ecd6a818217ab0749bb9128ffab68792728e95764d253ae9f331a102b6931669

Analysis

max time kernel
129s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
04/10/2024, 05:39 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

120ecfa1307bc6f486987a53c41317dc_JaffaCakes118.html
Size

161KB
MD5

120ecfa1307bc6f486987a53c41317dc
SHA1

9502612fe8cc5c9d4b85dcfcaa8a33c090555b9a
SHA256

ecd6a818217ab0749bb9128ffab68792728e95764d253ae9f331a102b6931669
SHA512

06f7c6f9f1d5e3ae7a92ced05e8832e6204cc78765bbd87a8d945242c01f55bbf30af4f583fbd4432f794cb9464397c2bc2e8a33d0e6716bd556453651ff577a
SSDEEP

1536:itRTgBtAtsC1L0wPTKuQyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09wee:iLFsQ0AQyfkMY+BES09JXAnyrZalI+YQ

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\120ecfa1307bc6f486987a53c41317dc_JaffaCakes118.html
1⤵
PID:3476

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --field-trial-handle=2920,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=3944 /prefetch:1
1⤵
PID:1340

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --field-trial-handle=4756,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=940 /prefetch:1
1⤵
PID:2912

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --field-trial-handle=5340,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=5376 /prefetch:1
1⤵
PID:4284

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5496,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=5548 /prefetch:8
1⤵
PID:4388

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5512,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=5568 /prefetch:8
1⤵
PID:408

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=6020,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=6072 /prefetch:1
1⤵
PID:3208

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=6364,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=6376 /prefetch:8
1⤵
PID:2940

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5816,i,9445584274764997943,12714240264001792460,262144 --variations-seed-version --mojo-platform-channel-handle=5544 /prefetch:8
1⤵
PID:4440

Network

DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN A

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

IN A

94.245.104.56
DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN Unknown

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net
DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net
DNS

www.tja16m.top

Remote address:

8.8.8.8:53

Request

www.tja16m.top

IN A

Response
DNS

www.tja16m.top

Remote address:

8.8.8.8:53

Request

www.tja16m.top

IN Unknown

Response
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

92.123.241.137
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

92.123.241.137
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

www.tja16m.top

Remote address:

8.8.8.8:53

Request

www.tja16m.top

IN A

Response
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

2.19.117.83

a416.dscd.akamai.net

IN A

2.19.117.71
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
DNS

www.tja16m.top

Remote address:

8.8.8.8:53

Request

www.tja16m.top

IN A

Response
DNS

www.tja16m.top

Remote address:

8.8.8.8:53

Request

www.tja16m.top

IN Unknown

Response
DNS

news.share.baidu.com

Remote address:

8.8.8.8:53

Request

news.share.baidu.com

IN A

Response

news.share.baidu.com

IN CNAME

news.share.n.shifen.com

news.share.n.shifen.com

IN A

182.61.201.94

news.share.n.shifen.com

IN A

182.61.201.93

news.share.n.shifen.com

IN A

182.61.244.229

news.share.n.shifen.com

IN A

39.156.68.163

news.share.n.shifen.com

IN A

180.101.212.103

news.share.n.shifen.com

IN A

112.34.113.148
DNS

news.share.baidu.com

Remote address:

8.8.8.8:53

Request

news.share.baidu.com

IN Unknown

Response

news.share.baidu.com

IN CNAME

news.share.n.shifen.com
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

92.123.241.137
DNS

56.104.245.94.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.104.245.94.in-addr.arpa

IN PTR

Response
DNS

138.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

138.32.126.40.in-addr.arpa

IN PTR

Response
DNS

228.249.119.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

228.249.119.40.in-addr.arpa

IN PTR

Response
DNS

137.241.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.241.123.92.in-addr.arpa

IN PTR

Response

137.241.123.92.in-addr.arpa

IN PTR

a92-123-241-137deploystaticakamaitechnologiescom
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

83.117.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.117.19.2.in-addr.arpa

IN PTR

Response

83.117.19.2.in-addr.arpa

IN PTR

a2-19-117-83deploystaticakamaitechnologiescom
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

23.219.197.132
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

prod-atm-wds-edge.trafficmanager.net

prod-atm-wds-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com

prod-agic-us-2.uksouth.cloudapp.azure.com

IN A

172.165.69.228
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

prod-atm-wds-edge.trafficmanager.net

prod-atm-wds-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

104.219.191.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.219.191.52.in-addr.arpa

IN PTR

Response
DNS

171.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.128.123.92.in-addr.arpa

IN PTR

Response

171.128.123.92.in-addr.arpa

IN PTR

a92-123-128-171deploystaticakamaitechnologiescom
DNS

154.239.44.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.239.44.20.in-addr.arpa

IN PTR

Response
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

206.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.23.85.13.in-addr.arpa

IN PTR

Response
DNS

21.236.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.236.111.52.in-addr.arpa

IN PTR

Response
DNS

134.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.128.123.92.in-addr.arpa

IN PTR

Response

134.128.123.92.in-addr.arpa

IN PTR

a92-123-128-134deploystaticakamaitechnologiescom

94.245.104.56:443

api.edgeoffer.microsoft.com

tls

3.5kB
7.5kB
14
14
13.107.6.158:443

business.bing.com

tls

3.9kB
10.2kB
19
25
92.123.241.137:443

www.microsoft.com

tls

4.0kB
22.3kB
27
38
2.19.117.83:443

bzib.nelreports.net

tls

3.7kB
5.8kB
14
15
182.61.201.94:80

news.share.baidu.com

260 B
5
182.61.201.94:80

news.share.baidu.com

260 B
5
13.107.246.64:443

edgestatic.azureedge.net

tls

3.2kB
8.4kB
14
14
13.107.246.64:443

edgestatic.azureedge.net

tls

3.0kB
7.6kB
12
11
13.107.246.64:443

edgestatic.azureedge.net

tls

95.7kB
4.6MB
1972
3336
172.165.69.228:443

nav-edge.smartscreen.microsoft.com

tls

12.1kB
14.0kB
35
32
13.107.246.64:443

edgestatic.azureedge.net

tls

12.1kB
402.9kB
186
304
13.107.246.64:443

wcpstatic.microsoft.com

tls

5.5kB
91.4kB
53
77
182.61.201.93:80

news.share.baidu.com

260 B
5
182.61.201.93:80

news.share.baidu.com

260 B
5
182.61.244.229:80

news.share.baidu.com

260 B
5
182.61.244.229:80

news.share.baidu.com

260 B
5
39.156.68.163:80

news.share.baidu.com

260 B
5
39.156.68.163:80

news.share.baidu.com

260 B
5
92.123.128.134:443

www.bing.com

tls

2.3kB
5.2kB
10
12
180.101.212.103:80

news.share.baidu.com

260 B
5
180.101.212.103:80

news.share.baidu.com

260 B
5
112.34.113.148:80

news.share.baidu.com

260 B
5
112.34.113.148:80

news.share.baidu.com

260 B
5

8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
226 B
1
1

DNS Request

api.edgeoffer.microsoft.com

DNS Response

94.245.104.56
8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
271 B
1
1

DNS Request

api.edgeoffer.microsoft.com
8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
171 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

www.tja16m.top

dns

60 B
130 B
1
1

DNS Request

www.tja16m.top
8.8.8.8:53

www.tja16m.top

dns

60 B
130 B
1
1

DNS Request

www.tja16m.top
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

92.123.241.137
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

92.123.241.137
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

www.tja16m.top

dns

60 B
130 B
1
1

DNS Request

www.tja16m.top
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

2.19.117.83

2.19.117.71
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

www.tja16m.top

dns

60 B
130 B
1
1

DNS Request

www.tja16m.top
8.8.8.8:53

www.tja16m.top

dns

60 B
130 B
1
1

DNS Request

www.tja16m.top
8.8.8.8:53

news.share.baidu.com

dns

66 B
196 B
1
1

DNS Request

news.share.baidu.com

DNS Response

182.61.201.94

182.61.201.93

182.61.244.229

39.156.68.163

180.101.212.103

112.34.113.148
8.8.8.8:53

news.share.baidu.com

dns

66 B
157 B
1
1

DNS Request

news.share.baidu.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

92.123.241.137
8.8.8.8:53

56.104.245.94.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

56.104.245.94.in-addr.arpa
8.8.8.8:53

138.32.126.40.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

138.32.126.40.in-addr.arpa
8.8.8.8:53

228.249.119.40.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

228.249.119.40.in-addr.arpa
8.8.8.8:53

137.241.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

137.241.123.92.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

83.117.19.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

83.117.19.2.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
231 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
275 B
1
1

DNS Request

edgestatic.azureedge.net
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

23.219.197.132
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
198 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

172.165.69.228
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
242 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
251 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
282 B
1
1

DNS Request

wcpstatic.microsoft.com
8.8.8.8:53

104.219.191.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

104.219.191.52.in-addr.arpa
92.123.128.171:443

www.bing.com

https

4.4kB
6.7kB
10
13
8.8.8.8:53

171.128.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

171.128.123.92.in-addr.arpa
8.8.8.8:53

154.239.44.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

154.239.44.20.in-addr.arpa
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

206.23.85.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

206.23.85.13.in-addr.arpa
8.8.8.8:53

21.236.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

21.236.111.52.in-addr.arpa
224.0.0.251:5353

204 B
3
8.8.8.8:53

134.128.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

134.128.123.92.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.