Analysis

  • max time kernel
    141s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/05/2024, 23:22 UTC

General

  • Target

    68fbe81a7520d45eac22f25690f0c541_JaffaCakes118.html

  • Size

    139KB

  • MD5

    68fbe81a7520d45eac22f25690f0c541

  • SHA1

    b698ff7081c93605620ec5443f3f799dade52875

  • SHA256

    044c6ec0f26d04cf2d0900e557ed9bcfad67e875c55044d1c39be027e8feb75d

  • SHA512

    5bbd2bd43219b0ea5c9f1cbbcb027d4faa278690301707bf93e2a82887227b820927964b9c52fa617879b36439fcabd7c6c8960f7b6e0b0da6518a64ddbd1863

  • SSDEEP

    1536:S60C6zmTrNeXMuPx0rClrMFyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP06:Sqr4cyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\68fbe81a7520d45eac22f25690f0c541_JaffaCakes118.html
    1⤵
      PID:1600
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3780 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:1
      1⤵
        PID:5092
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4024 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:1
        1⤵
          PID:1196
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5084 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8
          1⤵
            PID:2024
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5496 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:1
            1⤵
              PID:5044
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5768 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8
              1⤵
                PID:1268

              Network

              • flag-us
                DNS
                nav-edge.smartscreen.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                nav-edge.smartscreen.microsoft.com
                IN A
                Response
                nav-edge.smartscreen.microsoft.com
                IN CNAME
                tm-prod-wd-csp-edge.trafficmanager.net
                tm-prod-wd-csp-edge.trafficmanager.net
                IN CNAME
                prod-agic-uw-3.ukwest.cloudapp.azure.com
                prod-agic-uw-3.ukwest.cloudapp.azure.com
                IN A
                51.11.108.188
              • flag-us
                DNS
                nav-edge.smartscreen.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                nav-edge.smartscreen.microsoft.com
                IN Unknown
                Response
                nav-edge.smartscreen.microsoft.com
                IN CNAME
                tm-prod-wd-csp-edge.trafficmanager.net
                tm-prod-wd-csp-edge.trafficmanager.net
                IN CNAME
                prod-agic-uw-2.ukwest.cloudapp.azure.com
              • flag-us
                DNS
                business.bing.com
                Remote address:
                8.8.8.8:53
                Request
                business.bing.com
                IN A
                Response
                business.bing.com
                IN CNAME
                business-bing-com.b-0005.b-msedge.net
                business-bing-com.b-0005.b-msedge.net
                IN CNAME
                b-0005.b-msedge.net
                b-0005.b-msedge.net
                IN A
                13.107.6.158
              • flag-us
                DNS
                business.bing.com
                Remote address:
                8.8.8.8:53
                Request
                business.bing.com
                IN Unknown
                Response
                business.bing.com
                IN CNAME
                business-bing-com.b-0005.b-msedge.net
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN A
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
                e13678.dscb.akamaiedge.net
                IN A
                23.55.97.181
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN A
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
                e13678.dscb.akamaiedge.net
                IN A
                23.55.97.181
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN Unknown
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
              • flag-us
                DNS
                bzib.nelreports.net
                Remote address:
                8.8.8.8:53
                Request
                bzib.nelreports.net
                IN A
                Response
                bzib.nelreports.net
                IN CNAME
                bzib.nelreports.net.akamaized.net
                bzib.nelreports.net.akamaized.net
                IN CNAME
                a416.dscd.akamai.net
                a416.dscd.akamai.net
                IN A
                2.17.251.21
                a416.dscd.akamai.net
                IN A
                2.17.251.4
              • flag-us
                DNS
                bzib.nelreports.net
                Remote address:
                8.8.8.8:53
                Request
                bzib.nelreports.net
                IN Unknown
                Response
                bzib.nelreports.net
                IN CNAME
                bzib.nelreports.net.akamaized.net
                bzib.nelreports.net.akamaized.net
                IN CNAME
                a416.dscd.akamai.net
              • flag-us
                DNS
                56.94.73.104.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                56.94.73.104.in-addr.arpa
                IN PTR
                Response
                56.94.73.104.in-addr.arpa
                IN PTR
                a104-73-94-56deploystaticakamaitechnologiescom
              • flag-us
                DNS
                188.108.11.51.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                188.108.11.51.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN A
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
                e13678.dscb.akamaiedge.net
                IN A
                23.55.97.181
              • flag-us
                DNS
                7tn2z.69khz.com
                Remote address:
                8.8.8.8:53
                Request
                7tn2z.69khz.com
                IN A
                Response
              • flag-us
                DNS
                7tn2z.69khz.com
                Remote address:
                8.8.8.8:53
                Request
                7tn2z.69khz.com
                IN Unknown
                Response
              • flag-us
                DNS
                7tn2z.69khz.com
                Remote address:
                8.8.8.8:53
                Request
                7tn2z.69khz.com
                IN A
                Response
              • flag-us
                DNS
                21.251.17.2.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                21.251.17.2.in-addr.arpa
                IN PTR
                Response
                21.251.17.2.in-addr.arpa
                IN PTR
                a2-17-251-21deploystaticakamaitechnologiescom
              • flag-us
                DNS
                181.97.55.23.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                181.97.55.23.in-addr.arpa
                IN PTR
                Response
                181.97.55.23.in-addr.arpa
                IN PTR
                a23-55-97-181deploystaticakamaitechnologiescom
              • flag-us
                DNS
                c.s-microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                c.s-microsoft.com
                IN A
                Response
                c.s-microsoft.com
                IN CNAME
                c-s.cms.ms.akadns.net
                c-s.cms.ms.akadns.net
                IN CNAME
                c.s-microsoft.com-c.edgekey.net
                c.s-microsoft.com-c.edgekey.net
                IN CNAME
                e13678.dscg.akamaiedge.net
                e13678.dscg.akamaiedge.net
                IN A
                104.73.93.171
              • flag-us
                DNS
                c.s-microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                c.s-microsoft.com
                IN Unknown
                Response
                c.s-microsoft.com
                IN CNAME
                c-s.cms.ms.akadns.net
                c-s.cms.ms.akadns.net
                IN CNAME
                c.s-microsoft.com-c.edgekey.net
                c.s-microsoft.com-c.edgekey.net
                IN CNAME
                e13678.dscg.akamaiedge.net
              • flag-us
                DNS
                edgestatic.azureedge.net
                Remote address:
                8.8.8.8:53
                Request
                edgestatic.azureedge.net
                IN A
                Response
                edgestatic.azureedge.net
                IN CNAME
                edgestatic.afd.azureedge.net
                edgestatic.afd.azureedge.net
                IN CNAME
                azureedge-t-prod.trafficmanager.net
                azureedge-t-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.246.64
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.213.64
              • flag-us
                DNS
                edgestatic.azureedge.net
                Remote address:
                8.8.8.8:53
                Request
                edgestatic.azureedge.net
                IN Unknown
                Response
                edgestatic.azureedge.net
                IN CNAME
                edgestatic.afd.azureedge.net
                edgestatic.afd.azureedge.net
                IN CNAME
                azureedge-t-prod.trafficmanager.net
                azureedge-t-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
              • flag-us
                DNS
                bdimg.share.baidu.com
                Remote address:
                8.8.8.8:53
                Request
                bdimg.share.baidu.com
                IN A
                Response
                bdimg.share.baidu.com
                IN CNAME
                share.jomodns.com
                share.jomodns.com
                IN CNAME
                share.n.shifen.com
                share.n.shifen.com
                IN A
                182.61.201.94
                share.n.shifen.com
                IN A
                182.61.244.229
                share.n.shifen.com
                IN A
                14.215.182.161
                share.n.shifen.com
                IN A
                39.156.68.163
                share.n.shifen.com
                IN A
                112.34.113.148
                share.n.shifen.com
                IN A
                163.177.17.97
                share.n.shifen.com
                IN A
                180.101.212.103
                share.n.shifen.com
                IN A
                182.61.201.93
              • flag-us
                DNS
                bdimg.share.baidu.com
                Remote address:
                8.8.8.8:53
                Request
                bdimg.share.baidu.com
                IN Unknown
                Response
                bdimg.share.baidu.com
                IN CNAME
                share.jomodns.com
                share.jomodns.com
                IN CNAME
                share.n.shifen.com
              • flag-us
                DNS
                74.32.126.40.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                74.32.126.40.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                13.86.106.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                13.86.106.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                172.210.232.199.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                172.210.232.199.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                104.219.191.52.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                104.219.191.52.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                nw-umwatson.events.data.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                nw-umwatson.events.data.microsoft.com
                IN A
                Response
                nw-umwatson.events.data.microsoft.com
                IN CNAME
                blobcollector.events.data.trafficmanager.net
                blobcollector.events.data.trafficmanager.net
                IN CNAME
                onedsblobprdwus16.westus.cloudapp.azure.com
                onedsblobprdwus16.westus.cloudapp.azure.com
                IN A
                20.189.173.21
              • flag-us
                POST
                https://nw-umwatson.events.data.microsoft.com/Telemetry.Request
                Remote address:
                20.189.173.21:443
                Request
                POST /Telemetry.Request HTTP/1.1
                Connection: Keep-Alive
                Content-Type: application/xml
                User-Agent: Crashpad/0.8.0 WinHTTP/10.0.19041.1151 Windows_NT/10.0.19041.1202 (x64)
                MSA_DeviceTicket: t=EwC4AlN5BAAUIUShNzVa+rgHy/M+tY/dQyCg+nEAATiYtz6q6Bw+kz6IdWcoLqpnU7Dfw/mZW5yc47vVz3/4hPnlxzuF7ff+XDA8komqy/tTJLdHu3HDYuHIfc+8NabUFoZ3LNAml7sk/lzmA+uMSymj+ewvTav46XXtbHc3bUHeSu/AIMEHpyibwEsBNmoXaGh8vP9rdv83LOO83DERqeLFziWTTtW4TO74tOGldeyR+k5gJ8sfhS/jX6SsD9t+9fzCcT84uD2AhwS9qU2GUich5wopuR1sgVQyUszpkFu5e/23yN6x0kZdbruh4DBJCU74Tu4H1B9y/W0XbS6xBFjQyQ/N0486VdVF+enulUfOC9lLIXE9ckpWST+Up9EDZgAACH6yZBkHkcTHiAEmpJQ+SU6ViV19TS6jBm3znLrJzT1K6sCLEdD8SrdJKNnJhMqXQRQfCtjGqhxvN7xkXdYOFAJeoK1xu4/0z2yaBtc8TJ0WrEuk7Q9uTJ64b52bPBXvn5F2wyARMllrPOsR+E0MHc6A6bOMdR8q1c6N97OgX1KCQPcBSBV6YwRRtPL1dz4cE1w6awQsjhv0l5b7Fnnz7kqah/wPjySvBTSD+wCZS7kNXRRHi/9/IYkX5MrNg3eh4njL1QwfEspppghlliUn5MNtGeQTjF8vj8rm9fo1EOIYuduEN5fZoReXq0WxGdib1k3MFVDgAf78VF8s1SA2b3QS+mSeQh/lspnfzdW9yPxtwvhXfFf+oqeu90OitD/JKhdo9X3MtjKUOIJoLzZqkbz8HASmgf28+25n+4fP0G8DTrMD07yESvRSlG9yV5eCGjqiCuzLUx/bm+i3aDk+RpwDEbxTwE4X/c54dyK4DaqsfTfQBorSAWmYB12i1aESDozNO4xYOj+SNE2nws+JLj+uNbgB&p=
                Content-Length: 3685
                Host: nw-umwatson.events.data.microsoft.com
                Response
                HTTP/1.1 200 200 OK
                Content-Length: 634
                Content-Type: text/xml
                Server: Microsoft-HTTPAPI/2.0
                Strict-Transport-Security: max-age=31536000
                Date: Wed, 22 May 2024 23:22:51 GMT
              • flag-us
                DNS
                21.173.189.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                21.173.189.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                217.106.137.52.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                217.106.137.52.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                chromewebstore.googleapis.com
                Remote address:
                8.8.8.8:53
                Request
                chromewebstore.googleapis.com
                IN A
                Response
                chromewebstore.googleapis.com
                IN A
                172.217.169.42
                chromewebstore.googleapis.com
                IN A
                142.250.179.234
                chromewebstore.googleapis.com
                IN A
                142.250.180.10
                chromewebstore.googleapis.com
                IN A
                142.250.187.202
                chromewebstore.googleapis.com
                IN A
                142.250.187.234
                chromewebstore.googleapis.com
                IN A
                142.250.178.10
                chromewebstore.googleapis.com
                IN A
                172.217.16.234
                chromewebstore.googleapis.com
                IN A
                142.250.200.10
                chromewebstore.googleapis.com
                IN A
                142.250.200.42
                chromewebstore.googleapis.com
                IN A
                216.58.201.106
                chromewebstore.googleapis.com
                IN A
                216.58.204.74
                chromewebstore.googleapis.com
                IN A
                216.58.213.10
                chromewebstore.googleapis.com
                IN A
                172.217.169.10
                chromewebstore.googleapis.com
                IN A
                216.58.212.234
              • flag-us
                DNS
                chromewebstore.googleapis.com
                Remote address:
                8.8.8.8:53
                Request
                chromewebstore.googleapis.com
                IN Unknown
                Response
              • flag-us
                DNS
                42.169.217.172.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                42.169.217.172.in-addr.arpa
                IN PTR
                Response
                42.169.217.172.in-addr.arpa
                IN PTR
                lhr48s08-in-f101e100net
              • flag-us
                DNS
                wcpstatic.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                wcpstatic.microsoft.com
                IN A
                Response
                wcpstatic.microsoft.com
                IN CNAME
                consentdeliveryfd.azurefd.net
                consentdeliveryfd.azurefd.net
                IN CNAME
                firstparty-azurefd-prod.trafficmanager.net
                firstparty-azurefd-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.246.64
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.213.64
              • flag-us
                DNS
                wcpstatic.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                wcpstatic.microsoft.com
                IN Unknown
                Response
                wcpstatic.microsoft.com
                IN CNAME
                consentdeliveryfd.azurefd.net
                consentdeliveryfd.azurefd.net
                IN CNAME
                firstparty-azurefd-prod.trafficmanager.net
                firstparty-azurefd-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
              • flag-us
                DNS
                103.169.127.40.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                103.169.127.40.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                15.164.165.52.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                15.164.165.52.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                97.61.62.23.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                97.61.62.23.in-addr.arpa
                IN PTR
                Response
                97.61.62.23.in-addr.arpa
                IN PTR
                a23-62-61-97deploystaticakamaitechnologiescom
              • flag-us
                DNS
                31.73.42.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                31.73.42.20.in-addr.arpa
                IN PTR
                Response
              • 51.11.108.188:443
                nav-edge.smartscreen.microsoft.com
                tls
                10.5kB
                12.8kB
                30
                32
              • 13.107.6.158:443
                business.bing.com
                tls
                2.0kB
                9.7kB
                17
                21
              • 23.55.97.181:443
                www.microsoft.com
                tls
                2.8kB
                22.9kB
                26
                36
              • 2.17.251.21:443
                bzib.nelreports.net
                tls
                2.5kB
                6.0kB
                13
                15
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                91.9kB
                4.7MB
                1894
                3361
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                1.5kB
                7.5kB
                9
                10
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                1.6kB
                7.5kB
                10
                10
              • 182.61.201.94:80
                bdimg.share.baidu.com
                260 B
                5
              • 182.61.201.94:80
                bdimg.share.baidu.com
                260 B
                5
              • 20.189.173.21:443
                https://nw-umwatson.events.data.microsoft.com/Telemetry.Request
                tls, http
                5.9kB
                7.6kB
                13
                11

                HTTP Request

                POST https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

                HTTP Response

                200
              • 172.217.169.42:443
                chromewebstore.googleapis.com
                tls
                2.0kB
                8.0kB
                17
                18
              • 182.61.244.229:80
                bdimg.share.baidu.com
                260 B
                5
              • 182.61.244.229:80
                bdimg.share.baidu.com
                260 B
                5
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                8.3kB
                272.5kB
                128
                215
              • 13.107.246.64:443
                wcpstatic.microsoft.com
                tls
                4.6kB
                91.0kB
                59
                77
              • 14.215.182.161:80
                bdimg.share.baidu.com
                260 B
                5
              • 14.215.182.161:80
                bdimg.share.baidu.com
                260 B
                5
              • 23.62.61.97:443
                www.bing.com
                tls
                1.1kB
                5.2kB
                10
                12
              • 39.156.68.163:80
                bdimg.share.baidu.com
                260 B
                5
              • 39.156.68.163:80
                bdimg.share.baidu.com
                260 B
                5
              • 112.34.113.148:80
                bdimg.share.baidu.com
                260 B
                5
              • 112.34.113.148:80
                bdimg.share.baidu.com
                260 B
                5
              • 163.177.17.97:80
                bdimg.share.baidu.com
                260 B
                5
              • 23.62.61.97:443
                www.bing.com
                tls
                1.2kB
                906 B
                7
                7
              • 163.177.17.97:80
                bdimg.share.baidu.com
                260 B
                5
              • 180.101.212.103:80
                bdimg.share.baidu.com
                260 B
                5
              • 180.101.212.103:80
                bdimg.share.baidu.com
                260 B
                5
              • 8.8.8.8:53
                nav-edge.smartscreen.microsoft.com
                dns
                80 B
                199 B
                1
                1

                DNS Request

                nav-edge.smartscreen.microsoft.com

                DNS Response

                51.11.108.188

              • 8.8.8.8:53
                nav-edge.smartscreen.microsoft.com
                dns
                80 B
                243 B
                1
                1

                DNS Request

                nav-edge.smartscreen.microsoft.com

              • 8.8.8.8:53
                business.bing.com
                dns
                63 B
                144 B
                1
                1

                DNS Request

                business.bing.com

                DNS Response

                13.107.6.158

              • 8.8.8.8:53
                business.bing.com
                dns
                63 B
                171 B
                1
                1

                DNS Request

                business.bing.com

              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                230 B
                1
                1

                DNS Request

                www.microsoft.com

                DNS Response

                23.55.97.181

              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                230 B
                1
                1

                DNS Request

                www.microsoft.com

                DNS Response

                23.55.97.181

              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                275 B
                1
                1

                DNS Request

                www.microsoft.com

              • 8.8.8.8:53
                bzib.nelreports.net
                dns
                65 B
                172 B
                1
                1

                DNS Request

                bzib.nelreports.net

                DNS Response

                2.17.251.21
                2.17.251.4

              • 8.8.8.8:53
                bzib.nelreports.net
                dns
                65 B
                204 B
                1
                1

                DNS Request

                bzib.nelreports.net

              • 8.8.8.8:53
                56.94.73.104.in-addr.arpa
                dns
                71 B
                135 B
                1
                1

                DNS Request

                56.94.73.104.in-addr.arpa

              • 8.8.8.8:53
                188.108.11.51.in-addr.arpa
                dns
                72 B
                158 B
                1
                1

                DNS Request

                188.108.11.51.in-addr.arpa

              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                230 B
                1
                1

                DNS Request

                www.microsoft.com

                DNS Response

                23.55.97.181

              • 8.8.8.8:53
                7tn2z.69khz.com
                dns
                61 B
                134 B
                1
                1

                DNS Request

                7tn2z.69khz.com

              • 8.8.8.8:53
                7tn2z.69khz.com
                dns
                61 B
                134 B
                1
                1

                DNS Request

                7tn2z.69khz.com

              • 8.8.8.8:53
                7tn2z.69khz.com
                dns
                61 B
                134 B
                1
                1

                DNS Request

                7tn2z.69khz.com

              • 8.8.8.8:53
                21.251.17.2.in-addr.arpa
                dns
                70 B
                133 B
                1
                1

                DNS Request

                21.251.17.2.in-addr.arpa

              • 8.8.8.8:53
                181.97.55.23.in-addr.arpa
                dns
                71 B
                135 B
                1
                1

                DNS Request

                181.97.55.23.in-addr.arpa

              • 8.8.8.8:53
                c.s-microsoft.com
                dns
                63 B
                193 B
                1
                1

                DNS Request

                c.s-microsoft.com

                DNS Response

                104.73.93.171

              • 8.8.8.8:53
                c.s-microsoft.com
                dns
                63 B
                238 B
                1
                1

                DNS Request

                c.s-microsoft.com

              • 8.8.8.8:53
                edgestatic.azureedge.net
                dns
                70 B
                245 B
                1
                1

                DNS Request

                edgestatic.azureedge.net

                DNS Response

                13.107.246.64
                13.107.213.64

              • 8.8.8.8:53
                edgestatic.azureedge.net
                dns
                70 B
                273 B
                1
                1

                DNS Request

                edgestatic.azureedge.net

              • 8.8.8.8:53
                bdimg.share.baidu.com
                dns
                67 B
                252 B
                1
                1

                DNS Request

                bdimg.share.baidu.com

                DNS Response

                182.61.201.94
                182.61.244.229
                14.215.182.161
                39.156.68.163
                112.34.113.148
                163.177.17.97
                180.101.212.103
                182.61.201.93

              • 8.8.8.8:53
                bdimg.share.baidu.com
                dns
                67 B
                181 B
                1
                1

                DNS Request

                bdimg.share.baidu.com

              • 8.8.8.8:53
                74.32.126.40.in-addr.arpa
                dns
                71 B
                157 B
                1
                1

                DNS Request

                74.32.126.40.in-addr.arpa

              • 8.8.8.8:53
                13.86.106.20.in-addr.arpa
                dns
                71 B
                157 B
                1
                1

                DNS Request

                13.86.106.20.in-addr.arpa

              • 8.8.8.8:53
                172.210.232.199.in-addr.arpa
                dns
                74 B
                128 B
                1
                1

                DNS Request

                172.210.232.199.in-addr.arpa

              • 8.8.8.8:53
                104.219.191.52.in-addr.arpa
                dns
                73 B
                147 B
                1
                1

                DNS Request

                104.219.191.52.in-addr.arpa

              • 8.8.8.8:53
                nw-umwatson.events.data.microsoft.com
                dns
                83 B
                211 B
                1
                1

                DNS Request

                nw-umwatson.events.data.microsoft.com

                DNS Response

                20.189.173.21

              • 8.8.8.8:53
                21.173.189.20.in-addr.arpa
                dns
                72 B
                158 B
                1
                1

                DNS Request

                21.173.189.20.in-addr.arpa

              • 8.8.8.8:53
                217.106.137.52.in-addr.arpa
                dns
                73 B
                147 B
                1
                1

                DNS Request

                217.106.137.52.in-addr.arpa

              • 8.8.8.8:53
                chromewebstore.googleapis.com
                dns
                75 B
                299 B
                1
                1

                DNS Request

                chromewebstore.googleapis.com

                DNS Response

                172.217.169.42
                142.250.179.234
                142.250.180.10
                142.250.187.202
                142.250.187.234
                142.250.178.10
                172.217.16.234
                142.250.200.10
                142.250.200.42
                216.58.201.106
                216.58.204.74
                216.58.213.10
                172.217.169.10
                216.58.212.234

              • 8.8.8.8:53
                chromewebstore.googleapis.com
                dns
                75 B
                132 B
                1
                1

                DNS Request

                chromewebstore.googleapis.com

              • 8.8.8.8:53
                42.169.217.172.in-addr.arpa
                dns
                73 B
                112 B
                1
                1

                DNS Request

                42.169.217.172.in-addr.arpa

              • 8.8.8.8:53
                wcpstatic.microsoft.com
                dns
                69 B
                265 B
                1
                1

                DNS Request

                wcpstatic.microsoft.com

                DNS Response

                13.107.246.64
                13.107.213.64

              • 8.8.8.8:53
                wcpstatic.microsoft.com
                dns
                69 B
                280 B
                1
                1

                DNS Request

                wcpstatic.microsoft.com

              • 8.8.8.8:53
                103.169.127.40.in-addr.arpa
                dns
                73 B
                147 B
                1
                1

                DNS Request

                103.169.127.40.in-addr.arpa

              • 8.8.8.8:53
                15.164.165.52.in-addr.arpa
                dns
                72 B
                146 B
                1
                1

                DNS Request

                15.164.165.52.in-addr.arpa

              • 8.8.8.8:53
                97.61.62.23.in-addr.arpa
                dns
                70 B
                133 B
                1
                1

                DNS Request

                97.61.62.23.in-addr.arpa

              • 224.0.0.251:5353
                204 B
                3
              • 8.8.8.8:53
                31.73.42.20.in-addr.arpa
                dns
                70 B
                156 B
                1
                1

                DNS Request

                31.73.42.20.in-addr.arpa

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              We care about your privacy.

              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.