Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://rvianc.com/?bhxvsfgq=5555d6a1972108a069d0245007c206ad4a6b3b3dc31b1e83621d70b9cae348dda788b24c5058777fab081c12588a8576e9dc2fc090f86969e80a904f548d567f was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-05-08 15:12
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-08 15:12
Reported
2024-05-08 15:14
Platform
win10v2004-20240508-en
Max time kernel
132s
Max time network
140s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://rvianc.com/?bhxvsfgq=5555d6a1972108a069d0245007c206ad4a6b3b3dc31b1e83621d70b9cae348dda788b24c5058777fab081c12588a8576e9dc2fc090f86969e80a904f548d567f
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4692,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=3888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4716,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=3808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5252,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5424,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5432 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5440,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5488 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5908,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=6120,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=6076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4140,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=6240 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5636,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5628 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --field-trial-handle=3892,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --field-trial-handle=4148,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=5840 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | rvianc.com | udp |
| US | 8.8.8.8:53 | rvianc.com | udp |
| DE | 77.37.67.67:443 | rvianc.com | tcp |
| US | 8.8.8.8:53 | rvianc.com | udp |
| DE | 77.37.67.67:443 | rvianc.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| DE | 2.19.126.145:443 | bzib.nelreports.net | tcp |
| BE | 2.21.17.194:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.11.108.188:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.89.28.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.67.37.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.6.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.17.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.126.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.18.125.91:443 | js.hcaptcha.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| BE | 2.17.107.131:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | rvianc.com | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | rvianc.com | udp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.125.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | rvianc.com | udp |
| US | 8.8.8.8:53 | rvianc.com | udp |
| US | 104.18.125.91:443 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 104.18.125.91:443 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | imgs3.hcaptcha.com | udp |
| US | 8.8.8.8:53 | imgs3.hcaptcha.com | udp |
| BE | 2.17.107.131:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| DE | 77.37.67.67:443 | rvianc.com | tcp |
| DE | 77.37.67.67:443 | rvianc.com | tcp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 104.18.125.91:443 | imgs3.hcaptcha.com | udp |
| US | 104.18.125.91:443 | imgs3.hcaptcha.com | udp |
| US | 104.18.125.91:443 | imgs3.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | rvianc.com | udp |
| US | 8.8.8.8:53 | rvianc.com | udp |
| US | 8.8.8.8:53 | bushveidminerals.com | udp |
| US | 8.8.8.8:53 | bushveidminerals.com | udp |
| US | 8.8.8.8:53 | bushveidminerals.com | udp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| DE | 77.37.67.67:443 | bushveidminerals.com | udp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 152.199.23.37:443 | aadcdn.msftauth.net | tcp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| BE | 2.17.107.129:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 37.23.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | outlook.office365.com | udp |
| US | 8.8.8.8:53 | outlook.office365.com | udp |
| US | 8.8.8.8:53 | outlook.office365.com | udp |
| US | 8.8.8.8:53 | bushveidminerals.com | udp |
| GB | 52.98.227.114:443 | outlook.office365.com | tcp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| US | 8.8.8.8:53 | r4.res.office365.com | udp |
| US | 8.8.8.8:53 | r4.res.office365.com | udp |
| DE | 23.38.98.104:443 | r4.res.office365.com | tcp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.227.98.52.in-addr.arpa | udp |
| DE | 77.37.67.67:443 | bushveidminerals.com | tcp |
| US | 8.8.8.8:53 | 104.98.38.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.71.105.51.in-addr.arpa | udp |
| BE | 2.17.107.121:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 121.107.17.2.in-addr.arpa | udp |