Analysis
-
max time kernel
112s -
max time network
118s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
02-10-2024 01:23
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://Movieshd.com
Resource
win10v2004-20240802-en
General
-
Target
http://Movieshd.com
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry msedge.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133723058518308496" msedge.exe -
Modifies registry class 2 IoCs
description ioc Process Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2170637797-568393320-3232933035-1000\{87F2E470-6814-42C2-9B2C-728EDAC6BB50} msedge.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ msedge.exe -
Suspicious behavior: AddClipboardFormatListener 2 IoCs
pid Process 3620 vlc.exe 5068 vlc.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 2240 msedge.exe 2240 msedge.exe -
Suspicious behavior: GetForegroundWindowSpam 2 IoCs
pid Process 3620 vlc.exe 5068 vlc.exe -
Suspicious use of FindShellTrayWindow 13 IoCs
pid Process 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 5068 vlc.exe 5068 vlc.exe 5068 vlc.exe 5068 vlc.exe -
Suspicious use of SendNotifyMessage 11 IoCs
pid Process 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 3620 vlc.exe 5068 vlc.exe 5068 vlc.exe 5068 vlc.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 3620 vlc.exe 5068 vlc.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 2240 wrote to memory of 1928 2240 msedge.exe 109 PID 2240 wrote to memory of 1928 2240 msedge.exe 109 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 1424 2240 msedge.exe 110 PID 2240 wrote to memory of 2712 2240 msedge.exe 111 PID 2240 wrote to memory of 2712 2240 msedge.exe 111 PID 2240 wrote to memory of 4524 2240 msedge.exe 112 PID 2240 wrote to memory of 4524 2240 msedge.exe 112 PID 2240 wrote to memory of 4524 2240 msedge.exe 112 PID 2240 wrote to memory of 4524 2240 msedge.exe 112 PID 2240 wrote to memory of 4524 2240 msedge.exe 112 PID 2240 wrote to memory of 4524 2240 msedge.exe 112 PID 2240 wrote to memory of 4524 2240 msedge.exe 112 PID 2240 wrote to memory of 4524 2240 msedge.exe 112 PID 2240 wrote to memory of 4524 2240 msedge.exe 112
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://Movieshd.com1⤵PID:1808
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=1988,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=3800 /prefetch:11⤵PID:4640
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=2144,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=2888 /prefetch:11⤵PID:852
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5400,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=5420 /prefetch:81⤵PID:1936
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5072,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=5460 /prefetch:81⤵PID:4216
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --field-trial-handle=5924,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=5952 /prefetch:11⤵PID:4008
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5100,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=4120 /prefetch:81⤵PID:4556
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5452,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=3864 /prefetch:81⤵PID:2708
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=6284,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=3864 /prefetch:81⤵PID:3148
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2240 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=127.0.6533.89 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=127.0.2651.86 --initial-client-data=0x238,0x23c,0x240,0x234,0x260,0x7ffe62fad198,0x7ffe62fad1a4,0x7ffe62fad1b02⤵PID:1928
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2900,i,9094741759348895981,313453279080530478,262144 --variations-seed-version --mojo-platform-channel-handle=2896 /prefetch:22⤵PID:1424
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1928,i,9094741759348895981,313453279080530478,262144 --variations-seed-version --mojo-platform-channel-handle=3076 /prefetch:32⤵PID:2712
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2268,i,9094741759348895981,313453279080530478,262144 --variations-seed-version --mojo-platform-channel-handle=3108 /prefetch:82⤵PID:4524
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=4508,i,9094741759348895981,313453279080530478,262144 --variations-seed-version --mojo-platform-channel-handle=4540 /prefetch:82⤵PID:4820
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=4508,i,9094741759348895981,313453279080530478,262144 --variations-seed-version --mojo-platform-channel-handle=4540 /prefetch:82⤵PID:3608
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=4604,i,9094741759348895981,313453279080530478,262144 --variations-seed-version --mojo-platform-channel-handle=4764 /prefetch:82⤵PID:2460
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=4556,i,9094741759348895981,313453279080530478,262144 --variations-seed-version --mojo-platform-channel-handle=4768 /prefetch:82⤵PID:1316
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=4844,i,9094741759348895981,313453279080530478,262144 --variations-seed-version --mojo-platform-channel-handle=4864 /prefetch:82⤵PID:3372
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\elevation_service.exe"C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\elevation_service.exe"1⤵PID:1696
-
C:\Program Files\VideoLAN\VLC\vlc.exe"C:\Program Files\VideoLAN\VLC\vlc.exe" "C:\Users\Public\Desktop\Google Chrome.lnk"1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:3620
-
C:\Program Files\VideoLAN\VLC\vlc.exe"C:\Program Files\VideoLAN\VLC\vlc.exe" "C:\Users\Public\Desktop\Google Chrome.lnk"1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:5068
Network
-
Remote address:8.8.8.8:53Requestmovieshd.comIN AResponsemovieshd.comIN A64.98.135.52
-
Remote address:8.8.8.8:53Requestmovieshd.comIN UnknownResponse
-
Remote address:8.8.8.8:53Requestmovieshd.comIN AResponsemovieshd.comIN A64.98.135.52
-
Remote address:64.98.135.52:80RequestGET / HTTP/1.1
Host: movieshd.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.blu-ray.com/cgi-bin/redirect.cgi?source=https://www.movieshd.com/&target=https://www.blu-ray.com/digital/
Server: Redirector/1.0
Cache-Control: private
-
Remote address:8.8.8.8:53Requestbusiness.bing.comIN AResponsebusiness.bing.comIN CNAMEbusiness-bing-com.b-0005.b-msedge.netbusiness-bing-com.b-0005.b-msedge.netIN CNAMEb-0005.b-msedge.netb-0005.b-msedge.netIN A13.107.6.158
-
Remote address:8.8.8.8:53Requestbusiness.bing.comIN UnknownResponsebusiness.bing.comIN CNAMEbusiness-bing-com.b-0005.b-msedge.netbusiness-bing-com.b-0005.b-msedge.netIN CNAMEb-0005.b-msedge.net
-
Remote address:8.8.8.8:53Requestmovieshd.comIN AResponsemovieshd.comIN A64.98.135.52
-
Remote address:8.8.8.8:53Requestmovieshd.comIN UnknownResponse
-
Remote address:8.8.8.8:53Requestmovieshd.comIN AResponsemovieshd.comIN A64.98.135.52
-
Remote address:8.8.8.8:53Requestbzib.nelreports.netIN AResponsebzib.nelreports.netIN CNAMEbzib.nelreports.net.akamaized.netbzib.nelreports.net.akamaized.netIN CNAMEa416.dscd.akamai.neta416.dscd.akamai.netIN A2.19.117.71a416.dscd.akamai.netIN A2.19.117.83
-
Remote address:8.8.8.8:53Requestbzib.nelreports.netIN UnknownResponsebzib.nelreports.netIN CNAMEbzib.nelreports.net.akamaized.netbzib.nelreports.net.akamaized.netIN CNAMEa416.dscd.akamai.net
-
Remote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTRResponse8.8.8.8.in-addr.arpaIN PTRdnsgoogle
-
Remote address:8.8.8.8:53Request133.211.185.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request52.135.98.64.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request68.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request240.221.184.93.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request71.117.19.2.in-addr.arpaIN PTRResponse71.117.19.2.in-addr.arpaIN PTRa2-19-117-71deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestnav-edge.smartscreen.microsoft.comIN AResponsenav-edge.smartscreen.microsoft.comIN CNAMEprod-atm-wds-edge.trafficmanager.netprod-atm-wds-edge.trafficmanager.netIN CNAMEprod-agic-uw-3.ukwest.cloudapp.azure.comprod-agic-uw-3.ukwest.cloudapp.azure.comIN A51.11.108.188
-
Remote address:8.8.8.8:53Requestnav-edge.smartscreen.microsoft.comIN UnknownResponsenav-edge.smartscreen.microsoft.comIN CNAMEprod-atm-wds-edge.trafficmanager.netprod-atm-wds-edge.trafficmanager.netIN CNAMEprod-agic-uw-3.ukwest.cloudapp.azure.com
-
Remote address:8.8.8.8:53Request188.108.11.51.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestmovieshd.comIN AResponsemovieshd.comIN A64.98.135.52
-
Remote address:8.8.8.8:53Requestwww.blu-ray.comIN AResponsewww.blu-ray.comIN A64.21.0.130
-
Remote address:8.8.8.8:53Requestwww.blu-ray.comIN UnknownResponse
-
Remote address:8.8.8.8:53Requestwww.blu-ray.comIN AResponsewww.blu-ray.comIN A64.21.0.130
-
Remote address:8.8.8.8:53Request130.0.21.64.in-addr.arpaIN PTRResponse130.0.21.64.in-addr.arpaIN PTRblu-raycom
-
Remote address:8.8.8.8:53Requestssl.static-bluray.comIN AResponsessl.static-bluray.comIN A172.67.156.160ssl.static-bluray.comIN A104.21.8.15
-
Remote address:8.8.8.8:53Requestssl.static-bluray.comIN UnknownResponsessl.static-bluray.comIN Unknownh3h2h�C��GE� A� ����ǞBF)y�e�w0jz{[�:�f�h ��cloudflare-ech.com &G01�C��&G04h
-
Remote address:8.8.8.8:53Requestimages.static-bluray.comIN AResponseimages.static-bluray.comIN A104.21.8.15images.static-bluray.comIN A172.67.156.160
-
Remote address:8.8.8.8:53Requestimages.static-bluray.comIN UnknownResponseimages.static-bluray.comIN Unknownh3h2h�C��GE� A� ����ǞBF)y�e�w0jz{[�:�f�h ��cloudflare-ech.com &G01�C��&G04h
-
Remote address:8.8.8.8:53Requestcdn.intergient.comIN AResponsecdn.intergient.comIN CNAMEd2n8ih7naru1ql.cloudfront.netd2n8ih7naru1ql.cloudfront.netIN A65.9.95.105d2n8ih7naru1ql.cloudfront.netIN A65.9.95.86d2n8ih7naru1ql.cloudfront.netIN A65.9.95.104d2n8ih7naru1ql.cloudfront.netIN A65.9.95.20
-
Remote address:8.8.8.8:53Requestcdn.intergient.comIN UnknownResponsecdn.intergient.comIN CNAMEd2n8ih7naru1ql.cloudfront.net
-
Remote address:8.8.8.8:53Requestcdn.intergi.comIN AResponsecdn.intergi.comIN A104.18.24.242cdn.intergi.comIN A104.18.25.242
-
Remote address:8.8.8.8:53Requestcdn.intergi.comIN UnknownResponsecdn.intergi.comIN Unknownh2h�h� &Gh�&Gh�
-
Remote address:8.8.8.8:53Requesttpc.googlesyndication.comIN AResponsetpc.googlesyndication.comIN A216.58.201.97
-
Remote address:8.8.8.8:53Requesttpc.googlesyndication.comIN UnknownResponse
-
Remote address:8.8.8.8:53Requestis1-ssl.mzstatic.comIN AResponseis1-ssl.mzstatic.comIN CNAMEis-ssl.mzstatic.com.itunes-apple.com.akadns.netis-ssl.mzstatic.com.itunes-apple.com.akadns.netIN CNAMEmzstatic.com.edgekey.netmzstatic.com.edgekey.netIN CNAMEe673.dsce9.akamaiedge.nete673.dsce9.akamaiedge.netIN A23.219.192.23
-
Remote address:8.8.8.8:53Requestis1-ssl.mzstatic.comIN UnknownResponseis1-ssl.mzstatic.comIN CNAMEis-ssl.mzstatic.com.itunes-apple.com.akadns.netis-ssl.mzstatic.com.itunes-apple.com.akadns.netIN CNAMEmzstatic.com.edgekey.netmzstatic.com.edgekey.netIN CNAMEe673.dsce9.akamaiedge.net
-
Remote address:8.8.8.8:53Requestsecurepubads.g.doubleclick.netIN AResponsesecurepubads.g.doubleclick.netIN A142.250.187.194
-
Remote address:8.8.8.8:53Requestsecurepubads.g.doubleclick.netIN UnknownResponsesecurepubads.g.doubleclick.netIN Unknownh2h3
-
Remote address:8.8.8.8:53Requestgoogleads.g.doubleclick.netIN AResponsegoogleads.g.doubleclick.netIN A142.250.180.2
-
Remote address:8.8.8.8:53Requestgoogleads.g.doubleclick.netIN UnknownResponsegoogleads.g.doubleclick.netIN Unknownh2h3
-
Remote address:8.8.8.8:53Request160.156.67.172.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestregion1.google-analytics.comIN AResponseregion1.google-analytics.comIN A216.239.32.36region1.google-analytics.comIN A216.239.34.36
-
Remote address:8.8.8.8:53Requestregion1.google-analytics.comIN UnknownResponse
-
Remote address:8.8.8.8:53Request15.8.21.104.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request40.169.217.172.in-addr.arpaIN PTRResponse40.169.217.172.in-addr.arpaIN PTRlhr48s08-in-f81e100net
-
Remote address:8.8.8.8:53Request23.192.219.23.in-addr.arpaIN PTRResponse23.192.219.23.in-addr.arpaIN PTRa23-219-192-23deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request161.128.123.92.in-addr.arpaIN PTRResponse161.128.123.92.in-addr.arpaIN PTRa92-123-128-161deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request36.32.239.216.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestdata-edge.smartscreen.microsoft.comIN AResponsedata-edge.smartscreen.microsoft.comIN CNAMEprod-atm-wds-edge.trafficmanager.netprod-atm-wds-edge.trafficmanager.netIN CNAMEprod-agic-uw-3.ukwest.cloudapp.azure.comprod-agic-uw-3.ukwest.cloudapp.azure.comIN A51.11.108.188
-
Remote address:8.8.8.8:53Requestdata-edge.smartscreen.microsoft.comIN UnknownResponsedata-edge.smartscreen.microsoft.comIN CNAMEprod-atm-wds-edge.trafficmanager.netprod-atm-wds-edge.trafficmanager.netIN CNAMEprod-agic-uw-2.ukwest.cloudapp.azure.com
-
Remote address:8.8.8.8:53Request217.106.137.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request154.239.44.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request26.165.165.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request171.39.242.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.200.35
-
Remote address:8.8.8.8:53Requestupdate.googleapis.comIN UnknownResponse
-
Remote address:8.8.8.8:53Requestedge-mobile-static.azureedge.netIN AResponseedge-mobile-static.azureedge.netIN CNAMEedge-mobile-static.afd.azureedge.netedge-mobile-static.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.nets-part-0036.t-0009.t-msedge.netIN A13.107.246.64
-
Remote address:8.8.8.8:53Requestedge-mobile-static.azureedge.netIN UnknownResponseedge-mobile-static.azureedge.netIN CNAMEedge-mobile-static.afd.azureedge.netedge-mobile-static.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.net
-
Remote address:8.8.8.8:53Request35.200.250.142.in-addr.arpaIN PTRResponse35.200.250.142.in-addr.arpaIN PTRlhr48s30-in-f31e100net
-
Remote address:8.8.8.8:53Request164.128.123.92.in-addr.arpaIN PTRResponse164.128.123.92.in-addr.arpaIN PTRa92-123-128-164deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request31.243.111.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestedge-consumer-static.azureedge.netIN AResponseedge-consumer-static.azureedge.netIN CNAMEedge-consumer-static.afd.azureedge.netedge-consumer-static.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.nets-part-0036.t-0009.t-msedge.netIN A13.107.246.64
-
Remote address:8.8.8.8:53Requestedge-consumer-static.azureedge.netIN UnknownResponseedge-consumer-static.azureedge.netIN CNAMEedge-consumer-static.afd.azureedge.netedge-consumer-static.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.s-part-0036.t-0009.t-msedge.netshed.dual-low.s-part-0036.t-0009.t-msedge.netIN CNAMEs-part-0036.t-0009.t-msedge.net
-
771 B 786 B 7 5
HTTP Request
GET http://movieshd.com/HTTP Response
302 -
236 B 144 B 5 3
-
3.9kB 10.3kB 22 26
-
260 B 5
-
260 B 5
-
3.0kB 5.9kB 14 15
-
22.1kB 622.0kB 271 464
-
7.5kB 90.8kB 48 78
-
390.5kB 9.5MB 5756 6918
-
98 B 52 B 2 1
-
8.5kB 8.8kB 24 23
-
2.3kB 3.7kB 10 11
-
5.8kB 10.1kB 22 24
-
3.8kB 12.3kB 17 20
-
3.2kB 6.1kB 14 16
-
3.4kB 9.0kB 14 17
-
58 B 74 B 1 1
DNS Request
movieshd.com
DNS Response
64.98.135.52
-
58 B 118 B 1 1
DNS Request
movieshd.com
-
58 B 74 B 1 1
DNS Request
movieshd.com
DNS Response
64.98.135.52
-
63 B 144 B 1 1
DNS Request
business.bing.com
DNS Response
13.107.6.158
-
63 B 185 B 1 1
DNS Request
business.bing.com
-
58 B 74 B 1 1
DNS Request
movieshd.com
DNS Response
64.98.135.52
-
58 B 118 B 1 1
DNS Request
movieshd.com
-
58 B 74 B 1 1
DNS Request
movieshd.com
DNS Response
64.98.135.52
-
65 B 172 B 1 1
DNS Request
bzib.nelreports.net
DNS Response
2.19.117.712.19.117.83
-
65 B 204 B 1 1
DNS Request
bzib.nelreports.net
-
66 B 90 B 1 1
DNS Request
8.8.8.8.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
133.211.185.52.in-addr.arpa
-
71 B 141 B 1 1
DNS Request
52.135.98.64.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
68.32.126.40.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
240.221.184.93.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
71.117.19.2.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
80 B 197 B 1 1
DNS Request
nav-edge.smartscreen.microsoft.com
DNS Response
51.11.108.188
-
80 B 241 B 1 1
DNS Request
nav-edge.smartscreen.microsoft.com
-
72 B 158 B 1 1
DNS Request
188.108.11.51.in-addr.arpa
-
58 B 74 B 1 1
DNS Request
movieshd.com
DNS Response
64.98.135.52
-
61 B 77 B 1 1
DNS Request
www.blu-ray.com
DNS Response
64.21.0.130
-
61 B 105 B 1 1
DNS Request
www.blu-ray.com
-
61 B 77 B 1 1
DNS Request
www.blu-ray.com
DNS Response
64.21.0.130
-
70 B 95 B 1 1
DNS Request
130.0.21.64.in-addr.arpa
-
67 B 99 B 1 1
DNS Request
ssl.static-bluray.com
DNS Response
172.67.156.160104.21.8.15
-
67 B 215 B 1 1
DNS Request
ssl.static-bluray.com
-
70 B 102 B 1 1
DNS Request
images.static-bluray.com
DNS Response
104.21.8.15172.67.156.160
-
70 B 218 B 1 1
DNS Request
images.static-bluray.com
-
6.5kB 56.2kB 32 56
-
64 B 171 B 1 1
DNS Request
cdn.intergient.com
DNS Response
65.9.95.10565.9.95.8665.9.95.10465.9.95.20
-
64 B 185 B 1 1
DNS Request
cdn.intergient.com
-
61 B 93 B 1 1
DNS Request
cdn.intergi.com
DNS Response
104.18.24.242104.18.25.242
-
61 B 131 B 1 1
DNS Request
cdn.intergi.com
-
71 B 87 B 1 1
DNS Request
tpc.googlesyndication.com
DNS Response
216.58.201.97
-
71 B 128 B 1 1
DNS Request
tpc.googlesyndication.com
-
37.0kB 79.7kB 108 107
-
66 B 214 B 1 1
DNS Request
is1-ssl.mzstatic.com
DNS Response
23.219.192.23
-
66 B 260 B 1 1
DNS Request
is1-ssl.mzstatic.com
-
76 B 92 B 1 1
DNS Request
securepubads.g.doubleclick.net
DNS Response
142.250.187.194
-
76 B 101 B 1 1
DNS Request
securepubads.g.doubleclick.net
-
73 B 89 B 1 1
DNS Request
googleads.g.doubleclick.net
DNS Response
142.250.180.2
-
73 B 98 B 1 1
DNS Request
googleads.g.doubleclick.net
-
7.1kB 78.5kB 41 72
-
73 B 135 B 1 1
DNS Request
160.156.67.172.in-addr.arpa
-
74 B 106 B 1 1
DNS Request
region1.google-analytics.com
DNS Response
216.239.32.36216.239.34.36
-
74 B 131 B 1 1
DNS Request
region1.google-analytics.com
-
70 B 132 B 1 1
DNS Request
15.8.21.104.in-addr.arpa
-
73 B 111 B 1 1
DNS Request
40.169.217.172.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
23.192.219.23.in-addr.arpa
-
8.9kB 672.8kB 97 539
-
73 B 139 B 1 1
DNS Request
161.128.123.92.in-addr.arpa
-
72 B 132 B 1 1
DNS Request
36.32.239.216.in-addr.arpa
-
81 B 198 B 1 1
DNS Request
data-edge.smartscreen.microsoft.com
DNS Response
51.11.108.188
-
81 B 242 B 1 1
DNS Request
data-edge.smartscreen.microsoft.com
-
204 B 3
-
73 B 147 B 1 1
DNS Request
217.106.137.52.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
154.239.44.20.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
26.165.165.52.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
171.39.242.20.in-addr.arpa
-
4.3kB 9.2kB 8 11
-
67 B 83 B 1 1
DNS Request
update.googleapis.com
DNS Response
142.250.200.35
-
67 B 124 B 1 1
DNS Request
update.googleapis.com
-
78 B 247 B 1 1
DNS Request
edge-mobile-static.azureedge.net
DNS Response
13.107.246.64
-
78 B 277 B 1 1
DNS Request
edge-mobile-static.azureedge.net
-
4.2kB 9.1kB 7 11
-
73 B 111 B 1 1
DNS Request
35.200.250.142.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
164.128.123.92.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
31.243.111.52.in-addr.arpa
-
80 B 251 B 1 1
DNS Request
edge-consumer-static.azureedge.net
DNS Response
13.107.246.64
-
80 B 295 B 1 1
DNS Request
edge-consumer-static.azureedge.net
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
40B
MD520d4b8fa017a12a108c87f540836e250
SHA11ac617fac131262b6d3ce1f52f5907e31d5f6f00
SHA2566028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d
SHA512507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856
-
Filesize
11KB
MD54c996209d41ef45e07eeeaf4ad777d64
SHA1348a3b5c3948be22b4dc65a5eb74c009e6808c54
SHA25634466cdb79f48ec461dd3729cf03dcbd2f4ba81f6e1d60812f0e5651993339b4
SHA512642dc814b102c0966f3d1a2073f58585124475cf0ea0b1bc618bed30144f4476fc82118ca353a5b530f4951efb542e4fc066cf50f1b32b8ecfd099884352d6bb
-
Filesize
30KB
MD555a3967c1bfcec6b0fba175c4577dbd9
SHA14277a06ba70d1afd103f10fe3ae64ff4f546f63c
SHA2566153451d6ac746fe61f7ca20cc3e7f04a5cb6a62071329dd833b356122143333
SHA51269d060f5065d82a3c1dfccef9ad8d3278f28d17ec6b0767fc7c63d19c0add9bdc61139598aaeb1be4a55ad64e941eb52f2d1000645262cff26bfc8e2089b4fcf
-
Filesize
56KB
MD56ac12fa1baaa652498eb6f05315c954b
SHA10a7c4a8a31e7b5bac5fde984ce02c8a14b611f1e
SHA256069ab11c9035bdcadae334dcb926648c4cb7de7f60c577d16a13a0eb33e36df1
SHA5124fa8bba8014a81c1f6a6fdd6a85b63d8a373f0d8627d40a5bb141a37c32de63eb874a04562e19d6514a19a800ce974d3d5a34896b0e505950d1114b4bc13b906
-
Filesize
56KB
MD5eca49d81652f18413197cc6946a9b867
SHA18f537e8dc5d83fbeb361632e9003cc3a3f1fe8e0
SHA256b539538e439013314a6ffc198ffad5e68becd5ca9019ba75a65fdcdd3ab59c53
SHA512b09a153e740232125b0a76ef482ba9b64f4d96b8cfa2031706b17be6d34870a72a2b9b7e9c00f7f365d336f679c8133b80870cfdd546cbde1b1acf01f87871a9
-
Filesize
60KB
MD5126259b1037a61dad21d60d71a4edf2a
SHA18437e4f5b29f7c88e27fb2be5bfa95a2f8d40cd9
SHA2562ed59713c99161a55c5fdbc9e2ec1d661e34448d9b3817ec07c106f9c65dd101
SHA512e518b19cd188774afdba9b71a34538483cc35cc18f4a2a76fd15c4fe8e1a268c35a9cde397dc0750f9b43e95a26092dea617f70074fb11a135af1a2939f43841
-
Filesize
304B
MD5781602441469750c3219c8c38b515ed4
SHA1e885acd1cbd0b897ebcedbb145bef1c330f80595
SHA25681970dbe581373d14fbd451ac4b3f96e5f69b79645f1ee1ca715cff3af0bf20d
SHA5122b0a1717d96edb47bdf0ffeb250a5ec11f7d0638d3e0a62fbe48c064379b473ca88ffbececb32a72129d06c040b107834f1004ccda5f0f35b8c3588034786461
-
Filesize
536B
MD5f83e89cb9aac47e2965286d48ed7d268
SHA13cfc50882a906e52bd2ac4b5b01c53d24fca0a07
SHA256adbe19946230419d08c5ce0b907b7e1cf4e7e40f5c7391f52af2568711248384
SHA512c567059195aeba8e17ddcebbe8f7f0d57140f43fca38cbf96094f7a37595e42c83e4c737936a1171e31de76e208af49443922fe5fd939e537229b93201f8b2cf
-
Filesize
2KB
MD5e4ea24344e4945ceefecd0c304662c1b
SHA1266ed39c44a91bb71330150f74d918086bccd6dc
SHA25645d13aa5e8f3d9eb27da01c140bae976ffd155bc7949593c51ea9f0b0ad6fdff
SHA51297fa8ddb7337dfc2d202eac823b5fc51886b23151e78f8faee887f8c34053686ca2f53913e02845bde3998bff16ce1ef8ba85f6748143cc51209477873e8adab
-
Filesize
2KB
MD5806059e65eb17da6fc1ba3fbad795fd9
SHA1aea69b4004e65c16d366574ea618cc7102946e10
SHA256707844dc7b14174174ea0b9a6a99db817052b5120b8462eb665bb462333ec9f2
SHA512f95d30631f9c88b4f19a61aa77872150bb77d8160ec38e2e3afd0b62a39cfd69a5384b807364d269a28f9205634bc9e7501685d34e8339d05834977c39638600