Resubmissions

11/12/2024, 18:37 UTC

241211-w9f3rstpez 10

11/12/2024, 18:28 UTC

241211-w4jayatnat 10

Analysis

  • max time kernel
    124s
  • max time network
    132s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20241211-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20241211-enlocale:en-usos:windows10-ltsc 2021-x64system
  • submitted
    11/12/2024, 18:28 UTC

General

  • Target

    Inspectors/QWhale.Syntax.Schemes.dll

  • Size

    284KB

  • MD5

    681abb88692a8d2662c527eab350744b

  • SHA1

    58bf5fdfa668c2add65a6b7edbb43eab47648821

  • SHA256

    9ad5749ba1914101cd4cf2736d0e74bbb8c7abbe93fd5e83377d5cbf33ddb78d

  • SHA512

    5f2a370b4bd64e03469ddaa90b7ebd75e588033dbe48ae1b111fa537e56aa13b5bd7e067126d3cc543faf45cd0595ea2355d8fa412197b61f18754e4f9876823

  • SSDEEP

    1536:/YiCDgqGqtbeBLmTnNLUSgk9NPOEbg0hIc2Vrl2XuPtlPpXB1sJOm8M93f2AkkgW:abMmTnNLUSgk9NPOEL2Wg1TOV

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Inspectors\QWhale.Syntax.Schemes.dll,#1
    1⤵
      PID:508
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations=is-enterprise-managed=no --field-trial-handle=4084,i,9196809988335597270,13533469875825522379,262144 --variations-seed-version --mojo-platform-channel-handle=4200 /prefetch:8
      1⤵
        PID:3940
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --string-annotations=is-enterprise-managed=no --field-trial-handle=3212,i,9196809988335597270,13533469875825522379,262144 --variations-seed-version --mojo-platform-channel-handle=5168 /prefetch:8
        1⤵
          PID:380
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations=is-enterprise-managed=no --field-trial-handle=784,i,9196809988335597270,13533469875825522379,262144 --variations-seed-version --mojo-platform-channel-handle=3228 /prefetch:8
          1⤵
            PID:4844

          Network

          • flag-us
            DNS
            138.32.126.40.in-addr.arpa
            Remote address:
            8.8.8.8:53
            Request
            138.32.126.40.in-addr.arpa
            IN PTR
            Response
          • flag-us
            DNS
            95.221.229.192.in-addr.arpa
            Remote address:
            8.8.8.8:53
            Request
            95.221.229.192.in-addr.arpa
            IN PTR
            Response
          • flag-us
            DNS
            edge.microsoft.com
            Remote address:
            8.8.8.8:53
            Request
            edge.microsoft.com
            IN A
            Response
            edge.microsoft.com
            IN CNAME
            edge-microsoft-com.dual-a-0036.a-msedge.net
            edge-microsoft-com.dual-a-0036.a-msedge.net
            IN CNAME
            dual-a-0036.a-msedge.net
            dual-a-0036.a-msedge.net
            IN A
            204.79.197.239
            dual-a-0036.a-msedge.net
            IN A
            13.107.21.239
          • flag-us
            DNS
            edge.microsoft.com
            Remote address:
            8.8.8.8:53
            Request
            edge.microsoft.com
            IN Unknown
            Response
            edge.microsoft.com
            IN CNAME
            edge-microsoft-com.dual-a-0036.a-msedge.net
          • flag-us
            DNS
            edgeassetservice.azureedge.net
            Remote address:
            8.8.8.8:53
            Request
            edgeassetservice.azureedge.net
            IN A
            Response
            edgeassetservice.azureedge.net
            IN CNAME
            edgeassetservice.afd.azureedge.net
            edgeassetservice.afd.azureedge.net
            IN CNAME
            azureedge-t-prod.trafficmanager.net
            azureedge-t-prod.trafficmanager.net
            IN CNAME
            shed.dual-low.s-part-0036.t-0009.t-msedge.net
            shed.dual-low.s-part-0036.t-0009.t-msedge.net
            IN CNAME
            s-part-0036.t-0009.t-msedge.net
            s-part-0036.t-0009.t-msedge.net
            IN A
            13.107.246.64
          • flag-us
            DNS
            edgeassetservice.azureedge.net
            Remote address:
            8.8.8.8:53
            Request
            edgeassetservice.azureedge.net
            IN Unknown
            Response
            edgeassetservice.azureedge.net
            IN CNAME
            edgeassetservice.afd.azureedge.net
            edgeassetservice.afd.azureedge.net
            IN CNAME
            azureedge-t-prod.trafficmanager.net
            azureedge-t-prod.trafficmanager.net
            IN CNAME
            shed.dual-low.s-part-0036.t-0009.t-msedge.net
            shed.dual-low.s-part-0036.t-0009.t-msedge.net
            IN CNAME
            s-part-0036.t-0009.t-msedge.net
          • flag-gb
            HEAD
            http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d
            Remote address:
            2.20.12.95:80
            Request
            HEAD /filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d HTTP/1.1
            Connection: Keep-Alive
            Accept: */*
            Accept-Encoding: identity
            User-Agent: Microsoft BITS/7.8
            Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
          • flag-us
            DNS
            43.229.111.52.in-addr.arpa
            Remote address:
            8.8.8.8:53
            Request
            43.229.111.52.in-addr.arpa
            IN PTR
            Response
          • flag-us
            DNS
            73.144.22.2.in-addr.arpa
            Remote address:
            8.8.8.8:53
            Request
            73.144.22.2.in-addr.arpa
            IN PTR
            Response
            73.144.22.2.in-addr.arpa
            IN PTR
            a2-22-144-73deploystaticakamaitechnologiescom
          • flag-us
            DNS
            msedge.b.tlu.dl.delivery.mp.microsoft.com
            Remote address:
            8.8.8.8:53
            Request
            msedge.b.tlu.dl.delivery.mp.microsoft.com
            IN A
            Response
            msedge.b.tlu.dl.delivery.mp.microsoft.com
            IN CNAME
            star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
            star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com
            IN CNAME
            cdp-f-tlu-net.trafficmanager.net
            cdp-f-tlu-net.trafficmanager.net
            IN CNAME
            fg.microsoft.map.fastly.net
            fg.microsoft.map.fastly.net
            IN A
            199.232.210.172
            fg.microsoft.map.fastly.net
            IN A
            199.232.214.172
          • flag-us
            HEAD
            http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d
            Remote address:
            199.232.210.172:80
            Request
            HEAD /filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d HTTP/1.1
            Connection: Keep-Alive
            Accept: */*
            Accept-Encoding: identity
            User-Agent: Microsoft BITS/7.8
            Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
            Response
            HTTP/1.1 200 OK
            Connection: keep-alive
            Content-Length: 4448586
            Cache-Control: public, max-age=17280000
            Content-Type: application/x-chrome-extension
            Last-Modified: Tue, 03 Dec 2024 10:36:31 GMT
            ETag: "b8p/pTyDLfK6t4obMRNRbv4MCDA="
            MS-CorrelationId: 228f3c50-2747-496a-974e-b28729e1075a
            MS-RequestId: 31c0ed07-dc00-462b-976c-4972922f9047
            MS-CV: j6fbaIOanUK/tMSP.0
            Accept-Ranges: bytes
            Date: Wed, 11 Dec 2024 18:30:30 GMT
            Via: 1.1 varnish
            Age: 150743
            X-Served-By: cache-lcy-eglc8600040-LCY
            X-Cache: HIT
            X-Cache-Hits: 2802
            X-Timer: S1733941830.367473,VS0,VE0
            X-CID: 3
            X-CCC: GB
          • flag-us
            GET
            http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d
            Remote address:
            199.232.210.172:80
            Request
            GET /filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d HTTP/1.1
            Connection: Keep-Alive
            Accept: */*
            Accept-Encoding: identity
            If-Unmodified-Since: Tue, 03 Dec 2024 10:36:31 GMT
            Range: bytes=0-601301
            User-Agent: Microsoft BITS/7.8
            Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
            Response
            HTTP/1.1 206 Partial Content
            Connection: keep-alive
            Content-Length: 601302
            Cache-Control: public, max-age=17280000
            Content-Type: application/x-chrome-extension
            Last-Modified: Tue, 03 Dec 2024 10:36:31 GMT
            ETag: "b8p/pTyDLfK6t4obMRNRbv4MCDA="
            MS-CorrelationId: 228f3c50-2747-496a-974e-b28729e1075a
            MS-RequestId: 31c0ed07-dc00-462b-976c-4972922f9047
            MS-CV: j6fbaIOanUK/tMSP.0
            Accept-Ranges: bytes
            Date: Wed, 11 Dec 2024 18:30:30 GMT
            Via: 1.1 varnish
            Age: 150743
            X-Served-By: cache-lcy-eglc8600040-LCY
            X-Cache: HIT
            X-Cache-Hits: 2803
            X-Timer: S1733941830.440543,VS0,VE0
            X-CID: 3
            X-CCC: GB
            Content-Range: bytes 0-601301/4448586
          • flag-us
            GET
            http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d
            Remote address:
            199.232.210.172:80
            Request
            GET /filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d HTTP/1.1
            Connection: Keep-Alive
            Accept: */*
            Accept-Encoding: identity
            If-Unmodified-Since: Tue, 03 Dec 2024 10:36:31 GMT
            Range: bytes=601302-2093053
            User-Agent: Microsoft BITS/7.8
            Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
            Response
            HTTP/1.1 206 Partial Content
            Connection: keep-alive
            Content-Length: 1491752
            Cache-Control: public, max-age=17280000
            Content-Type: application/x-chrome-extension
            Last-Modified: Tue, 03 Dec 2024 10:36:31 GMT
            ETag: "b8p/pTyDLfK6t4obMRNRbv4MCDA="
            MS-CorrelationId: 228f3c50-2747-496a-974e-b28729e1075a
            MS-RequestId: 31c0ed07-dc00-462b-976c-4972922f9047
            MS-CV: j6fbaIOanUK/tMSP.0
            Accept-Ranges: bytes
            Date: Wed, 11 Dec 2024 18:30:31 GMT
            Via: 1.1 varnish
            Age: 150744
            X-Served-By: cache-lcy-eglc8600040-LCY
            X-Cache: HIT
            X-Cache-Hits: 2805
            X-Timer: S1733941832.505556,VS0,VE0
            X-CID: 3
            X-CCC: GB
            Content-Range: bytes 601302-2093053/4448586
          • flag-us
            GET
            http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d
            Remote address:
            199.232.210.172:80
            Request
            GET /filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d HTTP/1.1
            Connection: Keep-Alive
            Accept: */*
            Accept-Encoding: identity
            If-Unmodified-Since: Tue, 03 Dec 2024 10:36:31 GMT
            Range: bytes=2093054-4448585
            User-Agent: Microsoft BITS/7.8
            Host: msedge.b.tlu.dl.delivery.mp.microsoft.com
            Response
            HTTP/1.1 206 Partial Content
            Connection: keep-alive
            Content-Length: 2355532
            Cache-Control: public, max-age=17280000
            Content-Type: application/x-chrome-extension
            Last-Modified: Tue, 03 Dec 2024 10:36:31 GMT
            ETag: "b8p/pTyDLfK6t4obMRNRbv4MCDA="
            MS-CorrelationId: 228f3c50-2747-496a-974e-b28729e1075a
            MS-RequestId: 31c0ed07-dc00-462b-976c-4972922f9047
            MS-CV: j6fbaIOanUK/tMSP.0
            Accept-Ranges: bytes
            Date: Wed, 11 Dec 2024 18:30:32 GMT
            Via: 1.1 varnish
            Age: 564468
            X-Served-By: cache-lcy-eglc8600040-LCY
            X-Cache: HIT
            X-Cache-Hits: 105197
            X-Timer: S1733941833.564069,VS0,VE0
            X-CID: 3
            X-CCC: GB
            Content-Range: bytes 2093054-4448585/4448586
          • flag-us
            DNS
            172.210.232.199.in-addr.arpa
            Remote address:
            8.8.8.8:53
            Request
            172.210.232.199.in-addr.arpa
            IN PTR
            Response
          • flag-us
            DNS
            edge.microsoft.com
            Remote address:
            8.8.8.8:53
            Request
            edge.microsoft.com
            IN A
            Response
            edge.microsoft.com
            IN CNAME
            edge-microsoft-com.dual-a-0036.a-msedge.net
            edge-microsoft-com.dual-a-0036.a-msedge.net
            IN CNAME
            dual-a-0036.a-msedge.net
            dual-a-0036.a-msedge.net
            IN A
            204.79.197.239
            dual-a-0036.a-msedge.net
            IN A
            13.107.21.239
          • flag-us
            DNS
            edge.microsoft.com
            Remote address:
            8.8.8.8:53
            Request
            edge.microsoft.com
            IN Unknown
            Response
            edge.microsoft.com
            IN CNAME
            edge-microsoft-com.dual-a-0036.a-msedge.net
          • flag-us
            DNS
            26.178.89.13.in-addr.arpa
            Remote address:
            8.8.8.8:53
            Request
            26.178.89.13.in-addr.arpa
            IN PTR
            Response
          • flag-us
            DNS
            edge.microsoft.com
            Remote address:
            8.8.8.8:53
            Request
            edge.microsoft.com
            IN A
            Response
            edge.microsoft.com
            IN CNAME
            edge-microsoft-com.dual-a-0036.a-msedge.net
            edge-microsoft-com.dual-a-0036.a-msedge.net
            IN CNAME
            dual-a-0036.a-msedge.net
            dual-a-0036.a-msedge.net
            IN A
            13.107.21.239
            dual-a-0036.a-msedge.net
            IN A
            204.79.197.239
          • flag-us
            DNS
            edge.microsoft.com
            Remote address:
            8.8.8.8:53
            Request
            edge.microsoft.com
            IN Unknown
            Response
            edge.microsoft.com
            IN CNAME
            edge-microsoft-com.dual-a-0036.a-msedge.net
          • 204.79.197.239:443
            edge.microsoft.com
            tls
            3.6kB
            8.4kB
            19
            22
          • 13.107.246.64:443
            edgeassetservice.azureedge.net
            tls
            23.0kB
            1.2MB
            435
            839
          • 2.20.12.95:80
            http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d
            http
            395 B
            40 B
            1
            1

            HTTP Request

            HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d
          • 204.79.197.239:443
            edge.microsoft.com
            46 B
            40 B
            1
            1
          • 204.79.197.239:443
            edge.microsoft.com
            46 B
            40 B
            1
            1
          • 199.232.210.172:80
            http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d
            http
            110.4kB
            4.6MB
            2109
            3301

            HTTP Request

            HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d

            HTTP Response

            200

            HTTP Request

            GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d

            HTTP Response

            206

            HTTP Request

            GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d

            HTTP Response

            206

            HTTP Request

            GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/9ff6323b-be21-4d0a-848f-4e609840e48d?P1=1734502692&P2=404&P3=2&P4=DHzxgcVyOraMgfL0ccPLX8Qzrtflz85WgR6eTdz%2fs%2bhhAsaDj%2fHCmj92SF0w68rCQe8oP9ns3SM3gLSIXALxNQ%3d%3d

            HTTP Response

            206
          • 204.79.197.239:443
            edge.microsoft.com
            tls
            4.7kB
            7.8kB
            16
            19
          • 8.8.8.8:53
            138.32.126.40.in-addr.arpa
            dns
            72 B
            158 B
            1
            1

            DNS Request

            138.32.126.40.in-addr.arpa

          • 8.8.8.8:53
            95.221.229.192.in-addr.arpa
            dns
            73 B
            144 B
            1
            1

            DNS Request

            95.221.229.192.in-addr.arpa

          • 8.8.8.8:53
            edge.microsoft.com
            dns
            64 B
            167 B
            1
            1

            DNS Request

            edge.microsoft.com

            DNS Response

            204.79.197.239
            13.107.21.239

          • 8.8.8.8:53
            edge.microsoft.com
            dns
            64 B
            168 B
            1
            1

            DNS Request

            edge.microsoft.com

          • 8.8.8.8:53
            edgeassetservice.azureedge.net
            dns
            76 B
            243 B
            1
            1

            DNS Request

            edgeassetservice.azureedge.net

            DNS Response

            13.107.246.64

          • 8.8.8.8:53
            edgeassetservice.azureedge.net
            dns
            76 B
            287 B
            1
            1

            DNS Request

            edgeassetservice.azureedge.net

          • 8.8.8.8:53
            43.229.111.52.in-addr.arpa
            dns
            72 B
            158 B
            1
            1

            DNS Request

            43.229.111.52.in-addr.arpa

          • 8.8.8.8:53
            73.144.22.2.in-addr.arpa
            dns
            70 B
            133 B
            1
            1

            DNS Request

            73.144.22.2.in-addr.arpa

          • 8.8.8.8:53
            msedge.b.tlu.dl.delivery.mp.microsoft.com
            dns
            87 B
            266 B
            1
            1

            DNS Request

            msedge.b.tlu.dl.delivery.mp.microsoft.com

            DNS Response

            199.232.210.172
            199.232.214.172

          • 8.8.8.8:53
            172.210.232.199.in-addr.arpa
            dns
            74 B
            128 B
            1
            1

            DNS Request

            172.210.232.199.in-addr.arpa

          • 8.8.8.8:53
            edge.microsoft.com
            dns
            64 B
            167 B
            1
            1

            DNS Request

            edge.microsoft.com

            DNS Response

            204.79.197.239
            13.107.21.239

          • 8.8.8.8:53
            edge.microsoft.com
            dns
            64 B
            168 B
            1
            1

            DNS Request

            edge.microsoft.com

          • 8.8.8.8:53
            26.178.89.13.in-addr.arpa
            dns
            71 B
            145 B
            1
            1

            DNS Request

            26.178.89.13.in-addr.arpa

          • 8.8.8.8:53
            edge.microsoft.com
            dns
            64 B
            167 B
            1
            1

            DNS Request

            edge.microsoft.com

            DNS Response

            13.107.21.239
            204.79.197.239

          • 8.8.8.8:53
            edge.microsoft.com
            dns
            64 B
            168 B
            1
            1

            DNS Request

            edge.microsoft.com

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          We care about your privacy.

          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.