Report Overview
Submitted URL
vold.pcspeedcat.com/setupit/products/pcat/payloads/base-0722/pcspeedcat.zip
IP
52.57.136.98
ASN
#16509 AMAZON-02
Submitted
2024-04-23 10:01:23
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
13
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
vold.pcspeedcat.com | unknown | 2015-10-21 | 2017-04-21 | 2024-04-18 | 529 B | 1.0 MB | 52.57.136.98 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
Files detected
URL
vold.pcspeedcat.com/setupit/products/pcat/payloads/base-0722/pcspeedcat.zip
IP
52.57.136.98
ASN
#16509 AMAZON-02
File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.0 MB (1021069 bytes)
Hash
187837d6e7d3f8f370c3f852e05a6268
cb1b06b1f2425fc841de02ac0d3dcf0c0e0c677a
Archive (8)
Filename | Md5 | File type | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
PCSpeedCat.exe | 522c10d2699b5891d0949b529308b011
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | |||||||||
res.res | 6619ab78d71dc18bb13ae63e9d3ef77f | MSVC .res | |||||||||
wmi.exe | 97cfbf3bd2ee33d11d3bf37614a01688
| PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections | |||||||||
Runapp.exe | 961668280b897296b64ab55e55566074
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | |||||||||
goup3.exe | bcbd603135b1b14876482b8379266f9c
| PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections | |||||||||
gouninst.exe | 6d405c3e726f647bb796870c510d6d11
| PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections | |||||||||
EULA.txt | 4b77d72189e84d39d5ea079916d66fde | ASCII text, with very long lines (1635), with CRLF line terminators | |||||||||
PCSpeedCat.ico | 5830636b2f06a230711ad998b0ba4b17 | MS Windows icon resource - 6 icons, -128x-128, 32 bits/pixel, 64x64, 32 bits/pixel |
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | Detect files is `SliverFox` malware |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | Detect files is `SliverFox` malware |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | Detect files is `SliverFox` malware |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
vold.pcspeedcat.com/setupit/products/pcat/payloads/base-0722/pcspeedcat.zip | 52.57.136.98 | 200 OK | 1.0 MB | |||||||
Detections
HTTP Headers
| ||||||||||