Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

3261b83278...18.exe

windows7-x64

1

3261b83278...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    129s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/05/2024, 03:01 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3261b832785018b2049974bb7ef7ff3d_JaffaCakes118.exe

  • Size

    131KB

  • MD5

    3261b832785018b2049974bb7ef7ff3d

  • SHA1

    507065d3f5fcdc7d055d852ff02ed1321ee174e9

  • SHA256

    3cbd0e2c83337c36a6a7ac39947111ea2f758ec34a5a30186a0d460b287e040b

  • SHA512

    c19358a510b3fcbb35baeaafbe678a792414ea4fc15980c9058c72d38c77120921b0af6ccb7efeaff551f48c0d528cb4c7d9684bd624b7052b74740d79144bc2

  • SSDEEP

    1536:xluaBrSh5cTv32SDzZ865vc/7usP5KyS532Sh0BjB72Y9sFV:iaBrK5+uSt5vc/JP5Kt532XBjB72Y2v

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3261b832785018b2049974bb7ef7ff3d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3261b832785018b2049974bb7ef7ff3d_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4752

Network

  • flag-us
    DNS
    g.bing.com
    Remote address:
    8.8.8.8:53
    Request
    g.bing.com
    IN A
    Response
    g.bing.com
    IN CNAME
    g-bing-com.dual-a-0034.a-msedge.net
    g-bing-com.dual-a-0034.a-msedge.net
    IN CNAME
    dual-a-0034.a-msedge.net
    dual-a-0034.a-msedge.net
    IN A
    204.79.197.237
    dual-a-0034.a-msedge.net
    IN A
    13.107.21.237
  • flag-us
    GET
    https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8Est13Qm7jtrOAxlQTNN3BTVUCUz35aO60zruHgcpaQc1LpJ4-h8bKFj2t_sWbe1OZuk5yOPNyo4ndqb9QYZhRtqnApxJHe5pFWf7qHORm6G7kDPYJoSbpMBQBhQPhzmhVL-LFW8nJDQ4HlwleZ3TGdhbMWXwG_rMQmXeyZnE0hn0yp_s%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D9eaf4fd9e600188b100129e28045adb0&TIME=20240508T114741Z&CID=531035994&EID=531035994&tids=15000&adUnitId=11730597&localId=w:F93159F4-8ABC-3E2B-DF73-50B998F17BEB&deviceId=6825829378917981&muid=F93159F48ABC3E2BDF7350B998F17BEB
    Remote address:
    204.79.197.237:443
    Request
    GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8Est13Qm7jtrOAxlQTNN3BTVUCUz35aO60zruHgcpaQc1LpJ4-h8bKFj2t_sWbe1OZuk5yOPNyo4ndqb9QYZhRtqnApxJHe5pFWf7qHORm6G7kDPYJoSbpMBQBhQPhzmhVL-LFW8nJDQ4HlwleZ3TGdhbMWXwG_rMQmXeyZnE0hn0yp_s%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D9eaf4fd9e600188b100129e28045adb0&TIME=20240508T114741Z&CID=531035994&EID=531035994&tids=15000&adUnitId=11730597&localId=w:F93159F4-8ABC-3E2B-DF73-50B998F17BEB&deviceId=6825829378917981&muid=F93159F48ABC3E2BDF7350B998F17BEB HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    set-cookie: MUID=08E1DCBA25FD65F91804C8C6241D649F; domain=.bing.com; expires=Thu, 05-Jun-2025 03:01:56 GMT; path=/; SameSite=None; Secure; Priority=High;
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 489CF4F2BBDC4895BF8590D482917C90 Ref B: LON04EDGE1119 Ref C: 2024-05-11T03:01:56Z
    date: Sat, 11 May 2024 03:01:56 GMT
  • flag-us
    GET
    https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8Est13Qm7jtrOAxlQTNN3BTVUCUz35aO60zruHgcpaQc1LpJ4-h8bKFj2t_sWbe1OZuk5yOPNyo4ndqb9QYZhRtqnApxJHe5pFWf7qHORm6G7kDPYJoSbpMBQBhQPhzmhVL-LFW8nJDQ4HlwleZ3TGdhbMWXwG_rMQmXeyZnE0hn0yp_s%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D9eaf4fd9e600188b100129e28045adb0&TIME=20240508T114741Z&CID=531035994&EID=&tids=15000&adUnitId=11730597&localId=w:F93159F4-8ABC-3E2B-DF73-50B998F17BEB&deviceId=6825829378917981&muid=F93159F48ABC3E2BDF7350B998F17BEB
    Remote address:
    204.79.197.237:443
    Request
    GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8Est13Qm7jtrOAxlQTNN3BTVUCUz35aO60zruHgcpaQc1LpJ4-h8bKFj2t_sWbe1OZuk5yOPNyo4ndqb9QYZhRtqnApxJHe5pFWf7qHORm6G7kDPYJoSbpMBQBhQPhzmhVL-LFW8nJDQ4HlwleZ3TGdhbMWXwG_rMQmXeyZnE0hn0yp_s%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D9eaf4fd9e600188b100129e28045adb0&TIME=20240508T114741Z&CID=531035994&EID=&tids=15000&adUnitId=11730597&localId=w:F93159F4-8ABC-3E2B-DF73-50B998F17BEB&deviceId=6825829378917981&muid=F93159F48ABC3E2BDF7350B998F17BEB HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    cookie: MUID=08E1DCBA25FD65F91804C8C6241D649F; _EDGE_S=SID=2133268330C86508237B32FF310864F6
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    set-cookie: MSPTC=wWVl0akpE6oNEUPBQfAhnlCbDZ7RpbsFlFEZmU5e11Q; domain=.bing.com; expires=Thu, 05-Jun-2025 03:01:56 GMT; path=/; Partitioned; secure; SameSite=None
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: BACFB3CEB20C441396B4B0EC78C7DBCC Ref B: LON04EDGE1119 Ref C: 2024-05-11T03:01:56Z
    date: Sat, 11 May 2024 03:01:56 GMT
  • flag-nl
    GET
    https://www.bing.com/aes/c.gif?RG=d463501860634adaab94b3597e315249&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T114741Z&adUnitId=11730597&localId=w:F93159F4-8ABC-3E2B-DF73-50B998F17BEB&deviceId=6825829378917981
    Remote address:
    23.62.61.194:443
    Request
    GET /aes/c.gif?RG=d463501860634adaab94b3597e315249&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T114741Z&adUnitId=11730597&localId=w:F93159F4-8ABC-3E2B-DF73-50B998F17BEB&deviceId=6825829378917981 HTTP/2.0
    host: www.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    cookie: MUID=08E1DCBA25FD65F91804C8C6241D649F
    Response
    HTTP/2.0 200
    cache-control: private,no-store
    pragma: no-cache
    vary: Origin
    p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 68FF2F26BF4C4EDCB9CC63C48FC6CBF6 Ref B: DUS30EDGE0416 Ref C: 2024-05-11T03:01:56Z
    content-length: 0
    date: Sat, 11 May 2024 03:01:56 GMT
    set-cookie: _EDGE_S=SID=2133268330C86508237B32FF310864F6; path=/; httponly; domain=bing.com
    set-cookie: MUIDB=08E1DCBA25FD65F91804C8C6241D649F; path=/; httponly; expires=Thu, 05-Jun-2025 03:01:56 GMT
    alt-svc: h3=":443"; ma=93600
    x-cdn-traceid: 0.be3d3e17.1715396516.416f784
  • flag-us
    DNS
    36.56.20.217.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    36.56.20.217.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    69.31.126.40.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    69.31.126.40.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    237.197.79.204.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    237.197.79.204.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    194.61.62.23.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    194.61.62.23.in-addr.arpa
    IN PTR
    Response
    194.61.62.23.in-addr.arpa
    IN PTR
    a23-62-61-194deploystaticakamaitechnologiescom
  • flag-nl
    GET
    https://www.bing.com/th?id=OADD2.10239356736264_1E1NQW5LZ8SVSGPEK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
    Remote address:
    23.62.61.194:443
    Request
    GET /th?id=OADD2.10239356736264_1E1NQW5LZ8SVSGPEK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
    host: www.bing.com
    accept: */*
    cookie: MUID=08E1DCBA25FD65F91804C8C6241D649F; _EDGE_S=SID=2133268330C86508237B32FF310864F6; MSPTC=wWVl0akpE6oNEUPBQfAhnlCbDZ7RpbsFlFEZmU5e11Q; MUIDB=08E1DCBA25FD65F91804C8C6241D649F
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-type: image/png
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    content-length: 999
    date: Sat, 11 May 2024 03:01:57 GMT
    alt-svc: h3=":443"; ma=93600
    x-cdn-traceid: 0.be3d3e17.1715396517.416f814
  • flag-us
    DNS
    55.36.223.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    55.36.223.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    26.165.165.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    26.165.165.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    100.58.20.217.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    100.58.20.217.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    15.164.165.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    15.164.165.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    240.221.184.93.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    240.221.184.93.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    98.58.20.217.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    98.58.20.217.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    14.227.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    14.227.111.52.in-addr.arpa
    IN PTR
    Response
  • 204.79.197.237:443
    https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8Est13Qm7jtrOAxlQTNN3BTVUCUz35aO60zruHgcpaQc1LpJ4-h8bKFj2t_sWbe1OZuk5yOPNyo4ndqb9QYZhRtqnApxJHe5pFWf7qHORm6G7kDPYJoSbpMBQBhQPhzmhVL-LFW8nJDQ4HlwleZ3TGdhbMWXwG_rMQmXeyZnE0hn0yp_s%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D9eaf4fd9e600188b100129e28045adb0&TIME=20240508T114741Z&CID=531035994&EID=&tids=15000&adUnitId=11730597&localId=w:F93159F4-8ABC-3E2B-DF73-50B998F17BEB&deviceId=6825829378917981&muid=F93159F48ABC3E2BDF7350B998F17BEB
    tls, http2
    2.6kB
     9.0kB
     20
    17

    HTTP Request

    GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8Est13Qm7jtrOAxlQTNN3BTVUCUz35aO60zruHgcpaQc1LpJ4-h8bKFj2t_sWbe1OZuk5yOPNyo4ndqb9QYZhRtqnApxJHe5pFWf7qHORm6G7kDPYJoSbpMBQBhQPhzmhVL-LFW8nJDQ4HlwleZ3TGdhbMWXwG_rMQmXeyZnE0hn0yp_s%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D9eaf4fd9e600188b100129e28045adb0&TIME=20240508T114741Z&CID=531035994&EID=531035994&tids=15000&adUnitId=11730597&localId=w:F93159F4-8ABC-3E2B-DF73-50B998F17BEB&deviceId=6825829378917981&muid=F93159F48ABC3E2BDF7350B998F17BEB

    HTTP Response

    204

    HTTP Request

    GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8Est13Qm7jtrOAxlQTNN3BTVUCUz35aO60zruHgcpaQc1LpJ4-h8bKFj2t_sWbe1OZuk5yOPNyo4ndqb9QYZhRtqnApxJHe5pFWf7qHORm6G7kDPYJoSbpMBQBhQPhzmhVL-LFW8nJDQ4HlwleZ3TGdhbMWXwG_rMQmXeyZnE0hn0yp_s%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D9eaf4fd9e600188b100129e28045adb0&TIME=20240508T114741Z&CID=531035994&EID=&tids=15000&adUnitId=11730597&localId=w:F93159F4-8ABC-3E2B-DF73-50B998F17BEB&deviceId=6825829378917981&muid=F93159F48ABC3E2BDF7350B998F17BEB

    HTTP Response

    204
  • 23.62.61.194:443
    https://www.bing.com/aes/c.gif?RG=d463501860634adaab94b3597e315249&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T114741Z&adUnitId=11730597&localId=w:F93159F4-8ABC-3E2B-DF73-50B998F17BEB&deviceId=6825829378917981
    tls, http2
    1.4kB
     5.3kB
     16
    10

    HTTP Request

    GET https://www.bing.com/aes/c.gif?RG=d463501860634adaab94b3597e315249&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T114741Z&adUnitId=11730597&localId=w:F93159F4-8ABC-3E2B-DF73-50B998F17BEB&deviceId=6825829378917981

    HTTP Response

    200
  • 23.62.61.194:443
    https://www.bing.com/th?id=OADD2.10239356736264_1E1NQW5LZ8SVSGPEK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
    tls, http2
    1.6kB
     6.2kB
     16
    12

    HTTP Request

    GET https://www.bing.com/th?id=OADD2.10239356736264_1E1NQW5LZ8SVSGPEK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

    HTTP Response

    200
  • 8.8.8.8:53
    g.bing.com
    dns
    56 B
     151 B
     1
    1

    DNS Request

    g.bing.com

    DNS Response

    204.79.197.237
    13.107.21.237

  • 8.8.8.8:53
    36.56.20.217.in-addr.arpa
    dns
    71 B
     131 B
     1
    1

    DNS Request

    36.56.20.217.in-addr.arpa

  • 8.8.8.8:53
    69.31.126.40.in-addr.arpa
    dns
    71 B
     157 B
     1
    1

    DNS Request

    69.31.126.40.in-addr.arpa

  • 8.8.8.8:53
    237.197.79.204.in-addr.arpa
    dns
    73 B
     143 B
     1
    1

    DNS Request

    237.197.79.204.in-addr.arpa

  • 8.8.8.8:53
    194.61.62.23.in-addr.arpa
    dns
    71 B
     135 B
     1
    1

    DNS Request

    194.61.62.23.in-addr.arpa

  • 8.8.8.8:53
    55.36.223.20.in-addr.arpa
    dns
    71 B
     157 B
     1
    1

    DNS Request

    55.36.223.20.in-addr.arpa

  • 8.8.8.8:53
    26.165.165.52.in-addr.arpa
    dns
    72 B
     146 B
     1
    1

    DNS Request

    26.165.165.52.in-addr.arpa

  • 8.8.8.8:53
    100.58.20.217.in-addr.arpa
    dns
    72 B
     132 B
     1
    1

    DNS Request

    100.58.20.217.in-addr.arpa

  • 8.8.8.8:53
    15.164.165.52.in-addr.arpa
    dns
    72 B
     146 B
     1
    1

    DNS Request

    15.164.165.52.in-addr.arpa

  • 8.8.8.8:53
    240.221.184.93.in-addr.arpa
    dns
    73 B
     144 B
     1
    1

    DNS Request

    240.221.184.93.in-addr.arpa

  • 8.8.8.8:53
    98.58.20.217.in-addr.arpa
    dns
    71 B
     131 B
     1
    1

    DNS Request

    98.58.20.217.in-addr.arpa

  • 8.8.8.8:53
    14.227.111.52.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    14.227.111.52.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4752-0-0x00007FFE7B8E3000-0x00007FFE7B8E5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4752-1-0x00000000003A0000-0x00000000003C6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/4752-2-0x0000000000C70000-0x0000000000C7A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4752-3-0x0000000002530000-0x0000000002538000-memory.dmp

    Filesize

    32KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.