Overview
overview
10Static
static
10Release.zip
windows7-x64
1Release.zip
windows10-2004-x64
1Release/DcRat.exe
windows7-x64
10Release/DcRat.exe
windows10-2004-x64
10Release/DcRat.exe.xml
windows7-x64
3Release/DcRat.exe.xml
windows10-2004-x64
1Release/Pl...io.dll
windows7-x64
1Release/Pl...io.dll
windows10-2004-x64
1Release/Pl...at.dll
windows7-x64
1Release/Pl...at.dll
windows10-2004-x64
1Release/Pl...ra.dll
windows7-x64
1Release/Pl...ra.dll
windows10-2004-x64
1Release/Pl...er.dll
windows7-x64
1Release/Pl...er.dll
windows10-2004-x64
1Release/Pl...er.dll
windows7-x64
1Release/Pl...er.dll
windows10-2004-x64
1Release/Pl...un.dll
windows7-x64
1Release/Pl...un.dll
windows10-2004-x64
1Release/Pl...on.dll
windows7-x64
1Release/Pl...on.dll
windows10-2004-x64
1Release/Pl...er.exe
windows7-x64
1Release/Pl...er.exe
windows10-2004-x64
1Release/Pl...er.dll
windows7-x64
1Release/Pl...er.dll
windows10-2004-x64
1Release/Pl...us.dll
windows7-x64
1Release/Pl...us.dll
windows10-2004-x64
1Release/Pl...at.dll
windows7-x64
1Release/Pl...at.dll
windows10-2004-x64
1Release/Pl...ns.dll
windows7-x64
1Release/Pl...ns.dll
windows10-2004-x64
1Release/Pl...er.dll
windows7-x64
1Release/Pl...er.dll
windows10-2004-x64
1Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
13-08-2024 21:53
Behavioral task
behavioral1
Sample
Release.zip
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Release.zip
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Release/DcRat.exe
Resource
win7-20240705-en
Behavioral task
behavioral4
Sample
Release/DcRat.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Release/DcRat.exe.xml
Resource
win7-20240729-en
Behavioral task
behavioral6
Sample
Release/DcRat.exe.xml
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Release/Plugins/Audio.dll
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
Release/Plugins/Audio.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
Release/Plugins/Chat.dll
Resource
win7-20240704-en
Behavioral task
behavioral10
Sample
Release/Plugins/Chat.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
Release/Plugins/Extra.dll
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
Release/Plugins/Extra.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
Release/Plugins/FileManager.dll
Resource
win7-20240705-en
Behavioral task
behavioral14
Sample
Release/Plugins/FileManager.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
Release/Plugins/FileSearcher.dll
Resource
win7-20240704-en
Behavioral task
behavioral16
Sample
Release/Plugins/FileSearcher.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
Release/Plugins/Fun.dll
Resource
win7-20240729-en
Behavioral task
behavioral18
Sample
Release/Plugins/Fun.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
Release/Plugins/Information.dll
Resource
win7-20240704-en
Behavioral task
behavioral20
Sample
Release/Plugins/Information.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
Release/Plugins/Keylogger.exe
Resource
win7-20240705-en
Behavioral task
behavioral22
Sample
Release/Plugins/Keylogger.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
Release/Plugins/Logger.dll
Resource
win7-20240708-en
Behavioral task
behavioral24
Sample
Release/Plugins/Logger.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
Release/Plugins/Miscellaneous.dll
Resource
win7-20240708-en
Behavioral task
behavioral26
Sample
Release/Plugins/Miscellaneous.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
Release/Plugins/Netstat.dll
Resource
win7-20240708-en
Behavioral task
behavioral28
Sample
Release/Plugins/Netstat.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
Release/Plugins/Options.dll
Resource
win7-20240708-en
Behavioral task
behavioral30
Sample
Release/Plugins/Options.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
Release/Plugins/ProcessManager.dll
Resource
win7-20240729-en
Behavioral task
behavioral32
Sample
Release/Plugins/ProcessManager.dll
Resource
win10v2004-20240802-en
General
-
Target
Release/DcRat.exe
-
Size
12.3MB
-
MD5
7fce411ea2b74f227489659113960b18
-
SHA1
543d95b74193a188fe273ce7b065aa177405beb5
-
SHA256
c73b1ffa39c5843b2ed951ac48350d1deb33db4057341f1dab1ee64ea1a62248
-
SHA512
42de7bc4a0b47e1053ff3ff52a3f887e56759f81cfa691996a533d769e80f98b3e8dcf869785fce801d9cc7a2bc3d675e2eb832b520846b053d6b07093be2678
-
SSDEEP
196608:XtfZFB2gaNIsNNNNKmvN8rNNNNNNNNNNHbL7aIXM1B7Z0/3G6tULs8wR:XlT81Bd+3G6
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 27 IoCs
pid Process 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe 2416 DcRat.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2416 DcRat.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2416 DcRat.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2416 DcRat.exe -
Suspicious use of SendNotifyMessage 1 IoCs
pid Process 2416 DcRat.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\Release\DcRat.exe"C:\Users\Admin\AppData\Local\Temp\Release\DcRat.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2416
-
C:\Windows\system32\wbem\WmiApSrv.exeC:\Windows\system32\wbem\WmiApSrv.exe1⤵PID:1432
Network
-
Remote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTRResponse8.8.8.8.in-addr.arpaIN PTRdnsgoogle
-
Remote address:8.8.8.8:53Request149.220.183.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request149.220.183.52.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request240.221.184.93.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request240.221.184.93.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request74.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request26.35.223.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request241.150.49.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request217.106.137.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request196.249.167.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request196.249.167.52.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request183.59.114.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request56.126.166.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request147.142.123.92.in-addr.arpaIN PTRResponse147.142.123.92.in-addr.arpaIN PTRa92-123-142-147deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requesttse1.mm.bing.netIN AResponsetse1.mm.bing.netIN CNAMEmm-mm.bing.net.trafficmanager.netmm-mm.bing.net.trafficmanager.netIN CNAMEax-0001.ax-msedge.netax-0001.ax-msedge.netIN A150.171.28.10ax-0001.ax-msedge.netIN A150.171.27.10
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239339388044_1386ER2SMV9FN565Q&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:150.171.28.10:443RequestGET /th?id=OADD2.10239339388044_1386ER2SMV9FN565Q&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 574268
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 17F7BE4A844A43D79991A961B850A10D Ref B: LON04EDGE1208 Ref C: 2024-08-13T21:54:25Z
date: Tue, 13 Aug 2024 21:54:25 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239340418588_1PJ4HLSB51V9JOSDD&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:150.171.28.10:443RequestGET /th?id=OADD2.10239340418588_1PJ4HLSB51V9JOSDD&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 780589
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 278E3F6F8CE140E28C0BF7A555A2B9BB Ref B: LON04EDGE1208 Ref C: 2024-08-13T21:54:25Z
date: Tue, 13 Aug 2024 21:54:25 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239339388045_10YSQ8K0BZLEAZQJ2&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:150.171.28.10:443RequestGET /th?id=OADD2.10239339388045_10YSQ8K0BZLEAZQJ2&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 432445
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 259E4AED13024B8E820817DF9B67C96C Ref B: LON04EDGE1208 Ref C: 2024-08-13T21:54:25Z
date: Tue, 13 Aug 2024 21:54:25 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239360608909_1XWUMGMD2M0J0LDVR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:150.171.28.10:443RequestGET /th?id=OADD2.10239360608909_1XWUMGMD2M0J0LDVR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 663065
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 79C20F6C29714451811064D90BE70EC6 Ref B: LON04EDGE1208 Ref C: 2024-08-13T21:54:25Z
date: Tue, 13 Aug 2024 21:54:25 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239340418587_1WAY0EU9WVN81W6N5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:150.171.28.10:443RequestGET /th?id=OADD2.10239340418587_1WAY0EU9WVN81W6N5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 706074
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3EF7B12778A742FFA82242FA87CECF09 Ref B: LON04EDGE1208 Ref C: 2024-08-13T21:54:25Z
date: Tue, 13 Aug 2024 21:54:25 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239360608910_1R4TEUG1LRQY39K7S&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:150.171.28.10:443RequestGET /th?id=OADD2.10239360608910_1R4TEUG1LRQY39K7S&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 594481
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 458532B182E241A6BE3B66372C43DBA0 Ref B: LON04EDGE1208 Ref C: 2024-08-13T21:54:26Z
date: Tue, 13 Aug 2024 21:54:26 GMT
-
Remote address:8.8.8.8:53Request10.28.171.150.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request48.229.111.52.in-addr.arpaIN PTRResponse
-
1.2kB 6.9kB 15 13
-
1.2kB 6.9kB 15 13
-
150.171.28.10:443https://tse1.mm.bing.net/th?id=OADD2.10239360608910_1R4TEUG1LRQY39K7S&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90tls, http2134.0kB 3.9MB 2827 2821
HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239339388044_1386ER2SMV9FN565Q&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239340418588_1PJ4HLSB51V9JOSDD&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239339388045_10YSQ8K0BZLEAZQJ2&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239360608909_1XWUMGMD2M0J0LDVR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239340418587_1WAY0EU9WVN81W6N5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239360608910_1R4TEUG1LRQY39K7S&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Response
200 -
1.2kB 6.9kB 15 13
-
1.2kB 6.8kB 15 12
-
66 B 90 B 1 1
DNS Request
8.8.8.8.in-addr.arpa
-
146 B 147 B 2 1
DNS Request
149.220.183.52.in-addr.arpa
DNS Request
149.220.183.52.in-addr.arpa
-
146 B 144 B 2 1
DNS Request
240.221.184.93.in-addr.arpa
DNS Request
240.221.184.93.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
74.32.126.40.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
26.35.223.20.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
241.150.49.20.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
217.106.137.52.in-addr.arpa
-
146 B 147 B 2 1
DNS Request
196.249.167.52.in-addr.arpa
DNS Request
196.249.167.52.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
183.59.114.20.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
56.126.166.20.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
147.142.123.92.in-addr.arpa
-
62 B 170 B 1 1
DNS Request
tse1.mm.bing.net
DNS Response
150.171.28.10150.171.27.10
-
72 B 158 B 1 1
DNS Request
10.28.171.150.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
48.229.111.52.in-addr.arpa