Report - ak.imgfarm.com/images/nocache/vicinio/205320000/206582528/1328896086803/VDC

Report Overview

Visitedpublic

2024-12-10 00:41:28

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
ak.imgfarm.com	291248	2001-11-12	2012-05-21	2024-12-07	540 B	6.7 MB	23.36.77.243

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-12-10	medium	ak.imgfarm.com/images/nocache/vicinio/205320000/206582528/1328896086803/VDC_Silent.exe	Detect files is `SliverFox` malware

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

ak.imgfarm.com/images/nocache/vicinio/205320000/206582528/1328896086803/VDC_Silent.exe

IP / ASN

23.36.77.243

#20940 Akamai International B.V.

File Overview

File TypePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections

Size6.7 MB (6721680 bytes)

MD57212092dbc62632838eeb85a85d322dd

SHA13ac315bed35a29f4bddb0047ee59ad54fd669ec3

SHA2560fccc5af66f5818604cbf6ae4c31ab6ea03c6a7eb09425117639118132388f7e

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files is `SliverFox` malware
VirusTotal	suspicious	VirusTotal - Scan result 9/69

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET ak.imgfarm.com/images/nocache/vicinio/205320000/206582528/1328896086803/VDC_Silent.exe

23.36.77.243

200 OK

6.7 MB

URL

ak.imgfarm.com/images/nocache/vicinio/205320000/206582528/1328896086803/VDC_Silent.exe

IP / ASN

23.36.77.243

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections

First Seen2023-11-23

Last Seen2024-12-10

Times Seen5

Size6.7 MB (6721680 bytes)

MD57212092dbc62632838eeb85a85d322dd

SHA13ac315bed35a29f4bddb0047ee59ad54fd669ec3

SHA2560fccc5af66f5818604cbf6ae4c31ab6ea03c6a7eb09425117639118132388f7e

Certificate Info

IssuerLet's Encrypt

Subjectak.imgfarm.com

Fingerprint10:19:A9:A6:66:B3:1E:36:68:86:3F:75:DA:E0:93:D8:9D:E4:37:3C

ValidityWed, 13 Nov 2024 16:32:32 GMT - Tue, 11 Feb 2025 16:32:31 GMT

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files is `SliverFox` malware
VirusTotal	suspicious	VirusTotal - Scan result 9/69

HTTP Headers

GET /images/nocache/vicinio/205320000/206582528/1328896086803/VDC_Silent.exe HTTP/1.1
Host: ak.imgfarm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 10 Feb 2012 17:48:34 GMT
ETag: "669090-4b89fbcd18080"
Accept-Ranges: bytes
Content-Length: 6721680
Content-Type: application/octet-stream
Cache-Control: max-age=0
Expires: Tue, 10 Dec 2024 00:41:03 GMT
Date: Tue, 10 Dec 2024 00:41:03 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *