Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
300s -
max time network
245s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
09/10/2024, 12:50 UTC
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://ruggededgeholdings.com/
Resource
win10v2004-20241007-en
General
-
Target
https://ruggededgeholdings.com/
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133729518220693606" chrome.exe -
Suspicious behavior: EnumeratesProcesses 6 IoCs
pid Process 3068 chrome.exe 3068 chrome.exe 2356 chrome.exe 2356 chrome.exe 2356 chrome.exe 2356 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
pid Process 3068 chrome.exe 3068 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe Token: SeShutdownPrivilege 3068 chrome.exe Token: SeCreatePagefilePrivilege 3068 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe 3068 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 3068 wrote to memory of 2016 3068 chrome.exe 83 PID 3068 wrote to memory of 2016 3068 chrome.exe 83 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 4784 3068 chrome.exe 84 PID 3068 wrote to memory of 2308 3068 chrome.exe 85 PID 3068 wrote to memory of 2308 3068 chrome.exe 85 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86 PID 3068 wrote to memory of 4132 3068 chrome.exe 86
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ruggededgeholdings.com/1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3068 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff94c96cc40,0x7ff94c96cc4c,0x7ff94c96cc582⤵PID:2016
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1896,i,7538694756188224948,6712548095567010813,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1880 /prefetch:22⤵PID:4784
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2136,i,7538694756188224948,6712548095567010813,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2168 /prefetch:32⤵PID:2308
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2224,i,7538694756188224948,6712548095567010813,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2424 /prefetch:82⤵PID:4132
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,7538694756188224948,6712548095567010813,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:12⤵PID:408
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,7538694756188224948,6712548095567010813,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3204 /prefetch:12⤵PID:3248
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4564,i,7538694756188224948,6712548095567010813,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4656 /prefetch:82⤵PID:1012
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4752,i,7538694756188224948,6712548095567010813,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4840 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:2356
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"1⤵PID:3960
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc1⤵PID:3496
Network
-
Remote address:8.8.8.8:53Requestruggededgeholdings.comIN AResponseruggededgeholdings.comIN A172.96.176.76
-
Remote address:172.96.176.76:443RequestGET / HTTP/2.0
host: ruggededgeholdings.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-encoding: br
content-length: 8
content-type: text/html; charset=UTF-8
date: Wed, 09 Oct 2024 12:50:18 GMT
server: Apache
-
Remote address:172.96.176.76:443RequestGET /favicon.ico HTTP/2.0
host: ruggededgeholdings.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ruggededgeholdings.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-encoding: br
content-length: 8
content-type: text/html; charset=UTF-8
date: Wed, 09 Oct 2024 12:50:21 GMT
server: Apache
-
Remote address:172.96.176.76:443RequestGET / HTTP/2.0
host: ruggededgeholdings.com
cache-control: max-age=0
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-encoding: br
content-length: 8
content-type: text/html; charset=UTF-8
date: Wed, 09 Oct 2024 12:50:26 GMT
server: Apache
-
Remote address:172.96.176.76:443RequestGET /favicon.ico HTTP/2.0
host: ruggededgeholdings.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ruggededgeholdings.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-encoding: br
content-length: 8
content-type: text/html; charset=UTF-8
date: Wed, 09 Oct 2024 12:50:28 GMT
server: Apache
-
Remote address:8.8.8.8:53Request202.187.250.142.in-addr.arpaIN PTRResponse202.187.250.142.in-addr.arpaIN PTRlhr25s33-in-f101e100net
-
Remote address:8.8.8.8:53Request76.176.96.172.in-addr.arpaIN PTRResponse76.176.96.172.in-addr.arpaIN PTRnewwa914hostpapavpsnet
-
Remote address:8.8.8.8:53Requestg.bing.comIN AResponseg.bing.comIN CNAMEg-bing-com.ax-0001.ax-msedge.netg-bing-com.ax-0001.ax-msedge.netIN CNAMEax-0001.ax-msedge.netax-0001.ax-msedge.netIN A150.171.27.10ax-0001.ax-msedge.netIN A150.171.28.10
-
GEThttps://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=82fbfacb6a534d8cba878cfcf0b20e2a&localId=w:45F2691B-218C-F38E-DD34-9B67AA44BEAA&deviceId=6825841072482335&anid=Remote address:150.171.27.10:443RequestGET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=82fbfacb6a534d8cba878cfcf0b20e2a&localId=w:45F2691B-218C-F38E-DD34-9B67AA44BEAA&deviceId=6825841072482335&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=395A738FF66967D0339C669CF76F66FB; domain=.bing.com; expires=Mon, 03-Nov-2025 12:50:19 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D854B2B7B7BA45938473EF6EFE0CD5C1 Ref B: LON601060108040 Ref C: 2024-10-09T12:50:19Z
date: Wed, 09 Oct 2024 12:50:19 GMT
-
GEThttps://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=82fbfacb6a534d8cba878cfcf0b20e2a&localId=w:45F2691B-218C-F38E-DD34-9B67AA44BEAA&deviceId=6825841072482335&anid=Remote address:150.171.27.10:443RequestGET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=82fbfacb6a534d8cba878cfcf0b20e2a&localId=w:45F2691B-218C-F38E-DD34-9B67AA44BEAA&deviceId=6825841072482335&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=395A738FF66967D0339C669CF76F66FB
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=LwxquOCWjsgFx1IywhxMi0RZ8gpH0LGD-IOye0VOXBE; domain=.bing.com; expires=Mon, 03-Nov-2025 12:50:19 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CCDA88EDC80045698B8202D8C24C3D97 Ref B: LON601060108040 Ref C: 2024-10-09T12:50:19Z
date: Wed, 09 Oct 2024 12:50:19 GMT
-
GEThttps://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=82fbfacb6a534d8cba878cfcf0b20e2a&localId=w:45F2691B-218C-F38E-DD34-9B67AA44BEAA&deviceId=6825841072482335&anid=Remote address:150.171.27.10:443RequestGET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=82fbfacb6a534d8cba878cfcf0b20e2a&localId=w:45F2691B-218C-F38E-DD34-9B67AA44BEAA&deviceId=6825841072482335&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=395A738FF66967D0339C669CF76F66FB; MSPTC=LwxquOCWjsgFx1IywhxMi0RZ8gpH0LGD-IOye0VOXBE
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 236EC7106C0646809D56AC294D4E5130 Ref B: LON601060108040 Ref C: 2024-10-09T12:50:19Z
date: Wed, 09 Oct 2024 12:50:19 GMT
-
Remote address:8.8.8.8:53Request83.210.23.2.in-addr.arpaIN PTRResponse83.210.23.2.in-addr.arpaIN PTRa2-23-210-83deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request10.27.171.150.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request50.23.12.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request241.42.69.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request172.214.232.199.in-addr.arpaIN PTRResponse
-
2.5kB 5.7kB 20 24
HTTP Request
GET https://ruggededgeholdings.com/HTTP Response
200HTTP Request
GET https://ruggededgeholdings.com/favicon.icoHTTP Response
200HTTP Request
GET https://ruggededgeholdings.com/HTTP Response
200HTTP Request
GET https://ruggededgeholdings.com/favicon.icoHTTP Response
200 -
150.171.27.10:443https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=82fbfacb6a534d8cba878cfcf0b20e2a&localId=w:45F2691B-218C-F38E-DD34-9B67AA44BEAA&deviceId=6825841072482335&anid=tls, http22.0kB 9.3kB 21 18
HTTP Request
GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=82fbfacb6a534d8cba878cfcf0b20e2a&localId=w:45F2691B-218C-F38E-DD34-9B67AA44BEAA&deviceId=6825841072482335&anid=HTTP Response
204HTTP Request
GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=82fbfacb6a534d8cba878cfcf0b20e2a&localId=w:45F2691B-218C-F38E-DD34-9B67AA44BEAA&deviceId=6825841072482335&anid=HTTP Response
204HTTP Request
GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=82fbfacb6a534d8cba878cfcf0b20e2a&localId=w:45F2691B-218C-F38E-DD34-9B67AA44BEAA&deviceId=6825841072482335&anid=HTTP Response
204
-
68 B 84 B 1 1
DNS Request
ruggededgeholdings.com
DNS Response
172.96.176.76
-
74 B 113 B 1 1
DNS Request
202.187.250.142.in-addr.arpa
-
72 B 110 B 1 1
DNS Request
76.176.96.172.in-addr.arpa
-
56 B 148 B 1 1
DNS Request
g.bing.com
DNS Response
150.171.27.10150.171.28.10
-
70 B 133 B 1 1
DNS Request
83.210.23.2.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
10.27.171.150.in-addr.arpa
-
204 B 3
-
70 B 156 B 1 1
DNS Request
50.23.12.20.in-addr.arpa
-
71 B 145 B 1 1
DNS Request
241.42.69.40.in-addr.arpa
-
74 B 128 B 1 1
DNS Request
172.214.232.199.in-addr.arpa
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD5d0d4b4629b594aa1fbf28f781c0ffedd
SHA1b7ef14b835071d384e2054f229b8cf37ca48af41
SHA25695f36477c63802b1e9cf687c1ce5c343e3853ba72fd7995a906575f462fa839e
SHA51279256ccb70a5c3a94290ae8405bccdaf2d7afa07e6c66bcb76afe3c242957566fa70bdb16e6e65becaec1c66e8223a8c8d4c2a132148c537b1c3adec21660373
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
9KB
MD5e13ab587af0ce38b979653c2fecbf8f1
SHA1698b6245579a400fcb9bf9876f7da869eb34af41
SHA256ec028ad21c948be94ad16e66b374efb0a17ecb173033c39e04bf85c522ef6846
SHA5123b520e5132cc44a033707c95f9ccb1f3e07ebac435cdff121252c79993e883731494caedc9be180d201ad86337b31e8d6f96057a1d41551493dcb00a50f143a2
-
Filesize
8KB
MD52934621657e44be6b2a2dad307eaa310
SHA1e7a288a477b10ae31caca8097f73e80d7d3f517a
SHA25625b42f3ed9a3ce3ac696178b08f340c689f6f70902c8816dbf690943af647df9
SHA512064ea289e4572b5240a1f4fdb0997bd5d754126e9f0f07feac3eec495860e30f18559335f5016ffbbb27fb89b0fcf4e6c6499251ca708e0aa42c6a3753094e56
-
Filesize
8KB
MD533f1604b1fc85afec2bc35966d67667c
SHA1ea7d48ab9b74d14f0a3dc8eb8b63f0a7942dd7f5
SHA2561e7943e18932d958b59add7bbe6d1e144569ea5c6256ba0584f3469a25dd6cbc
SHA5120b9399315909538ecdbe63f8a84fd7873eaa530694cb182bf576c389799f8e9f1dc18b42d1fd58643b3949dc6ecff7148e6d3dc9a1039729944cb69d189a7cbc
-
Filesize
9KB
MD5544b88eedd13a32b53521d526bbc14dd
SHA1471a32c90f4a43b01840346e487ad177450db1a0
SHA2561dd43b8894614457bf33e6db1113a03669ca3c0032f9a3519f3dbc7dea3b0bc0
SHA512a17ca388b78c472977fb5a4043ca45c2188a977c6b22078c8e7b2e132e5642748342fbc63bddafbfba95c5a5855b06a61a0e4e3b84a6bf738410884e02b0ffc0
-
Filesize
9KB
MD56213d5d54a2e8ecb74dfc3afb9697f15
SHA1ba5dce371d7596132c8290d8cd4f12d1be61fbda
SHA2561cc8a7026ee4296d6c0bc2d4039ec7421209ac88bc9da4515d91657e4fb03a6c
SHA5129dc5e4d833792dd0beb4d937cd4d5c372561b1bf6653e0a9093a3c4b6f7853c7bac4c838ae1f2b53cf6591fd2f0da29bf967947e7a622d177f277fefdaa52f74
-
Filesize
8KB
MD5cd8c25aad4032748ba62be69dd8ec6de
SHA1981d329fc7459d80e1f3fb2cb02d812aedecec31
SHA2563d94155c3caa97eba57728b1d2eb912fda3deaf1549f5db0d2e640d62b87b8e6
SHA512de4066a07555568d4c1f5826d2461e7e65552a5714e615467e9d6a964d8205de005ef14b5f06d38a85e2e00b15d74a38eff2a1fe06fd7ab51b0988f15643190e
-
Filesize
9KB
MD5aed47c386e94fe0ff1c66191411cfa62
SHA1b38a10b558c4a345616e4e03df4ff90601dca9d2
SHA256c36ebcb28c98104a3d1749842975fd81e67372207345b5faa2b93767efe016e6
SHA5126649b8f730b440c745bcbb9aca33235d69ded8f2d037cb5b9fb8bdc229af2b40d3b5ba9c5af5ed026ed758158f7331bcdd0d675020595d32e7efbe5cfb2e9796
-
Filesize
9KB
MD5f633e2144cacd9c1b49d1e9428c93606
SHA15b22a9ea38afeb7eec9e70f0b493f6b66d238a51
SHA2562d92cf47b8f9e8e7443d18018f61d65fdd9339f1569f4bf6fb778167f84df8f8
SHA512178ba2bf5044febb3bc6b1eaa74a0b099a49f913219d420182e8b2bc63eab28c8655a88dde61fe721f3294af1ba982b5ae98bfbbae4cc63afb10127534bca79b
-
Filesize
9KB
MD57d14fe9beca29fbfbc3258e7b2fb907e
SHA1ebfbf12e5a43a23d19f506fcdf828220ec73488a
SHA2568fa42c5160deb48576086d5a06e6c1b0b756c69c63aa0299ed60f2ae40819ff4
SHA5128b665eb291dd94b34534175c18579469d9b23eb15e2d295ed0ae51ca5778c123f09f9bf68067bfe6f9fe35ef71673753506f2cc8e558aee77c69068c3954659e
-
Filesize
9KB
MD5920955df25f38e32cc9535e749d4d0a7
SHA13424b2d81dcf46786054038aa6fdc9eafc937be0
SHA2563416ed4cb19b9425651cb2c58090c647a6a130d25d05386385c4ce5d9ca93378
SHA5126124ecf8ddb50293449aee4575e73e4d30c5cb8652614100c5bc14b6e80f0be3bc1b5072aacf013c665a88bfbdd6e055155900d5ac4289e960449ff4768daf98
-
Filesize
116KB
MD5b824c76679dc02151490df7350589255
SHA1b3a5f7ae9bfd54bd7ac0de9dc48b73270e687842
SHA25616a9da05916488415b62ea8d5a576d86d8037b42cc50b472f9b7d32ad2d1a3eb
SHA51289e2ae90536403224678a329fdbd11040bf1cf297a79fb1c98e7a60c41138666ce82cd054773ae086feaa2c821de706f5a898ed5fa22257f7ac32ccd2915d39c
-
Filesize
116KB
MD5b56b58da3e40ff57d74f6d83be14e908
SHA12bdec8c03f1c085bbc7cf2ce0d953799833dec84
SHA256fef50c789acb654bc03604efbb5e25491f2660b8ce72d0857a545ec85e38b3b3
SHA5128008922760d93572bfec69dec03b65f2c1af15b2153807dfe3397df026b83e2fe66e087987c27c3463fd144d2d63ded8dac39d7ad99b626fea9e944e994cb694