Report Overview
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
5.42.65.64 | unknown | unknown | 2023-12-07 | 2024-04-14 | 399 B | 74 kB | 5.42.65.64 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Timestamp | Severity | Source IP | Destination IP | Alert |
---|---|---|---|---|
2024-04-20 11:00:50 | low | 5.42.65.64 | Client IP | |
2024-04-20 11:00:50 | high | 5.42.65.64 | Client IP | |
2024-04-20 11:00:50 | medium | 5.42.65.64 | Client IP | |
2024-04-20 11:00:50 | low | 5.42.65.64 | Client IP |
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-04-20 | medium | 5.42.65.64/files/msgbox2.file | files - file ~tmp01925d3f.exe |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-04-20 | medium | 5.42.65.64 | Sinkholed |
ThreatFox
No alerts detected
Files detected
URL
5.42.65.64/files/msgbox2.file
IP
5.42.65.64
ASN
#210352 Partner LLC
File type
PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
Size
74 kB (74240 bytes)
Hash
65ea5410c5869dd9aa8511bdbeaab5bd
cdd0d5e4bfae2d9d5e8f9b300c1e7bf6050196da
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
VirusTotal | malicious |
JavaScript (0)
No Javascripts found
No Javascripts found
No Javascripts found
HTTP Transactions (1)
URL | IP | Response | Size | ||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
5.42.65.64/files/msgbox2.file | 5.42.65.64 | 74 kB | |||||||||||||||||||||||||||||
Detections
HTTP Headers
| |||||||||||||||||||||||||||||||