Report Overview
Visitedpublic
2023-09-26 05:05:11
Tags
Submit Tags
URL
gotham.community/stealer/ProcessHider.dll
Finishing URL
about:privatebrowsing
IP / ASN
104.21.63.224
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
gotham.community 3 alert(s) on this Domain | unknown | 2023-08-20 | 2023-08-25 18:03:02 | 2023-09-25 13:43:54 | 497 B | 115 kB |  172.67.172.89 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2023-09-26 | medium | gotham.community/stealer/ProcessHider.dll | files - file ~tmp01925d3f.exe |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2023-09-26 | medium | gotham.community | Sinkholed |
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
gotham.community/stealer/ProcessHider.dll
IP / ASN
172.67.172.89
File Overview
File TypePE32+ executable (DLL) (GUI) x86-64, for MS Windows\012- data
Size115 kB (114688 bytes)
MD5d7ece32f05fa82c057abfe7a8577d8b5
SHA1e7acd9c2b424c6a512fce45f3611312a76b6c3f3
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
| VirusTotal | suspicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|