Report Overview

  1. Submitted URL

    mercurimanangere.ddnsking.com/madamwebfitonasabase6444.txt

  2. IP

    192.3.101.142

    ASN

    #36352 AS-COLOCROSSING

  3. Submitted

    2024-05-08 18:39:05

    Access

    public

  4. Website Title

    mercurimanangere.ddnsking.com/madamwebfitonasabase6444.txt

  5. Final URL

    mercurimanangere.ddnsking.com/madamwebfitonasabase6444.txt

  6. Tags

  7. urlquery detections

    Suspicious - Base64 encoded file

    Suspicious - DynDNS domain

Detections

  2. urlquery

    5

  3. Network Intrusion Detection

    0

  4. Threat Detection Systems

    2

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
mercurimanangere.ddnsking.comunknownunknownNo dataNo data

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules
SeverityIndicatorAlert
mediummercurimanangere.ddnsking.com/madamwebfitonasabase6444.txtDetects an base64 encoded executable with reversed characters

OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    mercurimanangere.ddnsking.com/madamwebfitonasabase6444.txt

  2. IP

    192.3.101.142

  3. ASN

    #36352 AS-COLOCROSSING

  1. File type

    PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

    Size

    246 kB (246272 bytes)

  2. Hash

    eb34eabec4f015fb2c9d8949545dc480

    88a60a7b15406d5fee25f5c174ad0547f6d8bca9

    Detections

    AnalyzerVerdictAlert
    VirusTotalmalicious
    VirusTotal - Scan result 56/72

JavaScript (0)

HTTP Transactions (2)

URLIPResponseSize
mercurimanangere.ddnsking.com/madamwebfitonasabase6444.txt
192.3.101.142200 OK112 kB
mercurimanangere.ddnsking.com/favicon.ico
192.3.101.142404 Not Found1.2 kB