f932aa2f0340d4716875e0ae66c74831fc0b03d8da763e6017ad9c9aceeb08dc

Analysis

max time kernel
141s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
13/05/2024, 13:22 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3fad922049a1864a4ba39298caf995d7_JaffaCakes118.html
Size

17KB
MD5

3fad922049a1864a4ba39298caf995d7
SHA1

7370fab84d454b37fc362f51c79f97c4eef7d48a
SHA256

f932aa2f0340d4716875e0ae66c74831fc0b03d8da763e6017ad9c9aceeb08dc
SHA512

cb74cb0ed815ae32b5960b0bd421151f51cd896b234204341961b8ae3d4381fcbb608e415f2dd287008cf78650e22b33f7e690ba419ffbc0adddaceeeb7c84b0
SSDEEP

384:ss3oYX6Bl2ihokt9Szold/jIBTDRWPBMUldwV2/pOQxRgDstLWR0sRRJvnx0/oWR:ssY2uz6kt9SElVjIMCg//pOQntLm/IoU

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3fad922049a1864a4ba39298caf995d7_JaffaCakes118.html
1⤵
PID:5020

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3776 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:1
1⤵
PID:2356

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5772 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:1
1⤵
PID:4780

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5792 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:8
1⤵
PID:1916

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5524 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:1
1⤵
PID:4268

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5460 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:8
1⤵
PID:4344

Network

DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-3.uksouth.cloudapp.azure.com

prod-agic-us-3.uksouth.cloudapp.azure.com

IN A

172.165.61.93
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-uw-3.ukwest.cloudapp.azure.com
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.17.5.133
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

96.16.53.162

a416.dscd.akamai.net

IN A

96.16.53.149
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN A

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN Unknown

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN A

Response
DNS

159.113.53.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.113.53.23.in-addr.arpa

IN PTR

Response

159.113.53.23.in-addr.arpa

IN PTR

a23-53-113-159deploystaticakamaitechnologiescom
DNS

93.61.165.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

93.61.165.172.in-addr.arpa

IN PTR

Response
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN A

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN Unknown

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN A

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN Unknown

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN A

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN Unknown

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN A

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN Unknown

Response
DNS

194.17.21.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.17.21.2.in-addr.arpa

IN PTR

Response

194.17.21.2.in-addr.arpa

IN PTR

a2-21-17-194deploystaticakamaitechnologiescom
DNS

162.53.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

162.53.16.96.in-addr.arpa

IN PTR

Response

162.53.16.96.in-addr.arpa

IN PTR

a96-16-53-162deploystaticakamaitechnologiescom
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN A

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN Unknown

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN A

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN Unknown

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN A

Response
DNS

1960smovies.com

Remote address:

8.8.8.8:53

Request

1960smovies.com

IN Unknown

Response
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

23.53.113.225
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net
DNS

79.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.190.18.2.in-addr.arpa

IN PTR

Response

79.190.18.2.in-addr.arpa

IN PTR

a2-18-190-79deploystaticakamaitechnologiescom
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

nw-umwatson.events.data.microsoft.com

Remote address:

8.8.8.8:53

Request

nw-umwatson.events.data.microsoft.com

IN A

Response

nw-umwatson.events.data.microsoft.com

IN CNAME

blobcollector.events.data.trafficmanager.net

blobcollector.events.data.trafficmanager.net

IN CNAME

onedsblobprdeus16.eastus.cloudapp.azure.com

onedsblobprdeus16.eastus.cloudapp.azure.com

IN A

52.168.117.173
POST

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

Remote address:

52.168.117.173:443

Request

POST /Telemetry.Request HTTP/1.1
Connection: Keep-Alive
Content-Type: application/xml
User-Agent: Crashpad/0.8.0 WinHTTP/10.0.19041.1151 Windows_NT/10.0.19041.1202 (x64)
Content-Length: 3685
Host: nw-umwatson.events.data.microsoft.com

Response

HTTP/1.1 200 200 OK

Content-Length: 634
Content-Type: text/xml
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Date: Mon, 13 May 2024 13:23:24 GMT
DNS

173.117.168.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.117.168.52.in-addr.arpa

IN PTR

Response
DNS

183.142.211.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.142.211.20.in-addr.arpa

IN PTR

Response
DNS

26.165.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.165.165.52.in-addr.arpa

IN PTR

Response
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

139.53.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

139.53.16.96.in-addr.arpa

IN PTR

Response

139.53.16.96.in-addr.arpa

IN PTR

a96-16-53-139deploystaticakamaitechnologiescom
DNS

139.53.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

139.53.16.96.in-addr.arpa

IN PTR
DNS

217.106.137.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

217.106.137.52.in-addr.arpa

IN PTR

Response
DNS

28.118.140.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.118.140.52.in-addr.arpa

IN PTR

Response
DNS

88.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.61.62.23.in-addr.arpa

IN PTR

Response

88.61.62.23.in-addr.arpa

IN PTR

a23-62-61-88deploystaticakamaitechnologiescom
DNS

77.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.190.18.2.in-addr.arpa

IN PTR

Response

77.190.18.2.in-addr.arpa

IN PTR

a2-18-190-77deploystaticakamaitechnologiescom
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

138.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

138.61.62.23.in-addr.arpa

IN PTR

Response

138.61.62.23.in-addr.arpa

IN PTR

a23-62-61-138deploystaticakamaitechnologiescom
DNS

131.72.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.72.42.20.in-addr.arpa

IN PTR

Response

172.165.61.93:443

nav-edge.smartscreen.microsoft.com

tls

10.6kB
12.9kB
31
34
13.107.6.158:443

business.bing.com

tls

2.0kB
9.8kB
17
22
96.16.53.162:443

bzib.nelreports.net

tls

2.6kB
5.9kB
13
15
2.21.17.194:443

www.microsoft.com

tls

2.9kB
22.8kB
28
36
142.250.178.138:445

fonts.googleapis.com

260 B
5
142.250.178.138:139

fonts.googleapis.com

260 B
5
13.107.246.64:443

edgestatic.azureedge.net

tls

884 B
271 B
6
4
13.107.246.64:443

edgestatic.azureedge.net

tls

108.9kB
4.6MB
2187
3331
13.107.246.64:443

edgestatic.azureedge.net

tls

1.7kB
7.6kB
13
12
13.107.246.64:443

edgestatic.azureedge.net

tls

8.6kB
272.4kB
124
213
13.107.246.64:443

wcpstatic.microsoft.com

tls

1.8kB
5.6kB
11
12
13.107.246.64:443

edgestatic.azureedge.net

tls

1.7kB
7.6kB
13
11
52.168.117.173:443

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

tls, http

4.9kB
7.6kB
13
11

HTTP Request

POST https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

HTTP Response

200
172.217.20.206:445

www.google-analytics.com

260 B
5
13.107.253.67:443

46 B
40 B
1
1
172.217.20.206:139

www.google-analytics.com

260 B
5
23.62.61.88:443

www.bing.com

tls

1.0kB
5.1kB
9
11
23.62.61.138:443

www.bing.com

tls

1.7kB
1.3kB
12
10

8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
200 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

172.165.61.93
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
243 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
171 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.17.5.133
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

96.16.53.162

96.16.53.149
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

159.113.53.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

159.113.53.23.in-addr.arpa
8.8.8.8:53

93.61.165.172.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

93.61.165.172.in-addr.arpa
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

194.17.21.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

194.17.21.2.in-addr.arpa
8.8.8.8:53

162.53.16.96.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

162.53.16.96.in-addr.arpa
8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

149.220.183.52.in-addr.arpa
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

1960smovies.com

dns

61 B
134 B
1
1

DNS Request

1960smovies.com
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

23.53.113.225
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
245 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
273 B
1
1

DNS Request

edgestatic.azureedge.net
8.8.8.8:53

79.190.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

79.190.18.2.in-addr.arpa
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
265 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
280 B
1
1

DNS Request

wcpstatic.microsoft.com
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

nw-umwatson.events.data.microsoft.com

dns

83 B
211 B
1
1

DNS Request

nw-umwatson.events.data.microsoft.com

DNS Response

52.168.117.173
8.8.8.8:53

173.117.168.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

173.117.168.52.in-addr.arpa
8.8.8.8:53

183.142.211.20.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

183.142.211.20.in-addr.arpa
8.8.8.8:53

26.165.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

26.165.165.52.in-addr.arpa
8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

139.53.16.96.in-addr.arpa

dns

142 B
135 B
2
1

DNS Request

139.53.16.96.in-addr.arpa

DNS Request

139.53.16.96.in-addr.arpa
8.8.8.8:53

217.106.137.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

217.106.137.52.in-addr.arpa
8.8.8.8:53

28.118.140.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

28.118.140.52.in-addr.arpa
8.8.8.8:53

88.61.62.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

88.61.62.23.in-addr.arpa
224.0.0.251:5353

204 B
3
8.8.8.8:53

77.190.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

77.190.18.2.in-addr.arpa
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

11.227.111.52.in-addr.arpa
8.8.8.8:53

138.61.62.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

138.61.62.23.in-addr.arpa
8.8.8.8:53

131.72.42.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

131.72.42.20.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.