{"lang_id": "RU, CN", "RSA Public Key": "J1v92dmlHEXvTq5f5j3hHqD70axrY5eELvziRmk2ZRpplesdH60SWuvAeSoVjaz9ziV8nMt5HZ9yXir8qEhrqq8hQHTJhjrVOT9MbyGYWfZYzeSsY3rIzsZwtP29YyBAT1PpSvyXXlCPmJQXR5Q//8WQgOVDWmVCE+/SpgqvzveosdxnJtgxBktD7wgQNaGVGyH4OJZNZ9g7ljttRKxaL0JCbq13a39yNbpeHzFOy2LZ195Kd7DQep1KcpDmTFkXlvhDjwtk01EiI8xQCLM1y7h+pPXaP6XItJoqiCYUm0VCZWC2PaDptTz+jxtvWnkZONCsmfIGHURcctQ1Ek8LULijbdhGJZWpF2GtQXrTyK4=", "c2_domain": ["app10.laptok.at", "apt.feel500.at", "init.in100k.at"], "botnet": "1500", "server": "580", "serpent_key": "dHCsos5nQ1EGXxPs", "sleep_time": "10", "CONF_TIMEOUT": "20", "SetWaitableTimer_value": "10"}
| Source: 00000002.00000003.800171088.0000000000BB0000.00000040.00000001.sdmp | Malware Configuration Extractor: Ursnif {"lang_id": "RU, CN", "RSA Public Key": "J1v92dmlHEXvTq5f5j3hHqD70axrY5eELvziRmk2ZRpplesdH60SWuvAeSoVjaz9ziV8nMt5HZ9yXir8qEhrqq8hQHTJhjrVOT9MbyGYWfZYzeSsY3rIzsZwtP29YyBAT1PpSvyXXlCPmJQXR5Q//8WQgOVDWmVCE+/SpgqvzveosdxnJtgxBktD7wgQNaGVGyH4OJZNZ9g7ljttRKxaL0JCbq13a39yNbpeHzFOy2LZ195Kd7DQep1KcpDmTFkXlvhDjwtk01EiI8xQCLM1y7h+pPXaP6XItJoqiCYUm0VCZWC2PaDptTz+jxtvWnkZONCsmfIGHURcctQ1Ek8LULijbdhGJZWpF2GtQXrTyK4=", "c2_domain": ["app10.laptok.at", "apt.feel500.at", "init.in100k.at"], "botnet": "1500", "server": "580", "serpent_key": "dHCsos5nQ1EGXxPs", "sleep_time": "10", "CONF_TIMEOUT": "20", "SetWaitableTimer_value": "10"} |
| Source: a04.dll | Virustotal: Detection: 59% | Perma Link |
| Source: a04.dll | Metadefender: Detection: 17% | Perma Link |
| Source: a04.dll | ReversingLabs: Detection: 71% |
| Source: http://app10.laptok.at/KiETfhAdcEl7/hLoS0_2BEdS/nu4Yf9GnANVyXk/YgUltJ7zs6xEJ2nloxeBs/eATUXgJAO922GcgP/GiUgV17y_2BdX4O/qFWwhpMGMf37wi_2BX/lkJe3cdrN/7WVmaELlUteTQIErFhWc/URRkn6I1CeKadfr0Tg_/2BWPYNHHR_2F2UImJAlhjY/i7YonJ3Ydwnd_/2BgOgiB9/MYuujPMMxg18nymjpE2JqFD/0fVq8D9YsD/phg5UsKLZOQl7kqi1/VTS_2FsAFu3G/3TrEzzwsBKW/3MeaiWTLCHCZlD/OY9S51u3L9nBtrZ_2BZx7/0yqRxDj4x6MboGVE/Q0bFKfsJ98F/gfX | Avira URL Cloud: Label: malware |
| Source: http://app10.laptok.at/favicon.ico | Avira URL Cloud: Label: malware |
| Source: http://app10.laptok.at/tej6GHOV/2OZDNZM15j8d4LuzyBm1CPL/pFWNHMsgBq/Me_2BiCKfGmnsgtGg/Rke8C0lda6 | Avira URL Cloud: Label: malware |
| Source: http://app10.laptok.at/iyCuS9ekK6/ZKYlS2pL4_2F6YN5g/m2OzU2ez_2Fk/8F_2BnXwn7_/2BP90eUCGBXbRD/RIrhhRbI | Avira URL Cloud: Label: malware |
| Source: app10.laptok.at | Virustotal: Detection: 12% | Perma Link |
| Source: C:\Windows\System32\loaddll32.exe | Code function: 0_2_00FC35A1 CryptAcquireContextW,memcpy,CryptImportKey,CryptSetKeyParam,memcpy,CryptEncrypt,GetLastError,GetLastError,CryptDestroyKey,GetLastError,CryptReleaseContext,GetLastError, |
| Source: C:\Windows\SysWOW64\regsvr32.exe | Code function: 2_2_00A735A1 CryptAcquireContextW,memcpy,CryptImportKey,CryptSetKeyParam,memcpy,CryptEncrypt,GetLastError,GetLastError,CryptDestroyKey,GetLastError,CryptReleaseContext,GetLastError, |
| Source: a04.dll | Static PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE, DLL |
| Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe | File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll |
| Source: unknown | HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.4:49776 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.4:49775 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 104.26.7.139:443 -> 192.168.2.4:49790 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 104.26.7.139:443 -> 192.168.2.4:49791 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 172.67.69.19:443 -> 192.168.2.4:49806 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 172.67.69.19:443 -> 192.168.2.4:49807 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 172.217.168.38:443 -> 192.168.2.4:49804 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 172.217.168.38:443 -> 192.168.2.4:49805 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 142.250.203.98:443 -> 192.168.2.4:49811 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 142.250.203.98:443 -> 192.168.2.4:49810 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 18.156.81.187:443 -> 192.168.2.4:49813 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 18.156.81.187:443 -> 192.168.2.4:49812 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 35.244.174.68:443 -> 192.168.2.4:49815 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 35.244.174.68:443 -> 192.168.2.4:49814 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 76.223.111.131:443 -> 192.168.2.4:49820 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 76.223.111.131:443 -> 192.168.2.4:49819 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 18.195.217.206:443 -> 192.168.2.4:49822 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 18.195.217.206:443 -> 192.168.2.4:49823 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 18.197.99.6:443 -> 192.168.2.4:49836 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 18.197.99.6:443 -> 192.168.2.4:49835 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 18.156.0.31:443 -> 192.168.2.4:49838 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 18.156.0.31:443 -> 192.168.2.4:49837 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 151.101.1.44:443 -> 192.168.2.4:49851 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 151.101.1.44:443 -> 192.168.2.4:49847 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 151.101.1.44:443 -> 192.168.2.4:49848 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 151.101.1.44:443 -> 192.168.2.4:49850 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 151.101.1.44:443 -> 192.168.2.4:49849 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 151.101.1.44:443 -> 192.168.2.4:49852 version: TLS 1.2 |
| Source: a04.dll | Static PE information: DYNAMIC_BASE, NX_COMPAT |
| Source: | Binary string: c:\Month\quick-major\729\Key\key.pdb source: rundll32.exe, a04.dll |
| Source: C:\Windows\System32\loaddll32.exe | Code function: 0_2_00FC4E9C Wow64EnableWow64FsRedirection,RtlAllocateHeap,RtlAllocateHeap,RtlAllocateHeap,memset,CreateFileA,GetFileTime,CloseHandle,StrRChrA,lstrcat,FindFirstFileA,FindFirstFileA,CompareFileTime,CompareFileTime,FindClose,FindNextFileA,FindClose,FindFirstFileA,CompareFileTime,StrChrA,memcpy,FindNextFileA,FindClose,FindFirstFileA,CompareFileTime,FindClose,HeapFree,HeapFree, |
| Source: C:\Windows\SysWOW64\regsvr32.exe | Code function: 2_2_00A74E9C Wow64EnableWow64FsRedirection,RtlAllocateHeap,RtlAllocateHeap,RtlAllocateHeap,memset,CreateFileA,GetFileTime,FindCloseChangeNotification,StrRChrA,lstrcat,FindFirstFileA,FindFirstFileA,CompareFileTime,CompareFileTime,FindClose,FindNextFileA,FindClose,FindFirstFileA,CompareFileTime,StrChrA,memcpy,FindNextFileA,FindClose,FindFirstFileA,CompareFileTime,FindClose,HeapFree,HeapFree, |
| Source: Traffic | Snort IDS: 2033204 ET TROJAN Ursnif Variant CnC Beacon - URI Struct M2 (_2F) 192.168.2.4:49936 -> 87.106.18.141:80 |
| Source: Traffic | Snort IDS: 2033203 ET TROJAN Ursnif Variant CnC Beacon - URI Struct M1 (_2B) 192.168.2.4:49936 -> 87.106.18.141:80 |
| Source: Traffic | Snort IDS: 2033204 ET TROJAN Ursnif Variant CnC Beacon - URI Struct M2 (_2F) 192.168.2.4:49961 -> 87.106.18.141:80 |
| Source: Traffic | Snort IDS: 2033203 ET TROJAN Ursnif Variant CnC Beacon - URI Struct M1 (_2B) 192.168.2.4:49961 -> 87.106.18.141:80 |
| Source: Traffic | Snort IDS: 2033203 ET TROJAN Ursnif Variant CnC Beacon - URI Struct M1 (_2B) 192.168.2.4:49965 -> 87.106.18.141:80 |
| Source: Traffic | Snort IDS: 2033204 ET TROJAN Ursnif Variant CnC Beacon - URI Struct M2 (_2F) 192.168.2.4:49997 -> 87.106.18.141:80 |
| Source: Traffic | Snort IDS: 2033203 ET TROJAN Ursnif Variant CnC Beacon - URI Struct M1 (_2B) 192.168.2.4:49997 -> 87.106.18.141:80 |
| Source: Joe Sandbox View | JA3 fingerprint: 9e10692f1b7f78228b2d4e424db3a98c |
| Source: Joe Sandbox View | IP Address: 172.67.69.19 172.67.69.19 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49820 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49842 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49813 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49836 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49852 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49807 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49819 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49810 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49776 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49815 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49814 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49791 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49849 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49813 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49812 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49811 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49810 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49841 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49776 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49775 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49852 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49851 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49820 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49837 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49850 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49812 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49851 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49806 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49823 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49830 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49807 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49806 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49805 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49848 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49849 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49804 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49848 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49847 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49790 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49842 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49841 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49838 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49819 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49815 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49850 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49805 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49838 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49837 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49847 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49836 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49835 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49830 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49814 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49822 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49791 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49790 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49835 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49804 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49829 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49829 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49775 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 49811 -> 443 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49823 |
| Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49822 |
| Source: de-ch[1].htm.6.dr | String found in binary or memory: <a href="https://www.facebook.com/" target="_blank" data-piitxt="facebooklite" piiurl="https://www.facebook.com/"> equals www.facebook.com (Facebook) |
| Source: msapplication.xml0.4.dr | String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0x897ba4cc,0x01d7bb82</date><accdate>0x897ba4cc,0x01d7bb82</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook) |
| Source: msapplication.xml0.4.dr | String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0x897ba4cc,0x01d7bb82</date><accdate>0x897ba4cc,0x01d7bb82</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook) |
| Source: msapplication.xml5.4.dr | String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0x897ba4cc,0x01d7bb82</date><accdate>0x897ba4cc,0x01d7bb82</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter) |
| Source: msapplication.xml5.4.dr | String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0x897ba4cc,0x01d7bb82</date><accdate>0x897ba4cc,0x01d7bb82</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter) |
| Source: msapplication.xml7.4.dr | String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0x897ba4cc,0x01d7bb82</date><accdate>0x897ba4cc,0x01d7bb82</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube) |
| Source: msapplication.xml7.4.dr | String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0x897ba4cc,0x01d7bb82</date><accdate>0x897ba4cc,0x01d7bb82</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube) |
| Source: de-ch[1].htm.6.dr | String found in binary or memory: <link rel="preconnect" href="img-s-msn-com.akamaized.net" /><link rel="preconnect" href="c.msn.com" /><link rel="preconnect" href="c.msn.cn" /><link rel="preconnect" href="https://www.bing.com" /><link rel="preconnect" href="//web.vortex.data.msn.com" /><link rel="dns-prefetch" href="img-s-msn-com.akamaized.net" /><link rel="dns-prefetch" href="c.msn.com" /><link rel="dns-prefetch" href="c.msn.cn" /><link rel="dns-prefetch" href="https://www.bing.com" /><link rel="dns-prefetch" href="//web.vortex.data.msn.com" /><link rel="canonical" href="https://www.msn.com/de-ch/" /><meta name="msapplication-TileColor" content="#224f7b"/><meta name="msapplication-TileImage" content="//static-global-s-msn-com.akamaized.net/hp-neu/sc/1f/08ced4.png"/><meta name="msapplication-config" content="none"/> <title>MSN Schweiz | Sign in Hotmail, Outlook Login, Windows Live, Office 365</title> equals www.hotmail.com (Hotmail) |
| Source: 52-478955-68ddb2ab[1].js.6.dr | String found in binary or memory: glich.",errorFooterText:"Zu Twitter wechseln",taskLinks:"Benachrichtigungen|https://twitter.com/i/notifications;Ich|#;Abmelden|#"}],xbox:[{header:"Spotlight",content:"",footerText:"Alle anzeigen",footerUrl:"",taskLinks:"me_groove_taskLinks_store|https://www.microsoft.com/store/media/redirect/music?view=hub;me_groove_taskLinks_play|https://aka.ms/Ixhi8e;me_groove_taskLinks_try|https://aka.ms/msvmj1"},{header:"Meine tolle Wiedergabeliste",headerUrl:"https://aka.ms/qeqf5y",content:"",errorMessage:"",taskLinks:"me_groove_taskLinks_store|https://www.microsoft.com/store/media/redirect/music?view=hub;me_groove_taskLinks_play|https://aka.ms/Ixhi8e;me_groove_taskLinks_try|https://aka.ms/msvmj1"}],bingrewards:[{header:"Pr equals www.twitter.com (Twitter) |
| Source: de-ch[1].htm.6.dr | String found in binary or memory: hren, die sich auf Ihren Internetdatenverkehr auswirken.<br/><br/><a href=\""+e.html(f)+'" onclick="window.location.reload(true)">Klicken Sie hier<\/a> um diese Seite erneut zu laden, oder besuchen Sie: <a href="'+i+'">'+i+"<\/a><\/p><\/div><div id='errorref'><span>Ref 1: "+e.html(o(t.clientSettings.aid))+" Ref 2: "+e.html(t.clientSettings.sid||"000000")+" Ref 3: "+e.html((new r.Date).toUTCString())+"<\/span><\/div><\/div>"});ot({errId:1512,errMsg:n})}function ot(n){require(["track"],function(t){var i={errId:n.errId,errMsg:n.errMsg,reportingType:0};t.trackAppErrorEvent(i)})}function tt(){var n=v(arguments);a(l(n,b),n,!0)}function st(){var n=v(arguments);a(l(n,h),n)}function ht(){var n=v(arguments);a(l(n,y),n)}function ct(n){(r.console||{}).timeStamp?console.timeStamp(n):(r.performance||{}).mark&&r.performance.mark(n)}var w=0,it=-1,b=0,h=1,y=2,s=[],p,k,rt,o,d=!1,c=Math.random()*100<=-1;return ut(r,function(n,t,i,r){return w++,n=nt(n,t,i,r," [ENDMESSAGE]"),n&&tt("[SCRIPTERROR] "+n),!0}),c&&require(["jquery","c.deferred"],function(n){k=!0;rt=n;s.length&&g()}),{error:tt,fatalError:et,unhandledErrorCount:function(){return w},perfMark:ct,warning:st,information:ht}});require(["viewAwareInit"],function(n){n({size2row:"(min-height: 48.75em)",size1row:"(max-height: 48.74em)",size4column:"(min-width: 72em)",size3column:"(min-width: 52.313em) and (max-width: 71.99em)",size2column:"(min-width: 43.75em) and (max-width: 52.303em)",size2rowsize4column:"(min-width: 72em) and (min-height: 48.75em)",size2rowsize3column:"(min-width: 52.313em) and (max-width: 71.99em) and (min-height: 48.75em)",size2rowsize2column:"(max-width: 52.303em) and (min-height: 48.75em)",size1rowsize4column:"(min-width: 72em) and (max-height: 48.74em)",size1rowsize3column:"(min-width: 52.313em) and (max-width: 71.99em) and (max-height: 48.74em)",size1rowsize2column:"(max-width: 52.303em) and (max-height: 48.74em)"})});require(["deviceInit"],function(n){n({AllowTransform3d:"false",AllowTransform2d:"true",RtlScrollLeftAdjustment:"none",ShowMoveTouchGestures:"true",SupportFixedPosition:"true",UseCustomMatchMedia:null,Viewport_Behavior:"Default",Viewport_Landscape:null,Viewport:"width=device-width,initial-scale=1.0",IsMobileDevice:"false"})})</script><meta property="sharing_url" content="https://www.msn.com/de-ch"/><meta property="og:url" content="https://www.msn.com/de-ch/"/><meta property="og:title" content="MSN Schweiz | Sign in Hotmail, O |
Play interactive tour
Edit tour
