73ba68c11765043c1eabe74688eb17f77a243616671034a380b01592370221c9

Analysis

max time kernel
128s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
15/06/2024, 13:06 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ae8e66feefb7afe9bcfe6b616a1afd0a_JaffaCakes118.html
Size

27KB
MD5

ae8e66feefb7afe9bcfe6b616a1afd0a
SHA1

c5a18260b38271f826e737c30a9605182c61ad54
SHA256

73ba68c11765043c1eabe74688eb17f77a243616671034a380b01592370221c9
SHA512

29b632701cbad7ef11e73b28f31971ae5689ebc582d3f8c87fcfdf6389fd8e76e0d7c0e05232c17850a5b4bd1c4274f1c75727db52a53a1ba3d3ad4098a09003
SSDEEP

192:uwnUb5naPWnQjxn5Q/JnQiesNncnQOkEntrrnQTbnxnQ9e2Am6lRciQl7MBMqnYQ:PQ/sL4nc1S2hI

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ae8e66feefb7afe9bcfe6b616a1afd0a_JaffaCakes118.html
1⤵
PID:1532

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4388,i,18320353784098040629,17273168055569331828,262144 --variations-seed-version --mojo-platform-channel-handle=4252 /prefetch:1
1⤵
PID:1796

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3960,i,18320353784098040629,17273168055569331828,262144 --variations-seed-version --mojo-platform-channel-handle=5032 /prefetch:1
1⤵
PID:996

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5332,i,18320353784098040629,17273168055569331828,262144 --variations-seed-version --mojo-platform-channel-handle=5376 /prefetch:1
1⤵
PID:3116

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5500,i,18320353784098040629,17273168055569331828,262144 --variations-seed-version --mojo-platform-channel-handle=5516 /prefetch:8
1⤵
PID:3296

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5528,i,18320353784098040629,17273168055569331828,262144 --variations-seed-version --mojo-platform-channel-handle=5600 /prefetch:8
1⤵
PID:4120

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5928,i,18320353784098040629,17273168055569331828,262144 --variations-seed-version --mojo-platform-channel-handle=6072 /prefetch:1
1⤵
PID:4204

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=6372,i,18320353784098040629,17273168055569331828,262144 --variations-seed-version --mojo-platform-channel-handle=5600 /prefetch:8
1⤵
PID:2636

Network

DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN A
DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN Unknown
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown
DNS

cdd.net.ua

Remote address:

8.8.8.8:53

Request

cdd.net.ua

IN A

Response

cdd.net.ua

IN A

89.184.88.6
DNS

cdd.net.ua

Remote address:

8.8.8.8:53

Request

cdd.net.ua

IN Unknown

Response
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.34.233.128
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.34.233.128
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

76.234.34.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

76.234.34.23.in-addr.arpa

IN PTR

Response

76.234.34.23.in-addr.arpa

IN PTR

a23-34-234-76deploystaticakamaitechnologiescom
DNS

fe3cr.delivery.mp.microsoft.com

Remote address:

8.8.8.8:53

Request

fe3cr.delivery.mp.microsoft.com

IN A

Response

fe3cr.delivery.mp.microsoft.com

IN CNAME

fe3.delivery.mp.microsoft.com

fe3.delivery.mp.microsoft.com

IN CNAME

glb.cws.prod.dcat.dsp.trafficmanager.net

glb.cws.prod.dcat.dsp.trafficmanager.net

IN A

20.242.39.171
DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN A

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

IN A

94.245.104.56
DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN Unknown

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net
DNS

g.bing.com

Remote address:

8.8.8.8:53

Request

g.bing.com

IN A

Response

g.bing.com

IN CNAME

g-bing-com.dual-a-0034.a-msedge.net

g-bing-com.dual-a-0034.a-msedge.net

IN CNAME

dual-a-0034.a-msedge.net

dual-a-0034.a-msedge.net

IN A

13.107.21.237

dual-a-0034.a-msedge.net

IN A

204.79.197.237
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net
GET

https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E

Remote address:

13.107.21.237:443

Request

GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=29D69C46F1EB600618EE88D9F05061FA; domain=.bing.com; expires=Thu, 10-Jul-2025 13:06:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 423506D5BDC4413D87A6704EC449E7E7 Ref B: LON04EDGE0806 Ref C: 2024-06-15T13:06:28Z
date: Sat, 15 Jun 2024 13:06:27 GMT
GET

https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E

Remote address:

13.107.21.237:443

Request

GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=29D69C46F1EB600618EE88D9F05061FA; _EDGE_S=SID=3A34A8F4D23A625B0E40BC6BD3906381

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=Gu6mhBKVhp44zRybfboJFBvNjg7q8ABEnGsI7UThi-k; domain=.bing.com; expires=Thu, 10-Jul-2025 13:06:28 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B9AF3C0B651149F9AB2D0A680AB6A6C4 Ref B: LON04EDGE0806 Ref C: 2024-06-15T13:06:28Z
date: Sat, 15 Jun 2024 13:06:28 GMT
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

184.31.15.35

a416.dscd.akamai.net

IN A

184.31.15.40
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
GET

https://www.bing.com/aes/c.gif?RG=1b1b93c41c5c42b8b719bc896121d692&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T230049Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640

Remote address:

88.221.83.210:443

Request

GET /aes/c.gif?RG=1b1b93c41c5c42b8b719bc896121d692&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T230049Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640 HTTP/2.0
host: www.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=29D69C46F1EB600618EE88D9F05061FA

Response

HTTP/2.0 200

cache-control: private,no-store
pragma: no-cache
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7ABB0814E3F24844B31BBAEB0521667F Ref B: DUS30EDGE0807 Ref C: 2024-06-15T13:06:28Z
content-length: 0
date: Sat, 15 Jun 2024 13:06:28 GMT
set-cookie: _EDGE_S=SID=3A34A8F4D23A625B0E40BC6BD3906381; path=/; httponly; domain=bing.com
set-cookie: MUIDB=29D69C46F1EB600618EE88D9F05061FA; path=/; httponly; expires=Thu, 10-Jul-2025 13:06:28 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.ce53dd58.1718456788.1dfa7bf
DNS

128.233.34.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

128.233.34.23.in-addr.arpa

IN PTR

Response

128.233.34.23.in-addr.arpa

IN PTR

a23-34-233-128deploystaticakamaitechnologiescom
DNS

22.160.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

22.160.190.20.in-addr.arpa

IN PTR

Response
DNS

56.104.245.94.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.104.245.94.in-addr.arpa

IN PTR

Response
DNS

56.104.245.94.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.104.245.94.in-addr.arpa

IN PTR
DNS

237.21.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.21.107.13.in-addr.arpa

IN PTR

Response
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-uw-2.ukwest.cloudapp.azure.com

prod-agic-uw-2.ukwest.cloudapp.azure.com

IN A

51.140.244.186
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.34.233.128
DNS

210.83.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.83.221.88.in-addr.arpa

IN PTR

Response

210.83.221.88.in-addr.arpa

IN PTR

a88-221-83-210deploystaticakamaitechnologiescom
DNS

35.15.31.184.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.15.31.184.in-addr.arpa

IN PTR

Response

35.15.31.184.in-addr.arpa

IN PTR

a184-31-15-35deploystaticakamaitechnologiescom
DNS

88.156.103.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.156.103.20.in-addr.arpa

IN PTR

Response
DNS

186.244.140.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

186.244.140.51.in-addr.arpa

IN PTR

Response
DNS

186.244.140.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

186.244.140.51.in-addr.arpa

IN PTR
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

23.34.233.128
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

225.83.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

225.83.221.88.in-addr.arpa

IN PTR

Response

225.83.221.88.in-addr.arpa

IN PTR

a88-221-83-225deploystaticakamaitechnologiescom
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

171.39.242.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.39.242.20.in-addr.arpa

IN PTR

Response
DNS

57.15.31.184.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.15.31.184.in-addr.arpa

IN PTR

Response

57.15.31.184.in-addr.arpa

IN PTR

a184-31-15-57deploystaticakamaitechnologiescom
DNS

14.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.227.111.52.in-addr.arpa

IN PTR

Response

89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
23.34.233.128:443

www.microsoft.com

tls

4.1kB
23.1kB
29
37
94.245.104.56:443

api.edgeoffer.microsoft.com

tls

3.6kB
7.5kB
14
15
13.107.21.237:443

https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E

tls, http2

2.5kB
9.3kB
20
18

HTTP Request

GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E

HTTP Response

204
13.107.6.158:443

business.bing.com

tls

3.8kB
10.2kB
19
25
184.31.15.35:443

bzib.nelreports.net

tls

2.6kB
6.3kB
14
13
88.221.83.210:443

https://www.bing.com/aes/c.gif?RG=1b1b93c41c5c42b8b719bc896121d692&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T230049Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640

tls, http2

1.4kB
5.3kB
16
11

HTTP Request

GET https://www.bing.com/aes/c.gif?RG=1b1b93c41c5c42b8b719bc896121d692&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T230049Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640

HTTP Response

200
184.31.15.35:443

bzib.nelreports.net

tls

3.8kB
6.1kB
14
17
51.140.244.186:443

nav-edge.smartscreen.microsoft.com

tls

13.7kB
14.1kB
34
38
13.107.246.64:443

edgestatic.azureedge.net

tls

3.0kB
7.6kB
14
11
13.107.246.64:443

edgestatic.azureedge.net

tls

106.9kB
4.8MB
2126
3423
13.107.246.64:443

edgestatic.azureedge.net

tls

2.8kB
7.6kB
10
11
13.107.246.64:443

edgestatic.azureedge.net

tls

9.3kB
272.3kB
125
211
13.107.246.64:443

wcpstatic.microsoft.com

tls

5.4kB
91.0kB
53
78
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
89.184.88.6:80

cdd.net.ua

260 B
5
88.221.83.225:443

www.bing.com

tls

2.3kB
5.2kB
10
12

8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
1

DNS Request

api.edgeoffer.microsoft.com
8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
1

DNS Request

api.edgeoffer.microsoft.com
8.8.8.8:53

business.bing.com

dns

63 B
1

DNS Request

business.bing.com
8.8.8.8:53

business.bing.com

dns

63 B
1

DNS Request

business.bing.com
8.8.8.8:53

cdd.net.ua

dns

56 B
72 B
1
1

DNS Request

cdd.net.ua

DNS Response

89.184.88.6
8.8.8.8:53

cdd.net.ua

dns

56 B
128 B
1
1

DNS Request

cdd.net.ua
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.34.233.128
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.34.233.128
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

76.234.34.23.in-addr.arpa

dns

148 B
300 B
2
2

DNS Request

76.234.34.23.in-addr.arpa

DNS Request

fe3cr.delivery.mp.microsoft.com

DNS Response

20.242.39.171
8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
226 B
1
1

DNS Request

api.edgeoffer.microsoft.com

DNS Response

94.245.104.56
8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
271 B
1
1

DNS Request

api.edgeoffer.microsoft.com
8.8.8.8:53

g.bing.com

dns

56 B
151 B
1
1

DNS Request

g.bing.com

DNS Response

13.107.21.237

204.79.197.237
8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
185 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

184.31.15.35

184.31.15.40
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

128.233.34.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

128.233.34.23.in-addr.arpa
8.8.8.8:53

22.160.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

22.160.190.20.in-addr.arpa
8.8.8.8:53

56.104.245.94.in-addr.arpa

dns

144 B
146 B
2
1

DNS Request

56.104.245.94.in-addr.arpa

DNS Request

56.104.245.94.in-addr.arpa
8.8.8.8:53

237.21.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

237.21.107.13.in-addr.arpa
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
199 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

51.140.244.186
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
244 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.34.233.128
8.8.8.8:53

210.83.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

210.83.221.88.in-addr.arpa
8.8.8.8:53

35.15.31.184.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

35.15.31.184.in-addr.arpa
8.8.8.8:53

88.156.103.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

88.156.103.20.in-addr.arpa
8.8.8.8:53

186.244.140.51.in-addr.arpa

dns

146 B
147 B
2
1

DNS Request

186.244.140.51.in-addr.arpa

DNS Request

186.244.140.51.in-addr.arpa
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
231 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
261 B
1
1

DNS Request

edgestatic.azureedge.net
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

23.34.233.128
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
251 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
282 B
1
1

DNS Request

wcpstatic.microsoft.com
88.221.83.225:443

www.bing.com

https

5.6kB
5.5kB
10
10
8.8.8.8:53

225.83.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

225.83.221.88.in-addr.arpa
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

171.39.242.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

171.39.242.20.in-addr.arpa
8.8.8.8:53

57.15.31.184.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

57.15.31.184.in-addr.arpa
8.8.8.8:53

14.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

14.227.111.52.in-addr.arpa
224.0.0.251:5353

204 B
3

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.