Report Overview
- Visited public2025-01-16 16:41:50Tags
- URL
coreavpn.net/docs/corea-v8.zip
- Finishing URL
about:privatebrowsing
- IP / ASN
220.93.109.68#4766 Korea Telecom
Titleabout:privatebrowsing
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| coreavpn.net | unknown | unknown | No data | No data | 484 B | 442 kB | 220.93.109.68 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
coreavpn.net/docs/corea-v8.zip
IP
220.93.109.68ASN
#4766 Korea Telecom
File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
441 kB (441163 bytes)
Hash
ee8354a3a71abdabddb4ee6c36776c9d
5b4640b741fc330b0d354a0ddfe9111bdbea1469
Archive (1)
| Filename | Md5 | File type | ||||||
|---|---|---|---|---|---|---|---|---|
| corea-v8.exe | 9b0df1020cf9ec084cfc9d20b8088051
| PE32+ executable (GUI) x86-64, for MS Windows, 5 sections |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | detect_Redline_Stealer |
| VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (1)
| URL | IP | Response | Size | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
coreavpn.net/docs/corea-v8.zip | 220.93.109.68 | 200 OK | 441 kB | |||||||
Detections
HTTP Headers
| ||||||||||