Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file http://fanlink.tv/ was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-03 13:06
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 13:06
Reported
2024-06-03 13:09
Platform
win10v2004-20240508-en
Max time kernel
136s
Max time network
148s
Command Line
Signatures
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://fanlink.tv/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3848,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4100,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=5140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=3576,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=5284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5424,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=5436 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5440,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=5516 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5940,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=5984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=6128,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=5528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=5040,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5892,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=6152 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --field-trial-handle=5916,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=6424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5652,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=5464 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | fanlink.tv | udp |
| US | 8.8.8.8:53 | fanlink.tv | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 13.56.96.205:80 | fanlink.tv | tcp |
| US | 8.8.8.8:53 | fanlink.tv | udp |
| US | 13.56.96.205:80 | fanlink.tv | tcp |
| US | 8.8.8.8:53 | fanlink.tv | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | fanlink.tv | udp |
| US | 8.8.8.8:53 | fanlink.tv | udp |
| US | 13.52.31.143:443 | fanlink.tv | tcp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| BE | 2.21.17.194:443 | www.microsoft.com | tcp |
| GB | 104.91.71.133:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.96.56.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.181.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.31.52.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.17.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.toneden.io | udp |
| US | 8.8.8.8:53 | www.toneden.io | udp |
| US | 8.8.8.8:53 | www.toneden.io | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 13.56.96.205:443 | www.toneden.io | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | st.toneden.io | udp |
| US | 8.8.8.8:53 | st.toneden.io | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | use.fontawesome.com | udp |
| US | 8.8.8.8:53 | use.fontawesome.com | udp |
| US | 104.21.27.152:443 | use.fontawesome.com | udp |
| GB | 18.165.160.118:443 | st.toneden.io | tcp |
| GB | 18.165.160.118:443 | st.toneden.io | tcp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| US | 104.21.27.152:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| GB | 199.232.56.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | 152.27.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.evbstatic.com | udp |
| US | 8.8.8.8:53 | cdn.evbstatic.com | udp |
| GB | 13.224.81.88:443 | cdn.evbstatic.com | tcp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 157.56.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.253.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | analytics.tiktok.com | udp |
| US | 8.8.8.8:53 | analytics.tiktok.com | udp |
| US | 8.8.8.8:53 | cdn.lr-in.com | udp |
| US | 8.8.8.8:53 | cdn.lr-in.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| NL | 23.62.61.56:443 | analytics.tiktok.com | tcp |
| US | 104.21.234.144:443 | cdn.lr-in.com | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.234.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.0.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 104.21.234.144:443 | cdn.lr-in.com | tcp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 8.8.8.8:53 | www.toneden.io | udp |
| US | 104.21.234.144:443 | cdn.lr-in.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 96.17.178.207:443 | snap.licdn.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | api.stripe.com | udp |
| US | 8.8.8.8:53 | api.stripe.com | udp |
| IE | 34.241.202.139:443 | api.stripe.com | tcp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 8.8.8.8:53 | www.toneden.io | udp |
| US | 8.8.8.8:53 | widget.intercom.io | udp |
| US | 8.8.8.8:53 | widget.intercom.io | udp |
| GB | 3.162.20.122:443 | widget.intercom.io | tcp |
| NL | 23.62.61.75:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | js.intercomcdn.com | udp |
| US | 8.8.8.8:53 | js.intercomcdn.com | udp |
| GB | 18.165.160.35:443 | js.intercomcdn.com | tcp |
| GB | 18.165.160.35:443 | js.intercomcdn.com | tcp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.202.241.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.61.62.23.in-addr.arpa | udp |
| US | 13.56.96.205:443 | www.toneden.io | tcp |
| US | 13.56.96.205:443 | www.toneden.io | tcp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 44.235.107.126:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | r.stripe.com | udp |
| US | 8.8.8.8:53 | r.stripe.com | udp |
| US | 54.187.119.242:443 | r.stripe.com | tcp |
| US | 8.8.8.8:53 | 35.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.107.235.44.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 242.119.187.54.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.toneden.io | udp |
| US | 8.8.8.8:53 | www.toneden.io | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 52.25.24.113:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | 10.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.24.25.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | www.toneden.io | udp |
| US | 8.8.8.8:53 | www.toneden.io | udp |
| US | 13.52.31.143:443 | www.toneden.io | tcp |
| US | 13.52.31.143:443 | www.toneden.io | tcp |