

DNS Response

41.212.227.208
8.8.8.8:53

181.97.55.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

181.97.55.23.in-addr.arpa
8.8.8.8:53

149.53.16.96.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

149.53.16.96.in-addr.arpa
8.8.8.8:53

163.205.31.31.in-addr.arpa

dns

72 B
114 B
1
1

DNS Request

163.205.31.31.in-addr.arpa
8.8.8.8:53

125.132.156.90.in-addr.arpa

dns

73 B
100 B
1
1

DNS Request

125.132.156.90.in-addr.arpa
8.8.8.8:53

dd.cb.b0.a1.top.list.ru

dns

69 B
113 B
1
1

DNS Request

dd.cb.b0.a1.top.list.ru

DNS Response

95.163.52.67
8.8.8.8:53

dd.cb.b0.a1.top.list.ru

dns

69 B
149 B
1
1

DNS Request

dd.cb.b0.a1.top.list.ru
8.8.8.8:53

counter.yadro.ru

dns

62 B
110 B
1
1

DNS Request

counter.yadro.ru

DNS Response

88.212.201.198

88.212.201.204

88.212.202.52
8.8.8.8:53

counter.yadro.ru

dns

62 B
112 B
1
1

DNS Request

counter.yadro.ru
8.8.8.8:53

top-fwz1.mail.ru

dns

62 B
78 B
1
1

DNS Request

top-fwz1.mail.ru

DNS Response

95.163.52.67
8.8.8.8:53

top-fwz1.mail.ru

dns

62 B
114 B
1
1

DNS Request

top-fwz1.mail.ru
8.8.8.8:53

counter.yadro.ru

dns

62 B
110 B
1
1

DNS Request

counter.yadro.ru

DNS Response

88.212.202.52

88.212.201.204

88.212.201.198
8.8.8.8:53

counter.yadro.ru

dns

62 B
112 B
1
1

DNS Request

counter.yadro.ru
8.8.8.8:53

67.52.163.95.in-addr.arpa

dns

71 B
101 B
1
1

DNS Request

67.52.163.95.in-addr.arpa
8.8.8.8:53

198.201.212.88.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

198.201.212.88.in-addr.arpa
8.8.8.8:53

14.180.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

14.180.250.142.in-addr.arpa
8.8.8.8:53

58.55.71.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

58.55.71.13.in-addr.arpa
8.8.8.8:53

52.202.212.88.in-addr.arpa

dns

72 B
122 B
1
1

DNS Request

52.202.212.88.in-addr.arpa
8.8.8.8:53

79.190.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

79.190.18.2.in-addr.arpa
8.8.8.8:53

bs.yandex.ru

dns

58 B
138 B
1
1

DNS Request

bs.yandex.ru

DNS Response

213.180.193.90

77.88.21.90

93.158.134.90

87.250.250.90

213.180.204.90
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
245 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
273 B
1
1

DNS Request

edgestatic.azureedge.net
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

23.53.113.225
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
8.8.8.8:53

72.32.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

72.32.126.40.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
8.8.8.8:53

nw-umwatson.events.data.microsoft.com

dns

83 B
211 B
1
1

DNS Request

nw-umwatson.events.data.microsoft.com

DNS Response

20.189.173.22
8.8.8.8:53

22.173.189.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

22.173.189.20.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

103.169.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

103.169.127.40.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

mc.yandex.ru

dns

58 B
122 B
1
1

DNS Request

mc.yandex.ru

DNS Response

87.250.251.119

93.158.134.119

77.88.21.119

87.250.250.119
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
265 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
280 B
1
1

DNS Request

wcpstatic.microsoft.com
8.8.8.8:53

mc.yandex.ru

dns

58 B
122 B
1
1

DNS Request

mc.yandex.ru

DNS Response

87.250.251.119

93.158.134.119

77.88.21.119

87.250.250.119
8.8.8.8:53

97.61.62.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

97.61.62.23.in-addr.arpa
224.0.0.251:5353

204 B
3
8.8.8.8:53

77.190.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

77.190.18.2.in-addr.arpa
8.8.8.8:53

194.61.62.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

194.61.62.23.in-addr.arpa
8.8.8.8:53

168.117.168.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

168.117.168.52.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request