Report Overview
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
71.136.136.84:8080 | unknown | unknown | No data | No data | 395 B | 9.6 MB | 71.136.136.84 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Timestamp | Severity | Source IP | Destination IP | Alert |
---|---|---|---|---|
2024-04-18 20:28:13 | medium | Client IP | 71.136.136.84 |
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-04-18 | medium | 71.136.136.84 | Sinkholed |
ThreatFox
No alerts detected
Files detected
URL
71.136.136.84:8080/ai.zip
IP
71.136.136.84
ASN
#7018 ATT-INTERNET4
File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
9.6 MB (9553381 bytes)
Hash
fea70b522ae9135114a04fe725c33d98
316dd77ea427b67267fcfc970361f1b397f3e4a6
Archive (4)
Filename | Md5 | File type | |||
---|---|---|---|---|---|
ai.exe | c3d5c9531019d95823357d761aeb74f1
| PE32+ executable (GUI) x86-64, for MS Windows, 7 sections | |||
animal_info.txt | 83011117485a98bec5f82f410e8a85e8 | Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | |||
Options.txt | f10fdc1a27e6aa9618bf27419aebbbed | ASCII text, with CRLF line terminators | |||
User_Input.txt | 2095635ba8b24d4e259b90c30605056b | ASCII text, with CRLF line terminators |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public InfoSec YARA rules | malware | Identifies executable converted using PyInstaller. |
JavaScript (0)
No Javascripts found
No Javascripts found
No Javascripts found
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
71.136.136.84:8080/ai.zip | 71.136.136.84 | 9.6 MB | ||||||||
Detections
HTTP Headers
| ||||||||||