Report - www.remoteutilities.com/download/host-7.6.2.0.exe

Report Overview

Visitedpublic

2025-02-04 03:06:10

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
www.remoteutilities.com	unknown	2010-07-30	2012-06-21	2025-01-28	515 B	1.6 MB	104.26.8.196

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-02-04	medium	www.remoteutilities.com/download/host-7.6.2.0.exe	Detect pe file that no import table

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

www.remoteutilities.com/download/host-7.6.2.0.exe

IP / ASN

104.26.8.196

#13335 CLOUDFLARENET

File Overview

File TypePE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

Size1.6 MB (1580677 bytes)

MD5a19bbe595f6aeeb3b2f1aeeca427f41e

SHA16c68adaefbb97f6a02f638e0adc6d2925e2a9c88

SHA256d7b7732ca7f7827b97006345c902df8db3b4bd1a4f4224ad2376a3552a943545

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect pe file that no import table

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET www.remoteutilities.com/download/host-7.6.2.0.exe

104.26.8.196

200 OK

1.6 MB

URL User Request GET HTTPS

www.remoteutilities.com/download/host-7.6.2.0.exe

IP / ASN

104.26.8.196

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typePE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

First Seen2025-02-04

Last Seen2025-02-04

Times Seen1

Size1.6 MB (1580677 bytes)

MD5a19bbe595f6aeeb3b2f1aeeca427f41e

SHA16c68adaefbb97f6a02f638e0adc6d2925e2a9c88

SHA256d7b7732ca7f7827b97006345c902df8db3b4bd1a4f4224ad2376a3552a943545

Certificate Info

IssuerGoogle Trust Services

Subjectremoteutilities.com

Fingerprint84:01:4A:48:95:85:A7:96:15:58:F9:C4:B6:AA:C0:A3:DC:6E:4B:9F

ValidityThu, 30 Jan 2025 18:07:40 GMT - Wed, 30 Apr 2025 19:07:32 GMT

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect pe file that no import table

HTTP Headers

GET /download/host-7.6.2.0.exe HTTP/1.1
Host: www.remoteutilities.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 04 Feb 2025 03:05:40 GMT
content-type: application/x-msdos-program
content-length: 27726680
strict-transport-security: max-age=31536000; includeSubDomains; preload;
last-modified: Wed, 16 Oct 2024 15:02:02 GMT
etag: "1a71358-624995a30ae80"
x-content-type-options: nosniff
x-frame-options: sameorigin
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NOYvSIVOV6cS3ky4R8quWrZa6Vh3hIV1qSdVWohQbiYQwPvWvwbC%2FmqYaaSp8axLpO0%2BE2uH2C6PnwBSjLRQSkKdBZ1FLqHpecydECg0l8wvQPBl1ZhR5lAGEze3RfRAF6pSXKMQRfYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90c770bc8b1656b4-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=6814&min_rtt=733&rtt_var=12052&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3298&recv_bytes=1284&delivery_rate=5708278&cwnd=254&unsent_bytes=0&cid=80cf5a5aa43f555d&ts=172&x=0"
X-Firefox-Spdy: h2