Report Overview
Submitted URL
11.emwanptdown.wensya.cn:3020/xtzjw7-down/app/534.exe?tk=3ImMlVzNiRGZxIDM2MDZjhjMwEjM5MGZmZGO0cTZmVDfu9Gft92Yukmeph2YhxnMwMDO3EjNwcTM
IP
223.76.169.157ASN
#9808 China Mobile Communications Group Co., Ltd.
Submitted
2024-03-29 00:15:02
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| 11.emwanptdown.wensya.cn:3020 | unknown | unknown | No data | No data | 503 B | 1.4 MB | 223.76.169.157 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-03-29 | medium | 11.emwanptdown.wensya.cn:3020/xtzjw7-down/app/534.exe?tk=3ImMlVzNiRGZxIDM2MDZjhjMwEjM5MGZmZGO0cTZmVDfu9Gft92Yukmeph2YhxnMwMDO3EjNwcTM | meth_get_eip |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
11.emwanptdown.wensya.cn:3020/xtzjw7-down/app/534.exe?tk=3ImMlVzNiRGZxIDM2MDZjhjMwEjM5MGZmZGO0cTZmVDfu9Gft92Yukmeph2YhxnMwMDO3EjNwcTM
IP
223.76.169.157ASN
#9808 China Mobile Communications Group Co., Ltd.
File type
PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections
Size
1.4 MB (1385305 bytes)
Hash
e22f46d53a076a5bc38945476852ad00
8bb4f8684012b566f7b061859668930150150809
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | meth_get_eip |
| VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (1)
| URL | IP | Response | Size | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
11.emwanptdown.wensya.cn:3020/xtzjw7-down/app/534.exe?tk=3ImMlVzNiRGZxIDM2MDZjhjMwEjM5MGZmZGO0cTZmVDfu9Gft92Yukmeph2YhxnMwMDO3EjNwcTM | 223.76.169.157 | 200 OK | 1.4 MB | ||||||||||
Detections
HTTP Headers
| |||||||||||||