Report Overview
- Visited public2025-02-10 06:11:27Tags
- URL
reducbabmaytgout.duckdns.org/bins/Hgf.m68k
- Finishing URL
about:privatebrowsing
- IP / ASN
193.143.1.124#198953 Proton66 OOO
Titleabout:privatebrowsing Suspicious - DynDNS domain
Detections
urlquery
2
Network Intrusion Detection
2
Threat Detection Systems
10
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| reducbabmaytgout.duckdns.org | unknown | 2013-04-12 | 2025-01-31 | 2025-02-09 | 424 B | 56 kB | 193.143.1.124 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| 2025-02-10 06:10:57 | medium | Client IP | 193.143.1.124 | |
| 2025-02-10 06:10:57 | high | 193.143.1.124 | Client IP |
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2025-02-10 | medium | reducbabmaytgout.duckdns.org/bins/Hgf.m68k | Detects Mirai Botnet Malware |
| 2025-02-10 | medium | reducbabmaytgout.duckdns.org/bins/Hgf.m68k | Linux.Trojan.Mirai |
| 2025-02-10 | medium | reducbabmaytgout.duckdns.org/bins/Hgf.m68k | Linux.Trojan.Mirai |
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2025-02-10 | medium | reducbabmaytgout.duckdns.org | Sinkholed |
ThreatFox
No alerts detected
Files detected
URL
reducbabmaytgout.duckdns.org/bins/Hgf.m68k
IP
193.143.1.124ASN
#198953 Proton66 OOO
File type
ELF 32-bit MSB executable, Motorola m68k, 68020, version 1 (SYSV)
Size
56 kB (56084 bytes)
Hash
e30d7bf6bbb73922ce3cff4f748c3ef0
5b159517deaa1da3e0cd42385562874bf90cf524
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public Nextron YARA rules | malware | Detects Mirai Botnet Malware |
| Elastic Security YARA Rules | malware | Linux.Trojan.Mirai |
| Elastic Security YARA Rules | malware | Linux.Trojan.Mirai |
| VirusTotal | malicious | |
| ClamAV | malicious | Unix.Trojan.Mirai-6981989-0 |
JavaScript (0)
No Javascripts found
No Javascripts found
No Javascripts found
HTTP Transactions (1)
| URL | IP | Response | Size | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
reducbabmaytgout.duckdns.org/bins/Hgf.m68k | 193.143.1.124 | 200 OK | 56 kB | ||||||||||||||||||||||||||||||||||
Detections
HTTP Headers
| |||||||||||||||||||||||||||||||||||||