Overview

overview

3

Static

static

3

031919d6c9...18.exe

windows7-x64

3

031919d6c9...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/06/2024, 05:12 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    031919d6c99a9cffd61d43d26ae28eba_JaffaCakes118.exe

  • Size

    2.2MB

  • MD5

    031919d6c99a9cffd61d43d26ae28eba

  • SHA1

    cad74f70759ef0089cac9b16224efeb7f843fb79

  • SHA256

    b5529f4fe0667bc9a09a04d16ca49fc170ae464f6e6cb78603f638046d5ae707

  • SHA512

    50e5b99dd216e0c325c6ecfd69faf1c386a0887a19b2acfc1c8ee6967b3ce8a9aa2a2b6f48772d7c8055e1cdf4535046969790ce684d92e46c7067f27366410f

  • SSDEEP

    49152:MecrLa6dkeFx+OpoUwlFUV89GHlBmuLfixvBlKhEm:MrrpDFx+bUwlFUeimub8vB8K

Score
3/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\031919d6c99a9cffd61d43d26ae28eba_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\031919d6c99a9cffd61d43d26ae28eba_JaffaCakes118.exe"
    1⤵
      PID:1556

    Network

    • flag-us
      DNS
      133.211.185.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      133.211.185.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      g.bing.com
      Remote address:
      8.8.8.8:53
      Request
      g.bing.com
      IN A
      Response
      g.bing.com
      IN CNAME
      g-bing-com.dual-a-0034.a-msedge.net
      g-bing-com.dual-a-0034.a-msedge.net
      IN CNAME
      dual-a-0034.a-msedge.net
      dual-a-0034.a-msedge.net
      IN A
      13.107.21.237
      dual-a-0034.a-msedge.net
      IN A
      204.79.197.237
    • flag-us
      GET
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82G_jYVeK5QDjgdyayD-Q8jVUCUxbSfEoRZ0gJLwUHCUO3TNm7CEG31oMRh3zqCI588fxqdD3H2-VgX6iDSbYFDP5r-iFMIpqXJeW7ACYdaQqt2vefHHStZAGN8xcA8auTS6ie36GuHMbUtNPyviggK9SUJF7P7GUkz6hfFw6dHmLLyBk%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZmJ1eSUyZmNvbXBhcmUtYWxsLW1pY3Jvc29mdC0zNjUtcHJvZHVjdHMlM2ZvY2lkJTNkY21tYmV1bWVkNTU%26rlid%3D45f6294491f5112fd4ff4f2c5d911028&TIME=20240611T221531Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:12D800F8-5EB4-CAF1-6CA7-FE64B9B0CF8B&deviceId=6825835407611525&muid=12D800F85EB4CAF16CA7FE64B9B0CF8B
      Remote address:
      13.107.21.237:443
      Request
      GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82G_jYVeK5QDjgdyayD-Q8jVUCUxbSfEoRZ0gJLwUHCUO3TNm7CEG31oMRh3zqCI588fxqdD3H2-VgX6iDSbYFDP5r-iFMIpqXJeW7ACYdaQqt2vefHHStZAGN8xcA8auTS6ie36GuHMbUtNPyviggK9SUJF7P7GUkz6hfFw6dHmLLyBk%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZmJ1eSUyZmNvbXBhcmUtYWxsLW1pY3Jvc29mdC0zNjUtcHJvZHVjdHMlM2ZvY2lkJTNkY21tYmV1bWVkNTU%26rlid%3D45f6294491f5112fd4ff4f2c5d911028&TIME=20240611T221531Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:12D800F8-5EB4-CAF1-6CA7-FE64B9B0CF8B&deviceId=6825835407611525&muid=12D800F85EB4CAF16CA7FE64B9B0CF8B HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MUID=183F6928D5A666AA047F7D8CD481671A; domain=.bing.com; expires=Tue, 15-Jul-2025 05:12:54 GMT; path=/; SameSite=None; Secure; Priority=High;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 34850143569C4C1DB84061F3B53DD115 Ref B: LON04EDGE0708 Ref C: 2024-06-20T05:12:54Z
      date: Thu, 20 Jun 2024 05:12:54 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82G_jYVeK5QDjgdyayD-Q8jVUCUxbSfEoRZ0gJLwUHCUO3TNm7CEG31oMRh3zqCI588fxqdD3H2-VgX6iDSbYFDP5r-iFMIpqXJeW7ACYdaQqt2vefHHStZAGN8xcA8auTS6ie36GuHMbUtNPyviggK9SUJF7P7GUkz6hfFw6dHmLLyBk%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZmJ1eSUyZmNvbXBhcmUtYWxsLW1pY3Jvc29mdC0zNjUtcHJvZHVjdHMlM2ZvY2lkJTNkY21tYmV1bWVkNTU%26rlid%3D45f6294491f5112fd4ff4f2c5d911028&TIME=20240611T221531Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:12D800F8-5EB4-CAF1-6CA7-FE64B9B0CF8B&deviceId=6825835407611525&muid=12D800F85EB4CAF16CA7FE64B9B0CF8B
      Remote address:
      13.107.21.237:443
      Request
      GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82G_jYVeK5QDjgdyayD-Q8jVUCUxbSfEoRZ0gJLwUHCUO3TNm7CEG31oMRh3zqCI588fxqdD3H2-VgX6iDSbYFDP5r-iFMIpqXJeW7ACYdaQqt2vefHHStZAGN8xcA8auTS6ie36GuHMbUtNPyviggK9SUJF7P7GUkz6hfFw6dHmLLyBk%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZmJ1eSUyZmNvbXBhcmUtYWxsLW1pY3Jvc29mdC0zNjUtcHJvZHVjdHMlM2ZvY2lkJTNkY21tYmV1bWVkNTU%26rlid%3D45f6294491f5112fd4ff4f2c5d911028&TIME=20240611T221531Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:12D800F8-5EB4-CAF1-6CA7-FE64B9B0CF8B&deviceId=6825835407611525&muid=12D800F85EB4CAF16CA7FE64B9B0CF8B HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=183F6928D5A666AA047F7D8CD481671A; _EDGE_S=SID=3B9F6209CF8765B41C9676ADCE2D64FC
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MSPTC=_EFS-V6bDcD87BtBZabNQFD-GXJXKiPWu7Oe03uQK_c; domain=.bing.com; expires=Tue, 15-Jul-2025 05:12:55 GMT; path=/; Partitioned; secure; SameSite=None
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: E2345DC4124849EE87BDBE4FFBAAE23E Ref B: LON04EDGE0708 Ref C: 2024-06-20T05:12:55Z
      date: Thu, 20 Jun 2024 05:12:55 GMT
    • flag-nl
      GET
      https://www.bing.com/aes/c.gif?RG=25e032be5bd44f4d9c577c1b7a5645cd&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221531Z&adUnitId=11730597&localId=w:12D800F8-5EB4-CAF1-6CA7-FE64B9B0CF8B&deviceId=6825835407611525
      Remote address:
      23.62.61.194:443
      Request
      GET /aes/c.gif?RG=25e032be5bd44f4d9c577c1b7a5645cd&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221531Z&adUnitId=11730597&localId=w:12D800F8-5EB4-CAF1-6CA7-FE64B9B0CF8B&deviceId=6825835407611525 HTTP/2.0
      host: www.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=183F6928D5A666AA047F7D8CD481671A
      Response
      HTTP/2.0 200
      cache-control: private,no-store
      pragma: no-cache
      vary: Origin
      p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: F58E15CDB5B740BB9BB9374340E3407B Ref B: DUS30EDGE0922 Ref C: 2024-06-20T05:12:55Z
      content-length: 0
      date: Thu, 20 Jun 2024 05:12:55 GMT
      set-cookie: _EDGE_S=SID=3B9F6209CF8765B41C9676ADCE2D64FC; path=/; httponly; domain=bing.com
      set-cookie: MUIDB=183F6928D5A666AA047F7D8CD481671A; path=/; httponly; expires=Tue, 15-Jul-2025 05:12:55 GMT
      alt-svc: h3=":443"; ma=93600
      x-cdn-traceid: 0.be3d3e17.1718860375.c3819ad
    • flag-us
      DNS
      237.21.107.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      237.21.107.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      172.210.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.210.232.199.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      71.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      71.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      55.36.223.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      55.36.223.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      194.61.62.23.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      194.61.62.23.in-addr.arpa
      IN PTR
      Response
      194.61.62.23.in-addr.arpa
      IN PTR
      a23-62-61-194deploystaticakamaitechnologiescom
    • flag-us
      DNS
      196.249.167.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      196.249.167.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      183.59.114.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      183.59.114.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      198.187.3.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      198.187.3.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      172.214.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.214.232.199.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      43.58.199.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      43.58.199.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      13.227.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      13.227.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      tse1.mm.bing.net
      Remote address:
      8.8.8.8:53
      Request
      tse1.mm.bing.net
      IN A
      Response
      tse1.mm.bing.net
      IN CNAME
      mm-mm.bing.net.trafficmanager.net
      mm-mm.bing.net.trafficmanager.net
      IN CNAME
      ax-0001.ax-msedge.net
      ax-0001.ax-msedge.net
      IN A
      150.171.28.10
      ax-0001.ax-msedge.net
      IN A
      150.171.27.10
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239378035945_10T6FVURQVW5LVR96&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      Remote address:
      150.171.28.10:443
      Request
      GET /th?id=OADD2.10239378035945_10T6FVURQVW5LVR96&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 592155
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 5C1D0B46B6B14D759A0B92FC3A6A72F8 Ref B: LON04EDGE0919 Ref C: 2024-06-20T05:14:30Z
      date: Thu, 20 Jun 2024 05:14:29 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239378035944_1EHBGA1BYD4HZXZYE&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      150.171.28.10:443
      Request
      GET /th?id=OADD2.10239378035944_1EHBGA1BYD4HZXZYE&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 532141
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 92E222717E3B47D38AE01FD99964875E Ref B: LON04EDGE0919 Ref C: 2024-06-20T05:14:30Z
      date: Thu, 20 Jun 2024 05:14:29 GMT
    • flag-us
      DNS
      10.28.171.150.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      10.28.171.150.in-addr.arpa
      IN PTR
      Response
    • 13.107.21.237:443
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82G_jYVeK5QDjgdyayD-Q8jVUCUxbSfEoRZ0gJLwUHCUO3TNm7CEG31oMRh3zqCI588fxqdD3H2-VgX6iDSbYFDP5r-iFMIpqXJeW7ACYdaQqt2vefHHStZAGN8xcA8auTS6ie36GuHMbUtNPyviggK9SUJF7P7GUkz6hfFw6dHmLLyBk%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZmJ1eSUyZmNvbXBhcmUtYWxsLW1pY3Jvc29mdC0zNjUtcHJvZHVjdHMlM2ZvY2lkJTNkY21tYmV1bWVkNTU%26rlid%3D45f6294491f5112fd4ff4f2c5d911028&TIME=20240611T221531Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:12D800F8-5EB4-CAF1-6CA7-FE64B9B0CF8B&deviceId=6825835407611525&muid=12D800F85EB4CAF16CA7FE64B9B0CF8B
      tls, http2
      2.5kB
       9.0kB
       19
      16

      HTTP Request

      GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82G_jYVeK5QDjgdyayD-Q8jVUCUxbSfEoRZ0gJLwUHCUO3TNm7CEG31oMRh3zqCI588fxqdD3H2-VgX6iDSbYFDP5r-iFMIpqXJeW7ACYdaQqt2vefHHStZAGN8xcA8auTS6ie36GuHMbUtNPyviggK9SUJF7P7GUkz6hfFw6dHmLLyBk%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZmJ1eSUyZmNvbXBhcmUtYWxsLW1pY3Jvc29mdC0zNjUtcHJvZHVjdHMlM2ZvY2lkJTNkY21tYmV1bWVkNTU%26rlid%3D45f6294491f5112fd4ff4f2c5d911028&TIME=20240611T221531Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:12D800F8-5EB4-CAF1-6CA7-FE64B9B0CF8B&deviceId=6825835407611525&muid=12D800F85EB4CAF16CA7FE64B9B0CF8B

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82G_jYVeK5QDjgdyayD-Q8jVUCUxbSfEoRZ0gJLwUHCUO3TNm7CEG31oMRh3zqCI588fxqdD3H2-VgX6iDSbYFDP5r-iFMIpqXJeW7ACYdaQqt2vefHHStZAGN8xcA8auTS6ie36GuHMbUtNPyviggK9SUJF7P7GUkz6hfFw6dHmLLyBk%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZmJ1eSUyZmNvbXBhcmUtYWxsLW1pY3Jvc29mdC0zNjUtcHJvZHVjdHMlM2ZvY2lkJTNkY21tYmV1bWVkNTU%26rlid%3D45f6294491f5112fd4ff4f2c5d911028&TIME=20240611T221531Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:12D800F8-5EB4-CAF1-6CA7-FE64B9B0CF8B&deviceId=6825835407611525&muid=12D800F85EB4CAF16CA7FE64B9B0CF8B

      HTTP Response

      204
    • 23.62.61.194:443
      https://www.bing.com/aes/c.gif?RG=25e032be5bd44f4d9c577c1b7a5645cd&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221531Z&adUnitId=11730597&localId=w:12D800F8-5EB4-CAF1-6CA7-FE64B9B0CF8B&deviceId=6825835407611525
      tls, http2
      1.5kB
       5.5kB
       17
      14

      HTTP Request

      GET https://www.bing.com/aes/c.gif?RG=25e032be5bd44f4d9c577c1b7a5645cd&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221531Z&adUnitId=11730597&localId=w:12D800F8-5EB4-CAF1-6CA7-FE64B9B0CF8B&deviceId=6825835407611525

      HTTP Response

      200
    • 52.111.227.14:443
      322 B
       7
    • 150.171.28.10:443
      https://tse1.mm.bing.net/th?id=OADD2.10239378035944_1EHBGA1BYD4HZXZYE&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      tls, http2
      42.9kB
       1.2MB
       869
      866

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239378035945_10T6FVURQVW5LVR96&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239378035944_1EHBGA1BYD4HZXZYE&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Response

      200

      HTTP Response

      200
    • 150.171.28.10:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       6.9kB
       15
      13
    • 8.8.8.8:53
      133.211.185.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      133.211.185.52.in-addr.arpa

    • 8.8.8.8:53
      g.bing.com
      dns
      56 B
       151 B
       1
      1

      DNS Request

      g.bing.com

      DNS Response

      13.107.21.237
      204.79.197.237

    • 8.8.8.8:53
      237.21.107.13.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      237.21.107.13.in-addr.arpa

    • 8.8.8.8:53
      172.210.232.199.in-addr.arpa
      dns
      74 B
       128 B
       1
      1

      DNS Request

      172.210.232.199.in-addr.arpa

    • 8.8.8.8:53
      71.159.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      71.159.190.20.in-addr.arpa

    • 8.8.8.8:53
      55.36.223.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      55.36.223.20.in-addr.arpa

    • 8.8.8.8:53
      194.61.62.23.in-addr.arpa
      dns
      71 B
       135 B
       1
      1

      DNS Request

      194.61.62.23.in-addr.arpa

    • 8.8.8.8:53
      196.249.167.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      196.249.167.52.in-addr.arpa

    • 8.8.8.8:53
      183.59.114.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      183.59.114.20.in-addr.arpa

    • 8.8.8.8:53
      198.187.3.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      198.187.3.20.in-addr.arpa

    • 8.8.8.8:53
      172.214.232.199.in-addr.arpa
      dns
      74 B
       128 B
       1
      1

      DNS Request

      172.214.232.199.in-addr.arpa

    • 8.8.8.8:53
      43.58.199.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      43.58.199.20.in-addr.arpa

    • 8.8.8.8:53
      13.227.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      13.227.111.52.in-addr.arpa

    • 8.8.8.8:53
      tse1.mm.bing.net
      dns
      62 B
       170 B
       1
      1

      DNS Request

      tse1.mm.bing.net

      DNS Response

      150.171.28.10
      150.171.27.10

    • 8.8.8.8:53
      10.28.171.150.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      10.28.171.150.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1556-0-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-1-0x00000000001A0000-0x00000000001A2000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1556-6-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-7-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-8-0x00000000001A0000-0x00000000001A2000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1556-9-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-10-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-11-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-12-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-13-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-14-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-15-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-16-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-17-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-18-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-19-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    • memory/1556-20-0x0000000000400000-0x00000000005DA000-memory.dmp

      Filesize

      1.9MB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.