Report Overview
Visitedpublic
2025-02-14 17:08:07
Tags
Submit Tags
URL
www.warbotpoker.com/roomsettings/888%20Poker/888resizerAug23.exe
Finishing URL
about:privatebrowsing
IP / ASN
104.21.60.95
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
www.warbotpoker.com 3 alert(s) on this Domain | unknown | 2018-03-27 | 2018-05-15 | 2024-02-11 | 530 B | 1.2 MB | 104.21.60.95 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2025-02-14 | medium | www.warbotpoker.com/roomsettings/888%20Poker/888resizerAug23.exe | Detects imphash often found in malware samples (Maximum 0,25% hits with search for 'imphash:x p:0' on Virustotal) = 99,75% hits |
| 2025-02-14 | medium | www.warbotpoker.com/roomsettings/888%20Poker/888resizerAug23.exe | Identifies compiled AutoIT script (as EXE). |
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
www.warbotpoker.com/roomsettings/888%20Poker/888resizerAug23.exe
IP / ASN
104.21.60.95
File Overview
File TypePE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
Size1.2 MB (1185280 bytes)
MD533a27a1de17f85936b7f5a7124e26bfc
SHA17c7f84818ab4f478861997b25c0c6f36b4015ce3
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public Nextron YARA rules | malware | Detects imphash often found in malware samples (Maximum 0,25% hits with search for 'imphash:x p:0' on Virustotal) = 99,75% hits |
| Public InfoSec YARA rules | malware | Identifies compiled AutoIT script (as EXE). |
| VirusTotal | malicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|