Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    141s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/05/2024, 00:56 UTC

General

  • Target

    3d4806db5d8cb4a51e2f380f8a0d3682_JaffaCakes118.html

  • Size

    43KB

  • MD5

    3d4806db5d8cb4a51e2f380f8a0d3682

  • SHA1

    cfb58b8daba5da869efdc4ffb85e6a4c28b195c9

  • SHA256

    dd75b1cef450e2b26a37010a19a2cb5b5bfab7c9c83d41ba39cfc95a28919ca0

  • SHA512

    61c2904acc6de62262491098162d5366d6c80d7fa2c72637d55daa30cbce9d4062296315e447713881260acfdc52d93412e855c235a9312e46b60f671372c222

  • SSDEEP

    768:1I+vbG2+0MGi+vZGIikHhGRGXiOgOeGBGlGslstxFOs/wOenX:K+vt+0U+v5ikH/iOgOdFnYO4

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3d4806db5d8cb4a51e2f380f8a0d3682_JaffaCakes118.html
    1⤵
      PID:3148
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3404 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:1
      1⤵
        PID:4004
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4880 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:1
        1⤵
          PID:4896
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5404 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:8
          1⤵
            PID:2148
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5804 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:1
            1⤵
              PID:2336
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5856 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:8
              1⤵
                PID:4532

              Network

              • flag-us
                DNS
                159.113.53.23.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                159.113.53.23.in-addr.arpa
                IN PTR
                Response
                159.113.53.23.in-addr.arpa
                IN PTR
                a23-53-113-159deploystaticakamaitechnologiescom
              • flag-us
                DNS
                nav-edge.smartscreen.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                nav-edge.smartscreen.microsoft.com
                IN A
                Response
                nav-edge.smartscreen.microsoft.com
                IN CNAME
                tm-prod-wd-csp-edge.trafficmanager.net
                tm-prod-wd-csp-edge.trafficmanager.net
                IN CNAME
                prod-agic-uw-2.ukwest.cloudapp.azure.com
                prod-agic-uw-2.ukwest.cloudapp.azure.com
                IN A
                51.140.244.186
              • flag-us
                DNS
                nav-edge.smartscreen.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                nav-edge.smartscreen.microsoft.com
                IN Unknown
                Response
                nav-edge.smartscreen.microsoft.com
                IN CNAME
                tm-prod-wd-csp-edge.trafficmanager.net
                tm-prod-wd-csp-edge.trafficmanager.net
                IN CNAME
                prod-agic-uw-2.ukwest.cloudapp.azure.com
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN A
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
                e13678.dscb.akamaiedge.net
                IN A
                2.21.17.194
              • flag-us
                DNS
                business.bing.com
                Remote address:
                8.8.8.8:53
                Request
                business.bing.com
                IN A
                Response
                business.bing.com
                IN CNAME
                business-bing-com.b-0005.b-msedge.net
                business-bing-com.b-0005.b-msedge.net
                IN CNAME
                b-0005.b-msedge.net
                b-0005.b-msedge.net
                IN A
                13.107.6.158
              • flag-us
                DNS
                business.bing.com
                Remote address:
                8.8.8.8:53
                Request
                business.bing.com
                IN Unknown
                Response
                business.bing.com
                IN CNAME
                business-bing-com.b-0005.b-msedge.net
                business-bing-com.b-0005.b-msedge.net
                IN CNAME
                b-0005.b-msedge.net
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN A
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
                e13678.dscb.akamaiedge.net
                IN A
                2.21.17.194
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN Unknown
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
              • flag-us
                DNS
                bzib.nelreports.net
                Remote address:
                8.8.8.8:53
                Request
                bzib.nelreports.net
                IN A
                Response
                bzib.nelreports.net
                IN CNAME
                bzib.nelreports.net.akamaized.net
                bzib.nelreports.net.akamaized.net
                IN CNAME
                a416.dscd.akamai.net
                a416.dscd.akamai.net
                IN A
                2.18.121.23
                a416.dscd.akamai.net
                IN A
                2.18.121.10
              • flag-us
                DNS
                bzib.nelreports.net
                Remote address:
                8.8.8.8:53
                Request
                bzib.nelreports.net
                IN Unknown
                Response
                bzib.nelreports.net
                IN CNAME
                bzib.nelreports.net.akamaized.net
                bzib.nelreports.net.akamaized.net
                IN CNAME
                a416.dscd.akamai.net
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN A
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
                e13678.dscb.akamaiedge.net
                IN A
                2.21.17.194
              • flag-us
                DNS
                194.17.21.2.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                194.17.21.2.in-addr.arpa
                IN PTR
                Response
                194.17.21.2.in-addr.arpa
                IN PTR
                a2-21-17-194deploystaticakamaitechnologiescom
              • flag-us
                DNS
                23.121.18.2.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                23.121.18.2.in-addr.arpa
                IN PTR
                Response
                23.121.18.2.in-addr.arpa
                IN PTR
                a2-18-121-23deploystaticakamaitechnologiescom
              • flag-us
                DNS
                edgestatic.azureedge.net
                Remote address:
                8.8.8.8:53
                Request
                edgestatic.azureedge.net
                IN A
                Response
                edgestatic.azureedge.net
                IN CNAME
                edgestatic.afd.azureedge.net
                edgestatic.afd.azureedge.net
                IN CNAME
                azureedge-t-prod.trafficmanager.net
                azureedge-t-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.246.64
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.213.64
              • flag-us
                DNS
                edgestatic.azureedge.net
                Remote address:
                8.8.8.8:53
                Request
                edgestatic.azureedge.net
                IN Unknown
                Response
                edgestatic.azureedge.net
                IN CNAME
                edgestatic.afd.azureedge.net
                edgestatic.afd.azureedge.net
                IN CNAME
                azureedge-t-prod.trafficmanager.net
                azureedge-t-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
              • flag-us
                DNS
                c.s-microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                c.s-microsoft.com
                IN A
                Response
                c.s-microsoft.com
                IN CNAME
                c-s.cms.ms.akadns.net
                c-s.cms.ms.akadns.net
                IN CNAME
                c.s-microsoft.com-c.edgekey.net
                c.s-microsoft.com-c.edgekey.net
                IN CNAME
                e13678.dscg.akamaiedge.net
                e13678.dscg.akamaiedge.net
                IN A
                23.53.113.225
              • flag-us
                DNS
                c.s-microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                c.s-microsoft.com
                IN Unknown
                Response
                c.s-microsoft.com
                IN CNAME
                c-s.cms.ms.akadns.net
                c-s.cms.ms.akadns.net
                IN CNAME
                c.s-microsoft.com-c.edgekey.net
                c.s-microsoft.com-c.edgekey.net
                IN CNAME
                e13678.dscg.akamaiedge.net
              • flag-us
                DNS
                cdd.net.ua
                Remote address:
                8.8.8.8:53
                Request
                cdd.net.ua
                IN A
                Response
                cdd.net.ua
                IN A
                89.184.88.6
              • flag-us
                DNS
                cdd.net.ua
                Remote address:
                8.8.8.8:53
                Request
                cdd.net.ua
                IN Unknown
                Response
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/store_logo.png
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/store_logo.png HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:00 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/pixel_trans.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/pixel_trans.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:00 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/stylesheet.css
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/stylesheet.css HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: text/css,*/*;q=0.1
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:00 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/back.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/back.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:00 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/header_account.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/header_account.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:00 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/header_cart.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/header_cart.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:00 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/header_checkout.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/header_checkout.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:00 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/infobox/corner_left.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/infobox/corner_left.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:00 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/infobox/corner_right_left.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:00 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-us
                DNS
                6.88.184.89.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                6.88.184.89.in-addr.arpa
                IN PTR
                Response
                6.88.184.89.in-addr.arpa
                IN PTR
                svh16mirohostnet
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/infobox/arrow_right.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:00 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/p.jpg
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/p.jpg HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:00 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/includes/languages/russian/images/buttons/button_quick_find.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:01 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/table_background_account.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/table_background_account.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:01 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_continue.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/includes/languages/russian/images/buttons/button_continue.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:01 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/images/infobox/corner_right.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/images/infobox/corner_right.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:01 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/includes/languages/russian/images/icon.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:01 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-pl
                GET
                http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif
                Remote address:
                89.184.88.6:80
                Request
                GET /apothecary/includes/languages/english/images/icon.gif HTTP/1.1
                Host: cdd.net.ua
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 404 Not Found
                Server: nginx
                Date: Tue, 14 May 2024 02:31:01 GMT
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 196
                Connection: keep-alive
              • flag-us
                DNS
                138.32.126.40.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                138.32.126.40.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                95.221.229.192.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                95.221.229.192.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                240.197.17.2.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                240.197.17.2.in-addr.arpa
                IN PTR
                Response
                240.197.17.2.in-addr.arpa
                IN PTR
                a2-17-197-240deploystaticakamaitechnologiescom
              • flag-us
                DNS
                149.220.183.52.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                149.220.183.52.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                14.160.190.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                14.160.190.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                104.219.191.52.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                104.219.191.52.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                nw-umwatson.events.data.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                nw-umwatson.events.data.microsoft.com
                IN A
                Response
                nw-umwatson.events.data.microsoft.com
                IN CNAME
                blobcollector.events.data.trafficmanager.net
                blobcollector.events.data.trafficmanager.net
                IN CNAME
                onedsblobprdeus17.eastus.cloudapp.azure.com
                onedsblobprdeus17.eastus.cloudapp.azure.com
                IN A
                20.42.65.92
              • flag-us
                POST
                https://nw-umwatson.events.data.microsoft.com/Telemetry.Request
                Remote address:
                20.42.65.92:443
                Request
                POST /Telemetry.Request HTTP/1.1
                Connection: Keep-Alive
                Content-Type: application/xml
                User-Agent: Crashpad/0.8.0 WinHTTP/10.0.19041.1151 Windows_NT/10.0.19041.1202 (x64)
                Content-Length: 3685
                Host: nw-umwatson.events.data.microsoft.com
                Response
                HTTP/1.1 200 200 OK
                Content-Length: 1035
                Content-Type: text/xml
                Server: Microsoft-HTTPAPI/2.0
                Strict-Transport-Security: max-age=31536000
                Date: Tue, 14 May 2024 02:31:18 GMT
              • flag-us
                DNS
                92.65.42.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                92.65.42.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                wcpstatic.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                wcpstatic.microsoft.com
                IN A
                Response
                wcpstatic.microsoft.com
                IN CNAME
                consentdeliveryfd.azurefd.net
                consentdeliveryfd.azurefd.net
                IN CNAME
                firstparty-azurefd-prod.trafficmanager.net
                firstparty-azurefd-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.246.64
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.213.64
              • flag-us
                DNS
                wcpstatic.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                wcpstatic.microsoft.com
                IN Unknown
                Response
                wcpstatic.microsoft.com
                IN CNAME
                consentdeliveryfd.azurefd.net
                consentdeliveryfd.azurefd.net
                IN CNAME
                firstparty-azurefd-prod.trafficmanager.net
                firstparty-azurefd-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
              • flag-us
                DNS
                86.23.85.13.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                86.23.85.13.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                171.39.242.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                171.39.242.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                154.239.44.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                154.239.44.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                172.210.232.199.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                172.210.232.199.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                97.61.62.23.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                97.61.62.23.in-addr.arpa
                IN PTR
                Response
                97.61.62.23.in-addr.arpa
                IN PTR
                a23-62-61-97deploystaticakamaitechnologiescom
              • flag-us
                DNS
                19.229.111.52.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                19.229.111.52.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                91.16.208.104.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                91.16.208.104.in-addr.arpa
                IN PTR
                Response
              • 51.140.244.186:443
                nav-edge.smartscreen.microsoft.com
                tls
                10.5kB
                12.8kB
                29
                31
              • 51.140.244.186:443
                nav-edge.smartscreen.microsoft.com
                98 B
                52 B
                2
                1
              • 2.21.17.194:443
                www.microsoft.com
                tls
                2.8kB
                22.8kB
                26
                36
              • 13.107.6.158:443
                business.bing.com
                tls
                1.9kB
                9.9kB
                17
                22
              • 2.18.121.23:443
                bzib.nelreports.net
                tls
                1.1kB
                4.9kB
                10
                12
              • 2.18.121.23:443
                bzib.nelreports.net
                tls
                2.5kB
                6.0kB
                13
                15
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                1.7kB
                7.9kB
                13
                14
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                98.3kB
                4.6MB
                2011
                3337
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                1.8kB
                7.8kB
                12
                13
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/store_logo.png
                http
                654 B
                536 B
                6
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/store_logo.png

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/pixel_trans.gif
                http
                655 B
                536 B
                6
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/pixel_trans.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/stylesheet.css
                http
                601 B
                536 B
                6
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/stylesheet.css

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/back.gif
                http
                602 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/back.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/header_account.gif
                http
                612 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/header_account.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/header_cart.gif
                http
                609 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/header_cart.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/header_checkout.gif
                http
                613 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/header_checkout.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/infobox/corner_left.gif
                http
                617 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/infobox/corner_left.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif
                http
                623 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif
                http
                617 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/p.jpg
                http
                599 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/p.jpg

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif
                http
                650 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/table_background_account.gif
                http
                622 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/table_background_account.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_continue.gif
                http
                648 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_continue.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/images/infobox/corner_right.gif
                http
                618 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/images/infobox/corner_right.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif
                http
                629 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif

                HTTP Response

                404
              • 89.184.88.6:80
                http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif
                http
                629 B
                536 B
                5
                4

                HTTP Request

                GET http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif

                HTTP Response

                404
              • 20.42.65.92:443
                https://nw-umwatson.events.data.microsoft.com/Telemetry.Request
                tls, http
                4.9kB
                8.0kB
                13
                11

                HTTP Request

                POST https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

                HTTP Response

                200
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                10.9kB
                272.4kB
                163
                213
              • 13.107.246.64:443
                wcpstatic.microsoft.com
                tls
                4.0kB
                91.0kB
                52
                78
              • 23.62.61.97:443
                www.bing.com
                tls
                1.0kB
                5.1kB
                9
                11
              • 23.62.61.97:443
                www.bing.com
                tls
                1.3kB
                958 B
                8
                8
              • 8.8.8.8:53
                159.113.53.23.in-addr.arpa
                dns
                72 B
                137 B
                1
                1

                DNS Request

                159.113.53.23.in-addr.arpa

              • 8.8.8.8:53
                nav-edge.smartscreen.microsoft.com
                dns
                80 B
                199 B
                1
                1

                DNS Request

                nav-edge.smartscreen.microsoft.com

                DNS Response

                51.140.244.186

              • 8.8.8.8:53
                nav-edge.smartscreen.microsoft.com
                dns
                80 B
                243 B
                1
                1

                DNS Request

                nav-edge.smartscreen.microsoft.com

              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                230 B
                1
                1

                DNS Request

                www.microsoft.com

                DNS Response

                2.21.17.194

              • 8.8.8.8:53
                business.bing.com
                dns
                63 B
                144 B
                1
                1

                DNS Request

                business.bing.com

                DNS Response

                13.107.6.158

              • 8.8.8.8:53
                business.bing.com
                dns
                63 B
                185 B
                1
                1

                DNS Request

                business.bing.com

              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                230 B
                1
                1

                DNS Request

                www.microsoft.com

                DNS Response

                2.21.17.194

              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                275 B
                1
                1

                DNS Request

                www.microsoft.com

              • 8.8.8.8:53
                bzib.nelreports.net
                dns
                65 B
                172 B
                1
                1

                DNS Request

                bzib.nelreports.net

                DNS Response

                2.18.121.23
                2.18.121.10

              • 8.8.8.8:53
                bzib.nelreports.net
                dns
                65 B
                204 B
                1
                1

                DNS Request

                bzib.nelreports.net

              • 224.0.0.251:5353
                204 B
                3
              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                230 B
                1
                1

                DNS Request

                www.microsoft.com

                DNS Response

                2.21.17.194

              • 8.8.8.8:53
                194.17.21.2.in-addr.arpa
                dns
                70 B
                133 B
                1
                1

                DNS Request

                194.17.21.2.in-addr.arpa

              • 8.8.8.8:53
                23.121.18.2.in-addr.arpa
                dns
                70 B
                133 B
                1
                1

                DNS Request

                23.121.18.2.in-addr.arpa

              • 8.8.8.8:53
                edgestatic.azureedge.net
                dns
                70 B
                245 B
                1
                1

                DNS Request

                edgestatic.azureedge.net

                DNS Response

                13.107.246.64
                13.107.213.64

              • 8.8.8.8:53
                edgestatic.azureedge.net
                dns
                70 B
                273 B
                1
                1

                DNS Request

                edgestatic.azureedge.net

              • 8.8.8.8:53
                c.s-microsoft.com
                dns
                63 B
                193 B
                1
                1

                DNS Request

                c.s-microsoft.com

                DNS Response

                23.53.113.225

              • 8.8.8.8:53
                c.s-microsoft.com
                dns
                63 B
                238 B
                1
                1

                DNS Request

                c.s-microsoft.com

              • 8.8.8.8:53
                cdd.net.ua
                dns
                56 B
                72 B
                1
                1

                DNS Request

                cdd.net.ua

                DNS Response

                89.184.88.6

              • 8.8.8.8:53
                cdd.net.ua
                dns
                56 B
                128 B
                1
                1

                DNS Request

                cdd.net.ua

              • 8.8.8.8:53
                6.88.184.89.in-addr.arpa
                dns
                70 B
                102 B
                1
                1

                DNS Request

                6.88.184.89.in-addr.arpa

              • 8.8.8.8:53
                138.32.126.40.in-addr.arpa
                dns
                72 B
                158 B
                1
                1

                DNS Request

                138.32.126.40.in-addr.arpa

              • 8.8.8.8:53
                95.221.229.192.in-addr.arpa
                dns
                73 B
                144 B
                1
                1

                DNS Request

                95.221.229.192.in-addr.arpa

              • 8.8.8.8:53
                240.197.17.2.in-addr.arpa
                dns
                71 B
                135 B
                1
                1

                DNS Request

                240.197.17.2.in-addr.arpa

              • 8.8.8.8:53
                149.220.183.52.in-addr.arpa
                dns
                73 B
                147 B
                1
                1

                DNS Request

                149.220.183.52.in-addr.arpa

              • 8.8.8.8:53
                14.160.190.20.in-addr.arpa
                dns
                72 B
                158 B
                1
                1

                DNS Request

                14.160.190.20.in-addr.arpa

              • 8.8.8.8:53
                104.219.191.52.in-addr.arpa
                dns
                73 B
                147 B
                1
                1

                DNS Request

                104.219.191.52.in-addr.arpa

              • 8.8.8.8:53
                nw-umwatson.events.data.microsoft.com
                dns
                83 B
                211 B
                1
                1

                DNS Request

                nw-umwatson.events.data.microsoft.com

                DNS Response

                20.42.65.92

              • 8.8.8.8:53
                92.65.42.20.in-addr.arpa
                dns
                70 B
                156 B
                1
                1

                DNS Request

                92.65.42.20.in-addr.arpa

              • 8.8.8.8:53
                wcpstatic.microsoft.com
                dns
                69 B
                265 B
                1
                1

                DNS Request

                wcpstatic.microsoft.com

                DNS Response

                13.107.246.64
                13.107.213.64

              • 8.8.8.8:53
                wcpstatic.microsoft.com
                dns
                69 B
                280 B
                1
                1

                DNS Request

                wcpstatic.microsoft.com

              • 8.8.8.8:53
                86.23.85.13.in-addr.arpa
                dns
                70 B
                144 B
                1
                1

                DNS Request

                86.23.85.13.in-addr.arpa

              • 8.8.8.8:53
                171.39.242.20.in-addr.arpa
                dns
                72 B
                158 B
                1
                1

                DNS Request

                171.39.242.20.in-addr.arpa

              • 8.8.8.8:53
                154.239.44.20.in-addr.arpa
                dns
                72 B
                158 B
                1
                1

                DNS Request

                154.239.44.20.in-addr.arpa

              • 8.8.8.8:53
                172.210.232.199.in-addr.arpa
                dns
                74 B
                128 B
                1
                1

                DNS Request

                172.210.232.199.in-addr.arpa

              • 8.8.8.8:53
                97.61.62.23.in-addr.arpa
                dns
                70 B
                133 B
                1
                1

                DNS Request

                97.61.62.23.in-addr.arpa

              • 8.8.8.8:53
                19.229.111.52.in-addr.arpa
                dns
                72 B
                158 B
                1
                1

                DNS Request

                19.229.111.52.in-addr.arpa

              • 8.8.8.8:53
                91.16.208.104.in-addr.arpa
                dns
                72 B
                146 B
                1
                1

                DNS Request

                91.16.208.104.in-addr.arpa

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              We care about your privacy.

              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.