Resubmissions

03-07-2024 22:59

240703-2yn7wszhlp 10

03-07-2024 16:13

240703-tn93lsyglf 10

03-07-2024 16:11

240703-tm84xsyfma 10

10-05-2024 16:25

240510-tw1h5shh47 10

24-08-2023 11:16

230824-nda8msdf8z 10

Analysis

  • max time kernel
    1679s
  • max time network
    1180s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-07-2024 16:13

General

  • Target

    3DMark 11 Advanced Edition.exe

  • Size

    11.6MB

  • MD5

    236d7524027dbce337c671906c9fe10b

  • SHA1

    7d345aa201b50273176ae0ec7324739d882da32e

  • SHA256

    400b64f8c61623ead9f579b99735b1b0d9febe7c829e8bdafc9b3a3269bbe21c

  • SHA512

    e5c2f87923b3331719261101b2f606298fb66442e56a49708199d8472c1ac4a72130612d3a9c344310f36fcb3cf39e4637f7dd8fb3841c61b01b95bb3794610a

  • SSDEEP

    196608:8YG+5pO1Ppb1rAMQQkIscfAb3mO5iW8uO2Kq1TIxz2HU6QPXJ0M2m9b/hE4:8/Bv1zsG2fm2bTcWBIXJHVrW4

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\3DMark 11 Advanced Edition.exe
    "C:\Users\Admin\AppData\Local\Temp\3DMark 11 Advanced Edition.exe"
    1⤵
      PID:4804

    Network

    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      g.bing.com
      Remote address:
      8.8.8.8:53
      Request
      g.bing.com
      IN A
      Response
      g.bing.com
      IN CNAME
      g-bing-com.dual-a-0034.a-msedge.net
      g-bing-com.dual-a-0034.a-msedge.net
      IN CNAME
      dual-a-0034.a-msedge.net
      dual-a-0034.a-msedge.net
      IN A
      13.107.21.237
      dual-a-0034.a-msedge.net
      IN A
      204.79.197.237
    • flag-us
      GET
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6
      Remote address:
      13.107.21.237:443
      Request
      GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6 HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MUID=18C57E8E867A617E30E86A3F87C160E1; domain=.bing.com; expires=Mon, 28-Jul-2025 19:28:13 GMT; path=/; SameSite=None; Secure; Priority=High;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: CDB5B0A442CD478082F4508AD602DD54 Ref B: LON04EDGE0806 Ref C: 2024-07-03T19:28:13Z
      date: Wed, 03 Jul 2024 19:28:13 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6
      Remote address:
      13.107.21.237:443
      Request
      GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6 HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=18C57E8E867A617E30E86A3F87C160E1; _EDGE_S=SID=0788144E910C6301037E00FF90A6625C
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MSPTC=0ZhyWDQ9SiEeV73RNjnYM2DhXGxyVy7WM_NlkWueCl8; domain=.bing.com; expires=Mon, 28-Jul-2025 19:28:15 GMT; path=/; Partitioned; secure; SameSite=None
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 51A3308CEA3044A7BB4C88046076D977 Ref B: LON04EDGE0806 Ref C: 2024-07-03T19:28:15Z
      date: Wed, 03 Jul 2024 19:28:14 GMT
    • flag-us
      DNS
      58.55.71.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      58.55.71.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      58.55.71.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      58.55.71.13.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      73.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      73.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      73.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      73.159.190.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      73.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      73.159.190.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      82.90.14.23.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      82.90.14.23.in-addr.arpa
      IN PTR
      Response
      82.90.14.23.in-addr.arpa
      IN PTR
      a23-14-90-82deploystaticakamaitechnologiescom
    • flag-us
      DNS
      82.90.14.23.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      82.90.14.23.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      82.90.14.23.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      82.90.14.23.in-addr.arpa
      IN PTR
    • flag-nl
      GET
      https://www.bing.com/aes/c.gif?RG=214e741399424ad6af50d1621f64ebd5&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T192127Z&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321
      Remote address:
      23.62.61.129:443
      Request
      GET /aes/c.gif?RG=214e741399424ad6af50d1621f64ebd5&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T192127Z&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321 HTTP/2.0
      host: www.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=18C57E8E867A617E30E86A3F87C160E1
      Response
      HTTP/2.0 200
      cache-control: private,no-store
      pragma: no-cache
      vary: Origin
      p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: EB3D87066ECE40E4B515637FCC5899A2 Ref B: DUS30EDGE0717 Ref C: 2024-07-03T19:28:14Z
      content-length: 0
      date: Wed, 03 Jul 2024 19:28:14 GMT
      set-cookie: _EDGE_S=SID=0788144E910C6301037E00FF90A6625C; path=/; httponly; domain=bing.com
      set-cookie: MUIDB=18C57E8E867A617E30E86A3F87C160E1; path=/; httponly; expires=Mon, 28-Jul-2025 19:28:14 GMT
      alt-svc: h3=":443"; ma=93600
      x-cdn-traceid: 0.7d3d3e17.1720034894.e60c59f
    • flag-us
      DNS
      55.36.223.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      55.36.223.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      129.61.62.23.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      129.61.62.23.in-addr.arpa
      IN PTR
      Response
      129.61.62.23.in-addr.arpa
      IN PTR
      a23-62-61-129deploystaticakamaitechnologiescom
    • flag-us
      DNS
      232.168.11.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      232.168.11.51.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      232.168.11.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      232.168.11.51.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      50.23.12.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.23.12.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      50.23.12.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.23.12.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      18.31.95.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.31.95.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      18.31.95.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.31.95.13.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      18.31.95.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.31.95.13.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      92.12.20.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      92.12.20.2.in-addr.arpa
      IN PTR
      Response
      92.12.20.2.in-addr.arpa
      IN PTR
      a2-20-12-92deploystaticakamaitechnologiescom
    • flag-us
      DNS
      172.210.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.210.232.199.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      11.227.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      11.227.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      tse1.mm.bing.net
      Remote address:
      8.8.8.8:53
      Request
      tse1.mm.bing.net
      IN A
      Response
      tse1.mm.bing.net
      IN CNAME
      mm-mm.bing.net.trafficmanager.net
      mm-mm.bing.net.trafficmanager.net
      IN CNAME
      ax-0001.ax-msedge.net
      ax-0001.ax-msedge.net
      IN A
      150.171.28.10
      ax-0001.ax-msedge.net
      IN A
      150.171.27.10
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239378035944_1EHBGA1BYD4HZXZYE&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      150.171.28.10:443
      Request
      GET /th?id=OADD2.10239378035944_1EHBGA1BYD4HZXZYE&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 592155
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: F07FE9A058904912AA6EFE0595314DDA Ref B: LON04EDGE0811 Ref C: 2024-07-03T19:29:57Z
      date: Wed, 03 Jul 2024 19:29:57 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239378035945_10T6FVURQVW5LVR96&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      Remote address:
      150.171.28.10:443
      Request
      GET /th?id=OADD2.10239378035945_10T6FVURQVW5LVR96&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 532141
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 7E4E472EAC7A4CD8A16A154536C3886D Ref B: LON04EDGE0811 Ref C: 2024-07-03T19:29:57Z
      date: Wed, 03 Jul 2024 19:29:57 GMT
    • flag-us
      DNS
      10.28.171.150.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      10.28.171.150.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      10.28.171.150.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      10.28.171.150.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      10.28.171.150.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      10.28.171.150.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      10.28.171.150.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      10.28.171.150.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      16.173.189.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      16.173.189.20.in-addr.arpa
      IN PTR
      Response
    • 13.107.21.237:443
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6
      tls, http2
      3.0kB
      9.5kB
      22
      17

      HTTP Request

      GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6

      HTTP Response

      204
    • 23.62.61.129:443
      https://www.bing.com/aes/c.gif?RG=214e741399424ad6af50d1621f64ebd5&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T192127Z&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321
      tls, http2
      1.5kB
      5.3kB
      16
      11

      HTTP Request

      GET https://www.bing.com/aes/c.gif?RG=214e741399424ad6af50d1621f64ebd5&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T192127Z&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321

      HTTP Response

      200
    • 150.171.28.10:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
      6.9kB
      15
      13
    • 150.171.28.10:443
      https://tse1.mm.bing.net/th?id=OADD2.10239378035945_10T6FVURQVW5LVR96&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      tls, http2
      43.6kB
      1.2MB
      891
      889

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239378035944_1EHBGA1BYD4HZXZYE&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239378035945_10T6FVURQVW5LVR96&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

      HTTP Response

      200

      HTTP Response

      200
    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      66 B
      90 B
      1
      1

      DNS Request

      8.8.8.8.in-addr.arpa

    • 8.8.8.8:53
      g.bing.com
      dns
      56 B
      151 B
      1
      1

      DNS Request

      g.bing.com

      DNS Response

      13.107.21.237
      204.79.197.237

    • 8.8.8.8:53
      58.55.71.13.in-addr.arpa
      dns
      140 B
      144 B
      2
      1

      DNS Request

      58.55.71.13.in-addr.arpa

      DNS Request

      58.55.71.13.in-addr.arpa

    • 8.8.8.8:53
      73.159.190.20.in-addr.arpa
      dns
      216 B
      158 B
      3
      1

      DNS Request

      73.159.190.20.in-addr.arpa

      DNS Request

      73.159.190.20.in-addr.arpa

      DNS Request

      73.159.190.20.in-addr.arpa

    • 8.8.8.8:53
      82.90.14.23.in-addr.arpa
      dns
      210 B
      133 B
      3
      1

      DNS Request

      82.90.14.23.in-addr.arpa

      DNS Request

      82.90.14.23.in-addr.arpa

      DNS Request

      82.90.14.23.in-addr.arpa

    • 8.8.8.8:53
      55.36.223.20.in-addr.arpa
      dns
      71 B
      157 B
      1
      1

      DNS Request

      55.36.223.20.in-addr.arpa

    • 8.8.8.8:53
      129.61.62.23.in-addr.arpa
      dns
      71 B
      135 B
      1
      1

      DNS Request

      129.61.62.23.in-addr.arpa

    • 8.8.8.8:53
      232.168.11.51.in-addr.arpa
      dns
      144 B
      158 B
      2
      1

      DNS Request

      232.168.11.51.in-addr.arpa

      DNS Request

      232.168.11.51.in-addr.arpa

    • 8.8.8.8:53
      50.23.12.20.in-addr.arpa
      dns
      140 B
      156 B
      2
      1

      DNS Request

      50.23.12.20.in-addr.arpa

      DNS Request

      50.23.12.20.in-addr.arpa

    • 8.8.8.8:53
      18.31.95.13.in-addr.arpa
      dns
      210 B
      144 B
      3
      1

      DNS Request

      18.31.95.13.in-addr.arpa

      DNS Request

      18.31.95.13.in-addr.arpa

      DNS Request

      18.31.95.13.in-addr.arpa

    • 8.8.8.8:53
      92.12.20.2.in-addr.arpa
      dns
      69 B
      131 B
      1
      1

      DNS Request

      92.12.20.2.in-addr.arpa

    • 8.8.8.8:53
      172.210.232.199.in-addr.arpa
      dns
      74 B
      128 B
      1
      1

      DNS Request

      172.210.232.199.in-addr.arpa

    • 8.8.8.8:53
      11.227.111.52.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      11.227.111.52.in-addr.arpa

    • 8.8.8.8:53
      tse1.mm.bing.net
      dns
      62 B
      170 B
      1
      1

      DNS Request

      tse1.mm.bing.net

      DNS Response

      150.171.28.10
      150.171.27.10

    • 8.8.8.8:53
      10.28.171.150.in-addr.arpa
      dns
      288 B
      158 B
      4
      1

      DNS Request

      10.28.171.150.in-addr.arpa

      DNS Request

      10.28.171.150.in-addr.arpa

      DNS Request

      10.28.171.150.in-addr.arpa

      DNS Request

      10.28.171.150.in-addr.arpa

    • 8.8.8.8:53
      16.173.189.20.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      16.173.189.20.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.