Report Overview

  1. Visited public
    2025-01-29 15:04:45
    Tags
  2. URL

    snapshot.nextdns.io/master/nextdns-SNAPSHOT-621d63d_windows_armv5.zip

  3. Finishing URL

    about:privatebrowsing

  4. IP / ASN
    104.26.10.186

    #13335 CLOUDFLARENET

    Title
    about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
snapshot.nextdns.iounknown2019-03-062022-08-212025-01-29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    snapshot.nextdns.io/master/nextdns-SNAPSHOT-621d63d_windows_armv5.zip

  2. IP

    104.26.11.186

  3. ASN

    #13335 CLOUDFLARENET

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=deflate

    Size

    2.6 MB (2635480 bytes)

  2. Hash

    b34671ac7f1c3c78d7b2c237ee4658b9

    98fb3cad0196a5cc09ebd9e3e03d7b4d5121a121

  1. Archive (3)

    2. FilenameMd5File type
    LICENSE
    8128a7760e479c9ea016cf44725462e9
    		ASCII text
    README.md
    bbcabb855a987de3a5b6811cfe044a56
    		ASCII text, with very long lines (317)
    nextdns.exe
    cf35a50f08d2685930d9a9577f520a6c
    		PE32 executable (console) ARMv7 Thumb, for MS Windows, 6 sections

    Detections

    AnalyzerVerdictAlert
    Public InfoSec YARA rulesmalware
    Identifies Ekans aka Snake ransomware unpacked or in memory.

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
snapshot.nextdns.io/master/nextdns-SNAPSHOT-621d63d_windows_armv5.zip
104.26.11.186200 OK2.6 MB