Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

051dd1a32e...18.exe

windows7-x64

1

051dd1a32e...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/06/2024, 10:23 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    051dd1a32e29effb3cc353ba5038392d_JaffaCakes118.exe

  • Size

    206KB

  • MD5

    051dd1a32e29effb3cc353ba5038392d

  • SHA1

    03c7a3afdeb1e28c96bd99af014c63172a4ef8ff

  • SHA256

    0284aaec7c5f08064d55fbcc5f501a9716fb6a032037ce7510ee9224f74bd001

  • SHA512

    1c6cb25f1315daeea4987f04bde47d8946581fc32a6c4e4192f50bd44653d6c269bee504a7e98d2167914b6ce5e06374034e58c8c817a4697e2731938a68abee

  • SSDEEP

    3072:7YfMaRiK5W9DMalamMBjuHWiMEmQVnDhq6N4nkgswK3jpR:7Y0aRiYWumMWeEmqDDN4nkgsV3jD

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\051dd1a32e29effb3cc353ba5038392d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\051dd1a32e29effb3cc353ba5038392d_JaffaCakes118.exe"
    1⤵
      PID:4700
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4380,i,18320353784098040629,17273168055569331828,262144 --variations-seed-version --mojo-platform-channel-handle=3840 /prefetch:8
      1⤵
        PID:4132

      Network

      • flag-us
        DNS
        8.8.8.8.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        8.8.8.8.in-addr.arpa
        IN PTR
        Response
        8.8.8.8.in-addr.arpa
        IN PTR
        dnsgoogle
      • flag-us
        DNS
        g.bing.com
        Remote address:
        8.8.8.8:53
        Request
        g.bing.com
        IN A
        Response
        g.bing.com
        IN CNAME
        g-bing-com.dual-a-0034.a-msedge.net
        g-bing-com.dual-a-0034.a-msedge.net
        IN CNAME
        dual-a-0034.a-msedge.net
        dual-a-0034.a-msedge.net
        IN A
        204.79.197.237
        dual-a-0034.a-msedge.net
        IN A
        13.107.21.237
      • flag-us
        GET
        https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E
        Remote address:
        204.79.197.237:443
        Request
        GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E HTTP/2.0
        host: g.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        Response
        HTTP/2.0 204
        cache-control: no-cache, must-revalidate
        pragma: no-cache
        expires: Fri, 01 Jan 1990 00:00:00 GMT
        set-cookie: MUID=106A201CA46C678D101834B8A5D7662C; domain=.bing.com; expires=Tue, 15-Jul-2025 10:23:33 GMT; path=/; SameSite=None; Secure; Priority=High;
        strict-transport-security: max-age=31536000; includeSubDomains; preload
        access-control-allow-origin: *
        x-cache: CONFIG_NOCACHE
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 46F5DBF588CE42D98E8EB14A4284EAC8 Ref B: LON04EDGE0908 Ref C: 2024-06-20T10:23:33Z
        date: Thu, 20 Jun 2024 10:23:32 GMT
      • flag-us
        GET
        https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E
        Remote address:
        204.79.197.237:443
        Request
        GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E HTTP/2.0
        host: g.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        cookie: MUID=106A201CA46C678D101834B8A5D7662C; _EDGE_S=SID=3507E575723469853011F1D1734D68FD
        Response
        HTTP/2.0 204
        cache-control: no-cache, must-revalidate
        pragma: no-cache
        expires: Fri, 01 Jan 1990 00:00:00 GMT
        set-cookie: MSPTC=ZnxA5aDCpq8djZ5fpEfsRK5KTamgF-3eXvQmaOqedkE; domain=.bing.com; expires=Tue, 15-Jul-2025 10:23:33 GMT; path=/; Partitioned; secure; SameSite=None
        strict-transport-security: max-age=31536000; includeSubDomains; preload
        access-control-allow-origin: *
        x-cache: CONFIG_NOCACHE
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: F568A1B500904619AF51F30F95D47A50 Ref B: LON04EDGE0908 Ref C: 2024-06-20T10:23:33Z
        date: Thu, 20 Jun 2024 10:23:33 GMT
      • flag-us
        DNS
        98.90.14.23.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        98.90.14.23.in-addr.arpa
        IN PTR
        Response
        98.90.14.23.in-addr.arpa
        IN PTR
        a23-14-90-98deploystaticakamaitechnologiescom
      • flag-us
        DNS
        97.17.167.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        97.17.167.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        68.32.126.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        68.32.126.40.in-addr.arpa
        IN PTR
        Response
      • flag-nl
        GET
        https://www.bing.com/aes/c.gif?RG=1b1b93c41c5c42b8b719bc896121d692&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T230049Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640
        Remote address:
        23.62.61.56:443
        Request
        GET /aes/c.gif?RG=1b1b93c41c5c42b8b719bc896121d692&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T230049Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640 HTTP/2.0
        host: www.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        cookie: MUID=106A201CA46C678D101834B8A5D7662C
        Response
        HTTP/2.0 200
        cache-control: private,no-store
        pragma: no-cache
        vary: Origin
        p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 216590191109478194A1666860CA1C9D Ref B: LON212050719051 Ref C: 2024-06-20T10:23:33Z
        content-length: 0
        date: Thu, 20 Jun 2024 10:23:33 GMT
        set-cookie: _EDGE_S=SID=3507E575723469853011F1D1734D68FD; path=/; httponly; domain=bing.com
        set-cookie: MUIDB=106A201CA46C678D101834B8A5D7662C; path=/; httponly; expires=Tue, 15-Jul-2025 10:23:33 GMT
        alt-svc: h3=":443"; ma=93600
        x-cdn-traceid: 0.343d3e17.1718879013.7e3be19
      • flag-us
        DNS
        237.197.79.204.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        237.197.79.204.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        56.61.62.23.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        56.61.62.23.in-addr.arpa
        IN PTR
        Response
        56.61.62.23.in-addr.arpa
        IN PTR
        a23-62-61-56deploystaticakamaitechnologiescom
      • flag-us
        DNS
        26.35.223.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        26.35.223.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        196.249.167.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        196.249.167.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        103.169.127.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        103.169.127.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        107.12.20.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        107.12.20.2.in-addr.arpa
        IN PTR
        Response
        107.12.20.2.in-addr.arpa
        IN PTR
        a2-20-12-107deploystaticakamaitechnologiescom
      • flag-us
        DNS
        56.126.166.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        56.126.166.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        14.227.111.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        14.227.111.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        172.210.232.199.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        172.210.232.199.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        tse1.mm.bing.net
        Remote address:
        8.8.8.8:53
        Request
        tse1.mm.bing.net
        IN A
        Response
        tse1.mm.bing.net
        IN CNAME
        mm-mm.bing.net.trafficmanager.net
        mm-mm.bing.net.trafficmanager.net
        IN CNAME
        ax-0001.ax-msedge.net
        ax-0001.ax-msedge.net
        IN A
        150.171.28.10
        ax-0001.ax-msedge.net
        IN A
        150.171.27.10
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239370639702_1LY06F7YB2ZF9D3G5&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
        Remote address:
        150.171.28.10:443
        Request
        GET /th?id=OADD2.10239370639702_1LY06F7YB2ZF9D3G5&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 634564
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: CD44CF9A6EDB49DE87A4E8FA92921C8F Ref B: LON04EDGE1220 Ref C: 2024-06-20T10:25:11Z
        date: Thu, 20 Jun 2024 10:25:11 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239370639330_1D80T5H13WVAODNQ8&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
        Remote address:
        150.171.28.10:443
        Request
        GET /th?id=OADD2.10239370639330_1D80T5H13WVAODNQ8&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 682798
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: F2C1C0E52C544474AF1F2383250F998F Ref B: LON04EDGE1220 Ref C: 2024-06-20T10:25:11Z
        date: Thu, 20 Jun 2024 10:25:11 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239370639703_1XZVEAKL3PD7EZGL4&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
        Remote address:
        150.171.28.10:443
        Request
        GET /th?id=OADD2.10239370639703_1XZVEAKL3PD7EZGL4&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 835660
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: BAA042AFCE284443A2701A59CA2B56DF Ref B: LON04EDGE1220 Ref C: 2024-06-20T10:25:11Z
        date: Thu, 20 Jun 2024 10:25:11 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239370639329_16GDTY03HO5SY2UBG&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
        Remote address:
        150.171.28.10:443
        Request
        GET /th?id=OADD2.10239370639329_16GDTY03HO5SY2UBG&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 637660
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: C5B948778C754791AF4501F784B22B92 Ref B: LON04EDGE1220 Ref C: 2024-06-20T10:25:11Z
        date: Thu, 20 Jun 2024 10:25:11 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239370255188_1EKPMYV01DV13G64K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
        Remote address:
        150.171.28.10:443
        Request
        GET /th?id=OADD2.10239370255188_1EKPMYV01DV13G64K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 770657
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 14BF48A7BFED4AF18B0995DD307E10E4 Ref B: LON04EDGE1220 Ref C: 2024-06-20T10:25:11Z
        date: Thu, 20 Jun 2024 10:25:11 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239370255189_1E7XE0SO5A57SENIS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
        Remote address:
        150.171.28.10:443
        Request
        GET /th?id=OADD2.10239370255189_1E7XE0SO5A57SENIS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 664406
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: E269DBA8613D47148E9E88C2EA97C4AB Ref B: LON04EDGE1220 Ref C: 2024-06-20T10:25:12Z
        date: Thu, 20 Jun 2024 10:25:12 GMT
      • flag-us
        DNS
        10.28.171.150.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        10.28.171.150.in-addr.arpa
        IN PTR
        Response
      • 204.79.197.237:443
        https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E
        tls, http2
        2.5kB
         9.1kB
         20
        17

        HTTP Request

        GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E

        HTTP Response

        204

        HTTP Request

        GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8tJIC5GSlHnQS6XZUxw1tYjVUCUxyHy9i8ei9QndT1fXrRQiLqLaihoJL_OS0w_ZdbPVipSpJjZ30zjQlw0wNzNPWP5jdH8z60pPZis-pm16rT51e4SjHItvsjUjzACstDMaBbU8p23Lb1OBBccAYA9Y63rF8qyyd2CdzKPOAJaVUuqTY%26u%3DbXMtd2luZG93cy1zdG9yZSUzYSUyZiUyZnBkcCUyZiUzZnByb2R1Y3RpZCUzZENGUTdUVEMwSzVETSUyNm9jaWQlM2RjbW01OHN0NzB4cA%26rlid%3Db9676cc529f318ac2a6a0aadfef0aa87&TIME=20240611T230049Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E

        HTTP Response

        204
      • 23.62.61.56:443
        https://www.bing.com/aes/c.gif?RG=1b1b93c41c5c42b8b719bc896121d692&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T230049Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640
        tls, http2
        1.5kB
         5.5kB
         17
        15

        HTTP Request

        GET https://www.bing.com/aes/c.gif?RG=1b1b93c41c5c42b8b719bc896121d692&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T230049Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640

        HTTP Response

        200
      • 150.171.28.10:443
        tse1.mm.bing.net
        tls, http2
        1.2kB
         6.9kB
         15
        13
      • 150.171.28.10:443
        https://tse1.mm.bing.net/th?id=OADD2.10239370255189_1E7XE0SO5A57SENIS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
        tls, http2
        157.9kB
         4.4MB
         3193
        3186

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239370639702_1LY06F7YB2ZF9D3G5&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239370639330_1D80T5H13WVAODNQ8&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239370639703_1XZVEAKL3PD7EZGL4&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239370639329_16GDTY03HO5SY2UBG&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239370255188_1EKPMYV01DV13G64K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

        HTTP Response

        200

        HTTP Response

        200

        HTTP Response

        200

        HTTP Response

        200

        HTTP Response

        200

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239370255189_1E7XE0SO5A57SENIS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

        HTTP Response

        200
      • 150.171.28.10:443
        tse1.mm.bing.net
        tls, http2
        1.2kB
         6.9kB
         15
        13
      • 150.171.28.10:443
        tse1.mm.bing.net
        tls, http2
        1.2kB
         6.9kB
         15
        13
      • 150.171.28.10:443
        tse1.mm.bing.net
        tls, http2
        1.2kB
         6.9kB
         15
        13
      • 8.8.8.8:53
        8.8.8.8.in-addr.arpa
        dns
        66 B
         90 B
         1
        1

        DNS Request

        8.8.8.8.in-addr.arpa

      • 8.8.8.8:53
        g.bing.com
        dns
        56 B
         151 B
         1
        1

        DNS Request

        g.bing.com

        DNS Response

        204.79.197.237
        13.107.21.237

      • 8.8.8.8:53
        97.17.167.52.in-addr.arpa
        dns
        71 B
         145 B
         1
        1

        DNS Request

        97.17.167.52.in-addr.arpa

      • 8.8.8.8:53
        98.90.14.23.in-addr.arpa
        dns
        70 B
         133 B
         1
        1

        DNS Request

        98.90.14.23.in-addr.arpa

      • 8.8.8.8:53
        68.32.126.40.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        68.32.126.40.in-addr.arpa

      • 8.8.8.8:53
        237.197.79.204.in-addr.arpa
        dns
        73 B
         143 B
         1
        1

        DNS Request

        237.197.79.204.in-addr.arpa

      • 8.8.8.8:53
        26.35.223.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        26.35.223.20.in-addr.arpa

      • 8.8.8.8:53
        56.61.62.23.in-addr.arpa
        dns
        70 B
         133 B
         1
        1

        DNS Request

        56.61.62.23.in-addr.arpa

      • 8.8.8.8:53
        196.249.167.52.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        196.249.167.52.in-addr.arpa

      • 8.8.8.8:53
        103.169.127.40.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        103.169.127.40.in-addr.arpa

      • 8.8.8.8:53
        56.126.166.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        56.126.166.20.in-addr.arpa

      • 8.8.8.8:53
        107.12.20.2.in-addr.arpa
        dns
        70 B
         133 B
         1
        1

        DNS Request

        107.12.20.2.in-addr.arpa

      • 8.8.8.8:53
        14.227.111.52.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        14.227.111.52.in-addr.arpa

      • 8.8.8.8:53
        172.210.232.199.in-addr.arpa
        dns
        74 B
         128 B
         1
        1

        DNS Request

        172.210.232.199.in-addr.arpa

      • 8.8.8.8:53
        tse1.mm.bing.net
        dns
        62 B
         170 B
         1
        1

        DNS Request

        tse1.mm.bing.net

        DNS Response

        150.171.28.10
        150.171.27.10

      • 8.8.8.8:53
        10.28.171.150.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        10.28.171.150.in-addr.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4700-0-0x0000000000400000-0x000000000040C000-memory.dmp

        Filesize

        48KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.