8e5bb8b29e88597812844a60340794166b3087552c5e8611e7cb1edc6c404096

Analysis

max time kernel
128s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
07/07/2024, 01:37 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

29a650d730f10991ea1ecdbe2e1563c2_JaffaCakes118.html
Size

308B
MD5

29a650d730f10991ea1ecdbe2e1563c2
SHA1

2f1f107efbcf2b9c3fef10718c96bae746eff837
SHA256

8e5bb8b29e88597812844a60340794166b3087552c5e8611e7cb1edc6c404096
SHA512

701b2ece282143bbccf1774bd99a55a3ef5fad4fb5d1368338881f4b9ef099ef596057d3bdc79f2a4158026fbcf8b52e8547c3147e4a839e211d085d275acfc9

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\29a650d730f10991ea1ecdbe2e1563c2_JaffaCakes118.html
1⤵
PID:3628

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4356,i,7545522914305657361,9950105517201397946,262144 --variations-seed-version --mojo-platform-channel-handle=4576 /prefetch:1
1⤵
PID:3240

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3892,i,7545522914305657361,9950105517201397946,262144 --variations-seed-version --mojo-platform-channel-handle=5164 /prefetch:1
1⤵
PID:2612

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5140,i,7545522914305657361,9950105517201397946,262144 --variations-seed-version --mojo-platform-channel-handle=5404 /prefetch:1
1⤵
PID:2236

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5288,i,7545522914305657361,9950105517201397946,262144 --variations-seed-version --mojo-platform-channel-handle=5524 /prefetch:8
1⤵
PID:1756

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5448,i,7545522914305657361,9950105517201397946,262144 --variations-seed-version --mojo-platform-channel-handle=5756 /prefetch:8
1⤵
PID:992

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=6092,i,7545522914305657361,9950105517201397946,262144 --variations-seed-version --mojo-platform-channel-handle=5984 /prefetch:1
1⤵
PID:3184

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5916,i,7545522914305657361,9950105517201397946,262144 --variations-seed-version --mojo-platform-channel-handle=5800 /prefetch:8
1⤵
PID:412

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5520,i,7545522914305657361,9950105517201397946,262144 --variations-seed-version --mojo-platform-channel-handle=5784 /prefetch:8
1⤵
PID:2772

Network

DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN A

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

IN A

94.245.104.56
DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN Unknown

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

184.25.193.234
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

184.25.193.234
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

mzimmer.at

Remote address:

8.8.8.8:53

Request

mzimmer.at

IN A

Response
DNS

mzimmer.at

Remote address:

8.8.8.8:53

Request

mzimmer.at

IN Unknown

Response
DNS

togialinogovaki.gr

Remote address:

8.8.8.8:53

Request

togialinogovaki.gr

IN A

Response

togialinogovaki.gr

IN A

78.47.210.44
DNS

togialinogovaki.gr

Remote address:

8.8.8.8:53

Request

togialinogovaki.gr

IN Unknown

Response
DNS

utrip.in

Remote address:

8.8.8.8:53

Request

utrip.in

IN A

Response

utrip.in

IN A

3.33.130.190

utrip.in

IN A

15.197.148.33
DNS

utrip.in

Remote address:

8.8.8.8:53

Request

utrip.in

IN Unknown

Response
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

92.123.142.200

a416.dscd.akamai.net

IN A

92.123.140.42
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
GET

http://utrip.in/dNqLqNmf/js.js

Remote address:

3.33.130.190:80

Request

GET /dNqLqNmf/js.js HTTP/1.1
Host: utrip.in
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: openresty
Date: Sun, 07 Jul 2024 04:14:58 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
GET

http://togialinogovaki.gr/xPnTntDK/js.js

Remote address:

78.47.210.44:80

Request

GET /xPnTntDK/js.js HTTP/1.1
Host: togialinogovaki.gr
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://togialinogovaki.gr/xPnTntDK/js.js
content-length: 0
date: Sun, 07 Jul 2024 04:14:57 GMT
server: LiteSpeed
DNS

mzimmer.at

Remote address:

8.8.8.8:53

Request

mzimmer.at

IN Unknown

Response
DNS

mzimmer.at

Remote address:

8.8.8.8:53

Request

mzimmer.at

IN A

Response
DNS

mzimmer.at

Remote address:

8.8.8.8:53

Request

mzimmer.at

IN A

Response
DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

167.57.26.184.in-addr.arpa

Remote address:

8.8.8.8:53

Request

167.57.26.184.in-addr.arpa

IN PTR

Response

167.57.26.184.in-addr.arpa

IN PTR

a184-26-57-167deploystaticakamaitechnologiescom
DNS

234.193.25.184.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.193.25.184.in-addr.arpa

IN PTR

Response

234.193.25.184.in-addr.arpa

IN PTR

a184-25-193-234deploystaticakamaitechnologiescom
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com

prod-agic-us-2.uksouth.cloudapp.azure.com

IN A

172.165.69.228
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com
DNS

togialinogovaki.gr

Remote address:

8.8.8.8:53

Request

togialinogovaki.gr

IN A

Response

togialinogovaki.gr

IN A

78.47.210.44
DNS

togialinogovaki.gr

Remote address:

8.8.8.8:53

Request

togialinogovaki.gr

IN Unknown

Response
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

184.25.193.234
DNS

www.togialinogovaki.gr

Remote address:

8.8.8.8:53

Request

www.togialinogovaki.gr

IN A

Response

www.togialinogovaki.gr

IN CNAME

togialinogovaki.gr

togialinogovaki.gr

IN A

78.47.210.44
DNS

www.togialinogovaki.gr

Remote address:

8.8.8.8:53

Request

www.togialinogovaki.gr

IN Unknown

Response

www.togialinogovaki.gr

IN CNAME

togialinogovaki.gr
DNS

190.130.33.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

190.130.33.3.in-addr.arpa

IN PTR

Response

190.130.33.3.in-addr.arpa

IN PTR

a2aa9ff50de748dbeawsglobalacceleratorcom
DNS

200.142.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.142.123.92.in-addr.arpa

IN PTR

Response

200.142.123.92.in-addr.arpa

IN PTR

a92-123-142-200deploystaticakamaitechnologiescom
DNS

2.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.159.190.20.in-addr.arpa

IN PTR

Response
DNS

44.210.47.78.in-addr.arpa

Remote address:

8.8.8.8:53

Request

44.210.47.78.in-addr.arpa

IN PTR

Response

44.210.47.78.in-addr.arpa

IN PTR

cp2icopnetgr
DNS

81.144.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

81.144.22.2.in-addr.arpa

IN PTR

Response

81.144.22.2.in-addr.arpa

IN PTR

a2-22-144-81deploystaticakamaitechnologiescom
DNS

43.58.199.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.58.199.20.in-addr.arpa

IN PTR

Response
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

184.26.57.234
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

114.142.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

114.142.123.92.in-addr.arpa

IN PTR

Response

114.142.123.92.in-addr.arpa

IN PTR

a92-123-142-114deploystaticakamaitechnologiescom
DNS

157.123.68.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.123.68.40.in-addr.arpa

IN PTR

Response
DNS

206.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.23.85.13.in-addr.arpa

IN PTR

Response
DNS

0.205.248.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.205.248.87.in-addr.arpa

IN PTR

Response

0.205.248.87.in-addr.arpa

IN PTR

https-87-248-205-0lgwllnwnet
DNS

13.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.227.111.52.in-addr.arpa

IN PTR

Response
DNS

73.144.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.144.22.2.in-addr.arpa

IN PTR

Response

73.144.22.2.in-addr.arpa

IN PTR

a2-22-144-73deploystaticakamaitechnologiescom
DNS

137.142.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.142.123.92.in-addr.arpa

IN PTR

Response

137.142.123.92.in-addr.arpa

IN PTR

a92-123-142-137deploystaticakamaitechnologiescom

94.245.104.56:443

api.edgeoffer.microsoft.com

tls

3.6kB
7.7kB
14
15
13.107.6.158:443

business.bing.com

tls

3.9kB
10.2kB
20
26
184.25.193.234:443

www.microsoft.com

tls

4.1kB
22.7kB
27
36
3.33.130.190:80

http://utrip.in/dNqLqNmf/js.js

http

527 B
431 B
5
4

HTTP Request

GET http://utrip.in/dNqLqNmf/js.js

HTTP Response

200
92.123.142.200:443

bzib.nelreports.net

tls

3.7kB
6.0kB
13
15
78.47.210.44:80

http://togialinogovaki.gr/xPnTntDK/js.js

http

583 B
615 B
6
5

HTTP Request

GET http://togialinogovaki.gr/xPnTntDK/js.js

HTTP Response

301
172.165.69.228:443

nav-edge.smartscreen.microsoft.com

tls

2.4kB
7.5kB
12
12
172.165.69.228:443

nav-edge.smartscreen.microsoft.com

tls

11.7kB
12.8kB
32
31
78.47.210.44:443

togialinogovaki.gr

tls

3.3kB
16.9kB
21
26
13.107.246.64:443

edgestatic.azureedge.net

tls

80.6kB
3.4MB
1569
2481
13.107.246.64:443

edgestatic.azureedge.net

tls

3.0kB
7.8kB
13
13
13.107.246.64:443

edgestatic.azureedge.net

tls

3.1kB
7.9kB
13
14
13.107.246.64:443

edgestatic.azureedge.net

tls

9.3kB
273.8kB
127
212
13.107.246.64:443

wcpstatic.microsoft.com

tls

5.3kB
91.1kB
53
79
92.123.142.137:443

www.bing.com

tls

2.3kB
5.1kB
10
13

8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
226 B
1
1

DNS Request

api.edgeoffer.microsoft.com

DNS Response

94.245.104.56
8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
271 B
1
1

DNS Request

api.edgeoffer.microsoft.com
8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
185 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

184.25.193.234
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

184.25.193.234
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

mzimmer.at

dns

56 B
56 B
1
1

DNS Request

mzimmer.at
8.8.8.8:53

mzimmer.at

dns

56 B
56 B
1
1

DNS Request

mzimmer.at
8.8.8.8:53

togialinogovaki.gr

dns

64 B
80 B
1
1

DNS Request

togialinogovaki.gr

DNS Response

78.47.210.44
8.8.8.8:53

togialinogovaki.gr

dns

64 B
118 B
1
1

DNS Request

togialinogovaki.gr
8.8.8.8:53

utrip.in

dns

54 B
86 B
1
1

DNS Request

utrip.in

DNS Response

3.33.130.190

15.197.148.33
8.8.8.8:53

utrip.in

dns

54 B
125 B
1
1

DNS Request

utrip.in
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

92.123.142.200

92.123.140.42
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

mzimmer.at

dns

56 B
56 B
1
1

DNS Request

mzimmer.at
8.8.8.8:53

mzimmer.at

dns

56 B
56 B
1
1

DNS Request

mzimmer.at
8.8.8.8:53

mzimmer.at

dns

56 B
56 B
1
1

DNS Request

mzimmer.at
8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

167.57.26.184.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

167.57.26.184.in-addr.arpa
8.8.8.8:53

234.193.25.184.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

234.193.25.184.in-addr.arpa
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
200 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

172.165.69.228
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
244 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

togialinogovaki.gr

dns

64 B
80 B
1
1

DNS Request

togialinogovaki.gr

DNS Response

78.47.210.44
8.8.8.8:53

togialinogovaki.gr

dns

64 B
118 B
1
1

DNS Request

togialinogovaki.gr
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

184.25.193.234
8.8.8.8:53

www.togialinogovaki.gr

dns

68 B
98 B
1
1

DNS Request

www.togialinogovaki.gr

DNS Response

78.47.210.44
8.8.8.8:53

www.togialinogovaki.gr

dns

68 B
136 B
1
1

DNS Request

www.togialinogovaki.gr
8.8.8.8:53

190.130.33.3.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

190.130.33.3.in-addr.arpa
8.8.8.8:53

200.142.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

200.142.123.92.in-addr.arpa
8.8.8.8:53

2.159.190.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

2.159.190.20.in-addr.arpa
8.8.8.8:53

44.210.47.78.in-addr.arpa

dns

71 B
100 B
1
1

DNS Request

44.210.47.78.in-addr.arpa
8.8.8.8:53

81.144.22.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

81.144.22.2.in-addr.arpa
8.8.8.8:53

43.58.199.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

43.58.199.20.in-addr.arpa
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
231 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
275 B
1
1

DNS Request

edgestatic.azureedge.net
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

184.26.57.234
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
251 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
282 B
1
1

DNS Request

wcpstatic.microsoft.com
224.0.0.251:5353

204 B
3
92.123.142.114:443

www.bing.com

https

3.2kB
6.5kB
8
11
8.8.8.8:53

114.142.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

114.142.123.92.in-addr.arpa
8.8.8.8:53

157.123.68.40.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

157.123.68.40.in-addr.arpa
8.8.8.8:53

206.23.85.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

206.23.85.13.in-addr.arpa
8.8.8.8:53

0.205.248.87.in-addr.arpa

dns

71 B
116 B
1
1

DNS Request

0.205.248.87.in-addr.arpa
8.8.8.8:53

13.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

13.227.111.52.in-addr.arpa
8.8.8.8:53

73.144.22.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

73.144.22.2.in-addr.arpa
8.8.8.8:53

137.142.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

137.142.123.92.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.