Report - www.macrosilicon.com:9080/download/USBDisplay/Windows/Installer/V31/WinUSBDisplay_Windows

Report Overview

Visited public
2024-10-20 19:06:09
Tags
URL
www.macrosilicon.com:9080/download/USBDisplay/Windows/Installer/V31/WinUSBDisplay_Windows_V3.1.9.82.exe
Finishing URL
about:privatebrowsing
IP / ASN
60.174.195.2
#4134 Chinanet
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.macrosilicon.com	unknown	unknown	No data	No data	473 B	4.4 MB	60.174.195.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-10-20 19:05:46	high	60.174.195.2	Client IP	ET POLICY PE EXE or DLL Windows file download HTTP

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-10-20	medium	www.macrosilicon.com:9080/download/USBDisplay/Windows/Installer/V31/WinUSBDisplay_Windows_V3.1.9.82.exe	pe_detect_tls_callbacks

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.macrosilicon.com:9080/download/USBDisplay/Windows/Installer/V31/WinUSBDisplay_Windows_V3.1.9.82.exe
IP
60.174.195.2
ASN
#4134 Chinanet

File type
PE32 executable (GUI) Intel 80386, for MS Windows, 10 sections
Size
4.4 MB (4415616 bytes)
Hash
f19fc0f69c8fb79c3b292d768246dca9
5e7d729c6b817e88ee1a78e8d38e9607392ba317
a943a9c57b5a172dc815181fa4aba99b7a77be37ac2ed5a90384f5260a8fa846

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	pe_detect_tls_callbacks

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.macrosilicon.com:9080/download/USBDisplay/Windows/Installer/V31/WinUSBDisplay_Windows_V3.1.9.82.exe

60.174.195.2

200 OK

4.4 MB

URL User Request GET HTTP/1.1
www.macrosilicon.com:9080/download/USBDisplay/Windows/Installer/V31/WinUSBDisplay_Windows_V3.1.9.82.exe
IP
60.174.195.2:9080
ASN
#4134 Chinanet

File type
PE32 executable (GUI) Intel 80386, for MS Windows, 10 sections
Size
4.4 MB (4415616 bytes)
Hash
f19fc0f69c8fb79c3b292d768246dca9
5e7d729c6b817e88ee1a78e8d38e9607392ba317
a943a9c57b5a172dc815181fa4aba99b7a77be37ac2ed5a90384f5260a8fa846

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	pe_detect_tls_callbacks

HTTP Headers

GET /download/USBDisplay/Windows/Installer/V31/WinUSBDisplay_Windows_V3.1.9.82.exe HTTP/1.1
Host: www.macrosilicon.com:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 20 Oct 2024 19:05:46 GMT
Content-Type: application/octet-stream
Content-Length: 4415616
Last-Modified: Wed, 24 Jan 2024 01:29:40 GMT
Connection: keep-alive
ETag: "65b06804-436080"
Accept-Ranges: bytes

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers